Skip to main content
SpringerLink
Log in
Book cover

International Conference on Broadband and Wireless Computing, Communication and Applications

BWCCA 2016: Advances on Broad-Band Wireless Computing, Communication and Applications pp 657–662Cite as

A Study on the Classification of Common Vulnerabilities and Exposures using Naïve Bayes

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes on Data Engineering and Communications Technologies ((LNDECT,volume 2))

Abstract

National Vulnerability Database (NVD) provides publicly known security vulnerabilities called Common Vulnerabilities and Exposures (CVE). There are a number of CVE entries, although, some of them cannot provide sufficient information, such as vulnerability type. In this paper, we propose a classification method of categorizing CVE entries into vulnerability type using naïve Bayes classifier. The classification ability of the method is evaluated by a set of testing data. We can analyze CVE entries that are not yet classified as well as uncategorized vulnerability documents.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Durumeric, Z., Adrian, D., Mirian, A., Bailey, M., Halderman, J.A.: A search engine backed by Internet-wide scanning. In: SIGSAC Conference on Computer and Communications Security (CCS’15), pp. 542-553. (2015)

    Google Scholar 

  2. National Vulnerability Database, https://nvd.nist.gov/.

  3. Genge, B., Enăchescu, C.: ShoVAT, Shodan-based vulnerability assessment tool for Internet-facing services. In: Security and Communication Networks, pp. 1-19. (2015)

    Google Scholar 

  4. Shodan, https://www.shodan.io/.

  5. Chang, Y.Y., Zavarsky, P., Ruhl, R., Lindskog, D.: Trend analysis of the CVE for software vulnerability management. In: IEEE International Conference on Privacy, Security, Risk, and Trust (PASSAT) and IEEE International Conference on Social Computing (SocialCom), pp. 1290-1293. (2011)

    Google Scholar 

  6. Neuhaus, S., Zimmermann, T.: Security trend analysis with CVE topic models. In: IEEE International Symposium on Software Reliability Engineering, pp. 111-120. (2010)

    Google Scholar 

  7. Guo, M., Wang, J.A.: An ontology-based approach to model common vulnerabilities and exposures in information security. In: American Society for Engineering Education (ASEE) Southeastern Section Conference. (2009)

    Google Scholar 

  8. Li, Z., Tan, L., Wang, X., Lu, S., Zhou, Y., Zhai, C.: Have things changed now?: An empirical study of bug characteristics in modern open source software. In: Workshop on Architectural and System Support for Improving Software Dependability (ASID), pp. 25-33. (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Security R&D Team 2, Korea Internet & Security Agency, Seoul, Republic of Korea

    Sarang Na, Taeeun Kim & Hwankuk Kim

Authors
  1. Sarang Na
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Taeeun Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hwankuk Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sarang Na .

Editor information

Editors and Affiliations

  1. Fukuoka Institute of Technology , Fukuoka, Japan

    Leonard Barolli

  2. Campus Nord,Ed. Omega (Room 109), Technical University of Catalonia Campus Nord,Ed. Omega (Room 109), Barcelona, Spain

    Fatos Xhafa

  3. Department of Information Security Engin, Soonchunhyang University Department of Information Security Engin, Asan-si, Korea (Republic of)

    Kangbin Yim

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Na, S., Kim, T., Kim, H. (2017). A Study on the Classification of Common Vulnerabilities and Exposures using Naïve Bayes. In: Barolli, L., Xhafa, F., Yim, K. (eds) Advances on Broad-Band Wireless Computing, Communication and Applications. BWCCA 2016. Lecture Notes on Data Engineering and Communications Technologies, vol 2. Springer, Cham. https://doi.org/10.1007/978-3-319-49106-6_65

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-49106-6_65

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-49105-9

  • Online ISBN: 978-3-319-49106-6

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation