English
Related papers

Related papers: Exploit Prediction Scoring System (EPSS)

200 papers

Enterprise resource planning (ERP) systems are commonly used in technical educational institutions(TEIs). ERP systems should continue providing services to its users irrespective of the level of failure. There could be many types of…

Other Computer Science · Computer Science 2015-06-11 Shivani Goel , Ravi Kiran , Deepak Garg

Assessing the exploitability of software vulnerabilities at the time of disclosure is difficult and error-prone, as features extracted via technical analysis by existing metrics are poor predictors for exploit development. Moreover,…

Cryptography and Security · Computer Science 2022-02-04 Octavian Suciu , Connor Nelson , Zhuoer Lyu , Tiffany Bao , Tudor Dumitras

Software Vulnerabilities (SVs) are increasing in complexity and scale, posing great security risks to many software systems. Given the limited resources in practice, SV assessment and prioritization help practitioners devise optimal SV…

Software Engineering · Computer Science 2023-01-09 Triet H. M. Le , Huaming Chen , M. Ali Babar

Environmental, Social, and Governance (ESG) datasets are frequently plagued by significant data gaps, leading to inconsistencies in ESG ratings due to varying imputation methods. This paper explores the application of established machine…

Machine Learning · Computer Science 2024-07-30 Sergio Caprioli , Jacopo Foschi , Riccardo Crupi , Alessandro Sabatino

We present Risk Integrated's Enterprise Spreadsheet Platform (ESP), a technical approach to the near-elimination of spreadsheet risk in the enterprise computing environment, whilst maintaining the full flexibility of spreadsheets for…

Software Engineering · Computer Science 2008-03-13 Yusuf Jafry , Fredrika Sidoroff , Roger Chi

The existence of a security vulnerability in a system does not necessarily mean that it can be exploited. In this research, we introduce Autosploit -- an automated framework for evaluating the exploitability of vulnerabilities. Given a…

Cryptography and Security · Computer Science 2020-07-02 Noam Moscovich , Ron Bitton , Yakov Mallah , Masaki Inokuchi , Tomohiko Yagyu , Meir Kalech , Yuval Elovici , Asaf Shabtai

Propensity score matching is a tool for causal inference in non-randomized studies that allows for conditioning on large sets of covariates. The use of propensity scores in the social sciences is currently experiencing a tremendous…

Applications · Statistics 2012-02-01 Felix Thoemmes

The Common Vulnerability Scoring System (CVSS) is a popular method for evaluating the severity of vulnerabilities in vulnerability management. In the evaluation process, a numeric score between 0 and 10 is calculated, 10 being the most…

Cryptography and Security · Computer Science 2024-05-09 Julia Wunder , Andreas Kurtz , Christian Eichenmüller , Freya Gassmann , Zinaida Benenson

Mainstream software applications and tools are the configurable platforms with an enormous number of parameters along with their values. Certain settings and possible interactions between these parameters may harden (or soften) the security…

Software Engineering · Computer Science 2020-06-17 Shuvalaxmi Dass , Akbar Siami Namin

Identifying the software weaknesses exploited by attacks supports efforts to reduce developer introduction of vulnerabilities and to guide security code review efforts. A weakness is a bug or fault type that can be exploited through an…

Cryptography and Security · Computer Science 2024-05-03 Peter Mell , Irena Bojanova , Carlos Galhardo

Risk scoring systems are widely used in high-stakes domains to assist decision-making. However, existing approaches often focus on optimizing predictive accuracy or likelihood-based criteria, which may not align with the main goal of…

Machine Learning · Computer Science 2026-04-07 Wenhao Chi , Ş. İlker Birbil

Vulnerability management strategy, from both organizational and public policy perspectives, hinges on an understanding of the supply of undiscovered vulnerabilities. If the number of undiscovered vulnerabilities is small enough, then a…

Cryptography and Security · Computer Science 2023-04-20 Jonathan M Spring

Vulnerability exploitation is reportedly one of the main attack vectors against computer systems. Yet, most vulnerabilities remain unexploited by attackers. It is therefore of central importance to identify vulnerabilities that carry a high…

Cryptography and Security · Computer Science 2018-01-16 Luca Allodi , Fabio Massacci

The thesis advances the field of software security by providing knowledge and automation support for software vulnerability assessment using data-driven approaches. Software vulnerability assessment provides important and multifaceted…

Software Engineering · Computer Science 2023-06-21 Triet H. M. Le

Recent estimates report that companies lose 5% of their revenue to occupational fraud. Since most medium-sized and large companies employ Enterprise Resource Planning (ERP) systems to track vast amounts of information regarding their…

Artificial Intelligence · Computer Science 2022-07-14 Julian Tritscher , Fabian Gwinner , Daniel Schlör , Anna Krause , Andreas Hotho

Traditionally, data scientists use exploratory data analysis techniques such as correlation analysis, summary statistics, and regression analysis for identifying the most product enhancements and roadmap planning. However, these…

Applications · Statistics 2024-06-06 Adam Gajtkowski , Felipe Moraes

The System Usability Scale (SUS) is a short, survey-based approach used to determine the usability of a system from an end user perspective once a prototype is available for assessment. Individual scores are gathered using a 10-question…

Methodology · Statistics 2021-01-26 Nicholas Clark , Matthew Dabkowski , Patrick Driscoll , Dereck Kennedy , Ian Kloo , Heidy Shi

The lack of high-quality public cyber incident data limits empirical research and predictive modeling for cyber risk assessment. This challenge persists due to the reluctance of companies to disclose incidents that could damage their…

Risk Management · Quantitative Finance 2026-03-20 Jiayi Guo , Zhiyu Quan , Linfeng Zhang

The assessment of new vulnerabilities is an activity that accounts for information from several data sources and produces a `severity' score for the vulnerability. The Common Vulnerability Scoring System (\CVSS) is the reference standard…

Cryptography and Security · Computer Science 2018-03-22 Luca Allodi , Sebastian Banescu , Henning Femmer , Kristian Beckers

The devastating effects of cyber-attacks, highlight the need for novel attack detection and prevention techniques. Over the last years, considerable work has been done in the areas of attack detection as well as in collaborative defense.…

Cryptography and Security · Computer Science 2019-09-18 Vaclav Bartos , Martin Zadnik , Sheikh Mahbub Habib , Emmanouil Vasilomanolakis