Is There a Prophet Who Can Predict Software Vulnerabilities?

Shrove, Michael T.; Jovanov, Emil

doi:10.1007/978-3-030-58703-1_17

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1271))

Included in the following conference series:

National Cyber Summit

363 Accesses

Abstract

Shortcuts in software development generate technical debt and software vulnerabilities. We propose a framework that will allow stakeholders an effective way to forecast the trend in software vulnerabilities and allow stakeholders to provide the necessary resources to reduce the attack surface and the probability of software failure. We demonstrated that our method can forecast vulnerabilities in several open-source projects, and seasonality in daily, monthly, and yearly total vulnerabilities. Our preliminary results indicate that we can use forecasting methods up to 90 days out with accuracy. In this paper, we present our technique, methodology of preparation of inputs for the proposed artificial intelligence model, and the results of analysis of three open source projects.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Cunningham, W.: The WyCash portfolio management system. ACM SIGPLAN OOPS Messenger 4(2), 29–30 (1993). https://doi.org/10.1145/157710.157715
Article Google Scholar
Campos, M., Silva, O., Valente, M.T., Terra, R.: Does technical debt lead to the rejection of pull requests? In: Brazilian Symposium on Information Systems (SBSI), pp. 1–7 (2016). https://arxiv.org/pdf/1604.01450.pdf

Download references

Author information

Authors and Affiliations

Millennium Corporation, 340 The Bridge Street Suite 212, Huntsville, AL, 35806, USA
Michael T. Shrove
University of Alabama Huntsville, 301 Sparkman Drive, Huntsville, AL, 35899, USA
Emil Jovanov

Authors

Michael T. Shrove
View author publications
You can also search for this author in PubMed Google Scholar
Emil Jovanov
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Michael T. Shrove .

Editor information

Editors and Affiliations

Department of Information Systems, The University of Texas at San Antonio, San Antonio, TX, USA
Kim-Kwang Raymond Choo
University of Alabama in Huntsville, Huntsville, AL, USA
Tommy Morris
Air Force Institute of Technology, Wright-Patterson AFB, OH, USA
Gilbert L. Peterson
University of Alabama in Huntsville, Decatur, AL, USA
Eric Imsand

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Shrove, M.T., Jovanov, E. (2021). Is There a Prophet Who Can Predict Software Vulnerabilities?. In: Choo, KK.R., Morris, T., Peterson, G.L., Imsand, E. (eds) National Cyber Summit (NCS) Research Track 2020. NCS 2020. Advances in Intelligent Systems and Computing, vol 1271. Springer, Cham. https://doi.org/10.1007/978-3-030-58703-1_17

Download citation

DOI: https://doi.org/10.1007/978-3-030-58703-1_17
Published: 09 September 2020
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-58702-4
Online ISBN: 978-3-030-58703-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)

Publish with us

Policies and ethics