Related papers: CVE based classification of vulnerable IoT systems
As the number of Common Vulnerabilities and Exposures (CVE) continues to grow exponentially, security teams face increasingly difficult decisions about prioritization. Current approaches using Common Vulnerability Scoring System (CVSS)…
Data-driven research on the automated discovery and repair of security vulnerabilities in source code requires comprehensive datasets of real-life vulnerable code and their fixes. To assist in such research, we propose a method to…
The Common Vulnerabilities and Exposures (CVE) are pivotal information for proactive cybersecurity measures, including service patching, security hardening, and more. However, CVEs typically offer low-level, product-oriented descriptions of…
Internet of Things (IoT) is becoming more frequently used in more applications as the number of connected devices is in a rapid increase. More connected devices result in bigger challenges in terms of scalability, maintainability and most…
The exponential growth of the Internet of Things (IoT) ecosystem has amplified concerns regarding device reliability, interoperability, and security assurance. Despite the proliferation of IoT security guidelines, a unified and quantitative…
The Internet of Things (IoT) paradigm has displayed tremendous growth in recent years, resulting in innovations like Industry 4.0 and smart environments that provide improvements to efficiency, management of assets and facilitate…
Identifying the vulnerabilities exploited during cyberattacks is essential for enabling timely responses and effective mitigation in software security. This paper directly examines the process of predicting software vulnerabilities,…
Vulnerability Detection (VD) using machine learning faces a significant challenge: the vast diversity of vulnerability types. Each Common Weakness Enumeration (CWE) represents a unique category of vulnerabilities with distinct…
ICS environments are vital to the operation of critical infrastructure such as power grids, water treatment facilities, and manufacturing plants. However, these systems are vulnerable to cyber attacks due to their reliance on interconnected…
Software vulnerabilities have been continually disclosed and documented. An important practice in documenting vulnerabilities is to describe the key vulnerability aspects, such as vulnerability type, root cause, affected product, impact,…
Organizations struggle to handle sheer number of vulnerabilities in their cloud environments. The de facto methodology used for prioritizing vulnerabilities is to use Common Vulnerability Scoring System (CVSS). However, CVSS has inherent…
Internet of Things (IoT) is transforming human lives by paving the way for the management of physical devices on the edge. These interconnected IoT objects share data for remote accessibility and can be vulnerable to open attacks and…
The Common Vulnerabilities and Exposures (CVEs) system is a reference method for documenting publicly known information security weaknesses and exposures. This paper presents a study of the lifetime of CVEs in software projects and the risk…
The Internet of Things (IoT) is an extension of the traditional Internet, which allows a very large number of smart devices, such as home appliances, network cameras, sensors and controllers to connect to one another to share information…
Internet of Things (IoT) is the next big evolutionary step in the world of internet. The main intention behind the IoT is to enable safer living and risk mitigation on different levels of life. With the advent of IoT botnets, the view…
The rapid increase in cybersecurity vulnerabilities necessitates automated tools for analyzing and classifying vulnerability reports. This paper presents a novel Vulnerability Report Classifier that leverages the BERT (Bidirectional Encoder…
Since IoT systems provide services over the Internet, they must continue to operate safely even if malicious users attack them. Since the computational resources of edge devices connected to the IoT are limited, lightweight platforms and…
The Internet of Things (IoT) presents unique cybersecurity challenges due to its interconnected nature and diverse application domains. This paper explores the application of Cyber Value-at-Risk (Cy-VaR) models to assess and mitigate…
Cyber-security vulnerabilities are usually published in form of short natural language descriptions (e.g., in form of MITRE's CVE list) that over time are further manually enriched with labels such as those defined by the Common…
Timely identification of issue reports reflecting software vulnerabilities is crucial, particularly for Internet-of-Things (IoT) where analysis is slower than non-IoT systems. While Machine Learning (ML) and Large Language Models (LLMs)…