Abstract
Shortcuts in software development generate technical debt and software vulnerabilities. We propose a framework that will allow stakeholders an effective way to forecast the trend in software vulnerabilities and allow stakeholders to provide the necessary resources to reduce the attack surface and the probability of software failure. We demonstrated that our method can forecast vulnerabilities in several open-source projects, and seasonality in daily, monthly, and yearly total vulnerabilities. Our preliminary results indicate that we can use forecasting methods up to 90 days out with accuracy. In this paper, we present our technique, methodology of preparation of inputs for the proposed artificial intelligence model, and the results of analysis of three open source projects.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Cunningham, W.: The WyCash portfolio management system. ACM SIGPLAN OOPS Messenger 4(2), 29–30 (1993). https://doi.org/10.1145/157710.157715
Campos, M., Silva, O., Valente, M.T., Terra, R.: Does technical debt lead to the rejection of pull requests? In: Brazilian Symposium on Information Systems (SBSI), pp. 1–7 (2016). https://arxiv.org/pdf/1604.01450.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Shrove, M.T., Jovanov, E. (2021). Is There a Prophet Who Can Predict Software Vulnerabilities?. In: Choo, KK.R., Morris, T., Peterson, G.L., Imsand, E. (eds) National Cyber Summit (NCS) Research Track 2020. NCS 2020. Advances in Intelligent Systems and Computing, vol 1271. Springer, Cham. https://doi.org/10.1007/978-3-030-58703-1_17
Download citation
DOI: https://doi.org/10.1007/978-3-030-58703-1_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-58702-4
Online ISBN: 978-3-030-58703-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)