English
Related papers

Related papers: Policy-Driven Vulnerability Risk Quantification fr…

200 papers

As the number of Common Vulnerabilities and Exposures (CVE) continues to grow exponentially, security teams face increasingly difficult decisions about prioritization. Current approaches using Common Vulnerability Scoring System (CVSS)…

Cryptography and Security · Computer Science 2026-03-05 Naoyuki Shimizu , Masaki Hashimoto

As interconnected systems proliferate, safeguarding complex infrastructures against an escalating array of cyber threats has become an urgent challenge. The increasing number of vulnerabilities, combined with resource constraints, makes…

Cryptography and Security · Computer Science 2025-02-18 Yuning Jiang , Nay Oo , Qiaoran Meng , Hoon Wei Lim , Biplab Sikdar

The Common Vulnerabilities and Exposures (CVE) are pivotal information for proactive cybersecurity measures, including service patching, security hardening, and more. However, CVEs typically offer low-level, product-oriented descriptions of…

Cryptography and Security · Computer Science 2023-09-07 Ehsan Aghaei , Ehab Al-Shaer , Waseem Shadid , Xi Niu

Weaknesses in computer systems such as faults, bugs and errors in the architecture, design or implementation of software provide vulnerabilities that can be exploited by attackers to compromise the security of a system. Common Weakness…

Machine Learning · Computer Science 2021-02-24 Siddhartha Shankar Das , Edoardo Serra , Mahantesh Halappanavar , Alex Pothen , Ehab Al-Shaer

Software vulnerabilities remain a critical security challenge, providing entry points for attackers into enterprise networks. Despite advances in security practices, the lack of high-quality datasets capturing diverse exploit behavior…

Cryptography and Security · Computer Science 2025-11-17 Alireza Lotfi , Charalampos Katsis , Elisa Bertino

The relentless process of tracking and remediating vulnerabilities is a top concern for cybersecurity professionals. The key challenge is trying to identify a remediation scheme specific to in-house, organizational objectives. Without a…

Cryptography and Security · Computer Science 2024-06-11 Corren McCoy , Ross Gore , Michael L. Nelson , Michele C. Weigle

Organizations struggle to handle sheer number of vulnerabilities in their cloud environments. The de facto methodology used for prioritizing vulnerabilities is to use Common Vulnerability Scoring System (CVSS). However, CVSS has inherent…

Cryptography and Security · Computer Science 2022-06-23 Muhammed Fatih Bulut , Abdulhamid Adebayo , Daby Sow , Steve Ocepek

Software vulnerabilities have been continually disclosed and documented. An important practice in documenting vulnerabilities is to describe the key vulnerability aspects, such as vulnerability type, root cause, affected product, impact,…

Software Engineering · Computer Science 2020-08-07 Hao Guo , Zhenchang Xing , Xiaohong Li

Vulnerability Detection (VD) using machine learning faces a significant challenge: the vast diversity of vulnerability types. Each Common Weakness Enumeration (CWE) represents a unique category of vulnerabilities with distinct…

Cryptography and Security · Computer Science 2024-08-06 Syafiq Al Atiiq , Christian Gehrmann , Kevin Dahlén , Karim Khalil

The Common Vulnerabilities and Exposures (CVE) represent standard means for sharing publicly known information security vulnerabilities. One or more CVEs are grouped into the Common Weakness Enumeration (CWE) classes for the purpose of…

Cryptography and Security · Computer Science 2022-04-04 Ehsan Aghaei , Waseem Shadid , Ehab Al-Shaer

Vulnerability assessment is a critical challenge in cybersecurity, particularly in industrial environments. This work presents an innovative approach by incorporating the temporal dimension into vulnerability assessment, an aspect neglected…

Cryptography and Security · Computer Science 2026-01-30 Stefano Perone , Simone Guarino , Luca Faramondi , Roberto Setola

Understanding the landscape of software vulnerabilities is key for developing effective security solutions. Fortunately, the evaluation of vulnerability databases that use a framework for communicating vulnerability attributes and their…

Cryptography and Security · Computer Science 2021-02-04 Assane Gueye , Peter Mell

Gaps between established security standards and their practical implementation have the potential to introduce vulnerabilities, possibly exposing them to security risks. To effectively address and mitigate these security and compliance…

Cryptography and Security · Computer Science 2025-07-10 Sarah Ali Siddiqui , Chandra Thapa , Derui Wang , Rayne Holland , Wei Shao , Seyit Camtepe , Hajime Suzuki , Rajiv Shah

In the highly interconnected digital landscape of today, safeguarding complex infrastructures against cyber threats has become increasingly challenging due to the exponential growth in the number and complexity of vulnerabilities. Resource…

Cryptography and Security · Computer Science 2025-02-18 Yuning Jiang , Nay Oo , Qiaoran Meng , Hoon Wei Lim , Biplab Sikdar

The lack of high-quality public cyber incident data limits empirical research and predictive modeling for cyber risk assessment. This challenge persists due to the reluctance of companies to disclose incidents that could damage their…

Risk Management · Quantitative Finance 2026-03-20 Jiayi Guo , Zhiyu Quan , Linfeng Zhang

The rapid increase in cybersecurity vulnerabilities necessitates automated tools for analyzing and classifying vulnerability reports. This paper presents a novel Vulnerability Report Classifier that leverages the BERT (Bidirectional Encoder…

Cryptography and Security · Computer Science 2025-03-28 Himanshu Tiwari

Preventing vulnerability exploits is a critical software maintenance task, and software engineers often rely on Common Vulnerability and Exposure (CVEs) reports for information about vulnerable systems and libraries. These reports include…

Software Engineering · Computer Science 2019-10-01 Danielle Gonzalez , Holly Hastings , Mehdi Mirakhorli

With the increasing use of multi-cloud environments, security professionals face challenges in configuration, management, and integration due to uneven security capabilities and features among providers. As a result, a fragmented approach…

Cryptography and Security · Computer Science 2023-07-10 Morgan Reece , Theodore Edward Lander , Matthew Stoffolano , Andy Sampson , Josiah Dykstra , Sudip Mittal , Nidhi Rastogi

Data-driven research on the automated discovery and repair of security vulnerabilities in source code requires comprehensive datasets of real-life vulnerable code and their fixes. To assist in such research, we propose a method to…

Software Engineering · Computer Science 2022-02-08 Guru Prasad Bhandari , Amara Naseer , Leon Moonen

Qualifying and ranking threat degrees of vulnerabilities in cloud service are known to be full of challenges. Although there have been several efforts aiming to address this problem, most of them are too simple or cannot be applied into…

Cryptography and Security · Computer Science 2016-12-07 He Zhu
‹ Prev 1 2 3 10 Next ›