Software vulnerability analysis and discovery using machine-learning and data-mining techniques: A survey
SM Ghaffarian, HR Shahriari - ACM computing surveys (CSUR), 2017 - dl.acm.org
Software security vulnerabilities are one of the critical issues in the realm of computer
security. Due to their potential high severity impacts, many different approaches have been …
security. Due to their potential high severity impacts, many different approaches have been …
Architecture and security of SCADA systems: A review
Pipeline bursting, production lines shut down, frenzy traffic, trains confrontation, the nuclear
reactor shut down, disrupted electric supply, interrupted oxygen supply in ICU–these …
reactor shut down, disrupted electric supply, interrupted oxygen supply in ICU–these …
A survey on systems security metrics
M Pendleton, R Garcia-Lebron, JH Cho… - ACM Computing Surveys …, 2016 - dl.acm.org
Security metrics have received significant attention. However, they have not been
systematically explored based on the understanding of attack-defense interactions, which …
systematically explored based on the understanding of attack-defense interactions, which …
IIoT cybersecurity risk modeling for SCADA systems
G Falco, C Caldera, H Shrobe - IEEE Internet of Things Journal, 2018 - ieeexplore.ieee.org
Urban critical infrastructure such as electric grids, water networks, and transportation
systems are prime targets for cyberattacks. These systems are composed of connected …
systems are prime targets for cyberattacks. These systems are composed of connected …
The attack of the clones: A study of the impact of shared code on vulnerability patching
Vulnerability exploits remain an important mechanism for malware delivery, despite efforts to
speed up the creation of patches and improvements in software updating mechanisms …
speed up the creation of patches and improvements in software updating mechanisms …
Security events and vulnerability data for cybersecurity risk estimation
L Allodi, F Massacci - Risk Analysis, 2017 - Wiley Online Library
Current industry standards for estimating cybersecurity risk are based on qualitative risk
matrices as opposed to quantitative risk estimates. In contrast, risk assessment in most other …
matrices as opposed to quantitative risk estimates. In contrast, risk assessment in most other …
Tales of software updates: The process of updating software
Updates alter the way software functions by fixing bugs, changing features, and modifying
the user interface. Sometimes changes are welcome, even anticipated, and sometimes they …
the user interface. Sometimes changes are welcome, even anticipated, and sometimes they …
Economic factors of vulnerability trade and exploitation
L Allodi - Proceedings of the 2017 ACM SIGSAC conference on …, 2017 - dl.acm.org
Cybercrime markets support the development and diffusion of new attack technologies,
vulnerability exploits, and malware. Whereas the revenue streams of cyber attackers have …
vulnerability exploits, and malware. Whereas the revenue streams of cyber attackers have …
Riskteller: Predicting the risk of cyber incidents
L Bilge, Y Han, M Dell'Amico - Proceedings of the 2017 ACM SIGSAC …, 2017 - dl.acm.org
The current evolution of the cyber-threat ecosystem shows that no system can be considered
invulnerable. It is therefore important to quantify the risk level within a system and devise risk …
invulnerable. It is therefore important to quantify the risk level within a system and devise risk …
FastEmbed: Predicting vulnerability exploitation possibility based on ensemble machine learning algorithm
In recent years, the number of vulnerabilities discovered and publicly disclosed has shown a
sharp upward trend. However, the value of exploitation of vulnerabilities varies for attackers …
sharp upward trend. However, the value of exploitation of vulnerabilities varies for attackers …