UC San Diego
A machine learning framework for classifying invulnerabilites [sic] and predicting exploitability
- Author(s): Bozorgi, Mehran
- et al.
Vulnerabilities are flaws in software that open avenues of attack for operations that are not initially intended to be performed. Exploits are means that attackers develop to take advantage of vulnerabilities. Many vulnerabilities are publicly documented on the web in databases such as OSVDB and CVE. Due to large number of vulnerabilities and limited resources available to software companies, it is critical to be able to measure the severity of vulnerabilities to schedule fixes for them accordingly. In this research, we introduce a machine learning framework for classifying vulnerabilities and predicting exploitability. We examine vulnerabilities available on the web, extract features from them, and build a classifier that predicts whether a given vulnerability will be exploited, and if so, how far in the future it will be exploited. Moreover, we introduce a new system for scoring the severity of vulnerabilities. We use Support Vector Machines (SVMs) to build our classifier due to the nature of the problem. We find that our classifier achieves high accuracy, is stable over time, and is extensible to other prediction scenarios.