A Survey on Data-driven Software Vulnerability Assessment and Prioritization

被引:14
|
作者
Le, Triet H. M. [1 ]
Chen, Huaming [1 ]
Babar, M. Ali [1 ,2 ]
机构
[1] Univ Adelaide, CREST Ctr Res Engn Software Technol, Adelaide, SA, Australia
[2] Cyber Secur Cooperat Res Ctr, Joondalup, Australia
来源
ACM COMPUTING SURVEYS | 2023年 / 55卷 / 05期
关键词
Software vulnerability; Vulnerability assessment and prioritization; NEURAL-NETWORKS; SEVERITY; CLASSIFICATION; FRAMEWORK; PATTERNS; TIME;
D O I
10.1145/3529757
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Software Vulnerabilities (SVs) are increasing in complexity and scale, posing great security risks to many software systems. Given the limited resources in practice, SV assessment and prioritization help practitioners devise optimal SV mitigation plans based on various SV characteristics. The surges in SV data sources and data-driven techniques such as Machine Learning and Deep Learning have taken SV assessment and prioritization to the next level. Our survey provides a taxonomy of the past research efforts and highlights the best practices for data-driven SV assessment and prioritization. We also discuss the current limitations and propose potential solutions to address such issues.
引用
下载
收藏
页数:39
相关论文
共 50 条
  • [21] Data-Driven Software Architecture for Analyzing Confidentiality
    Seifermann, Stephan
    Heinrich, Robert
    Reussner, Ralf
    2019 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE ARCHITECTURE (ICSA), 2019, : 1 - 10
  • [22] Data-driven Software Security: Models and Methods
    Erlingsson, Ulfar
    2016 IEEE 29TH COMPUTER SECURITY FOUNDATIONS SYMPOSIUM (CSF 2016), 2016, : 9 - 15
  • [23] A Data-Driven Model for Software Reliability Prediction
    Lo, Jung-Hua
    2012 IEEE INTERNATIONAL CONFERENCE ON GRANULAR COMPUTING (GRC 2012), 2012, : 326 - 331
  • [24] Data-driven manufacturing sustainability assessment
    Zhang X.
    Chen J.
    Wang Y.
    Zhang H.
    Jiang Z.
    Cai W.
    Jisuanji Jicheng Zhizao Xitong/Computer Integrated Manufacturing Systems, CIMS, 2022, 28 (08): : 2329 - 2342
  • [25] Data-Driven Intelligent Transportation Systems: A Survey
    Zhang, Junping
    Wang, Fei-Yue
    Wang, Kunfeng
    Lin, Wei-Hua
    Xu, Xin
    Chen, Cheng
    IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS, 2011, 12 (04) : 1624 - 1639
  • [26] A Survey on Data-driven Network Intrusion Detection
    Chou, Dylan
    Jiang, Meng
    ACM COMPUTING SURVEYS, 2022, 54 (09)
  • [27] Data-Driven Sentence Simplification: Survey and Benchmark
    Alva-Manchego, Fernando
    Scarton, Carolina
    Specia, Lucia
    COMPUTATIONAL LINGUISTICS, 2020, 46 (01) : 135 - 187
  • [28] Data-driven personalisation of television content: a survey
    Nixon, Lyndon
    Foss, Jeremy
    Apostolidis, Konstantinos
    Mezaris, Vasileios
    MULTIMEDIA SYSTEMS, 2022, 28 (06) : 2193 - 2225
  • [29] Data-Driven Grasp Synthesis-A Survey
    Bohg, Jeannette
    Morales, Antonio
    Asfour, Tamim
    Kragic, Danica
    IEEE TRANSACTIONS ON ROBOTICS, 2014, 30 (02) : 289 - 309
  • [30] Data-driven simulation in fluids animation: A survey
    Chen Q.
    Wang Y.
    Wang H.
    Yang X.
    Virtual Reality and Intelligent Hardware, 2021, 3 (02): : 87 - 104
12345