Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ISSRE
2010
IEEE
2010
IEEE
Security Trend Analysis with CVE Topic Models
—We study the vulnerability reports in the Common Vulnerability and Exposures (CVE) database by using topic models on their description texts to find prevalent vulnerability types and new trends semi-automatically. In our study of the 39,393 unique CVEs until the end of 2009, we identify the following trends, given here in the form of a weather forecast: PHP: declining, with occasional SQL injection. Buffer Overflows: flattening out after decline. Format Strings: in steep decline. SQL Injection and XSS: remaining strong, and rising. Cross-Site Request Forgery: a sleeping giant perhaps, stirring. Application Servers: rising steeply. Keywords-security; trends; machine learning
Real-time TrafficISSRE 2010 | Occasional Sql Injection | Prevalent Vulnerability Types | Software Engineering | SQL Injection |
Related Content
| Added | 28 Jan 2011 |
| Updated | 28 Jan 2011 |
| Type | Journal |
| Year | 2010 |
| Where | ISSRE |
| Authors | Stephan Neuhaus, Thomas Zimmermann |
Comments (0)
Researcher Info
|
