Security Trend Analysis with CVE Topic Models

@article{Neuhaus2010SecurityTA,
  title={Security Trend Analysis with CVE Topic Models},
  author={Stephan Neuhaus and Thomas Zimmermann},
  journal={2010 IEEE 21st International Symposium on Software Reliability Engineering},
  year={2010},
  pages={111-120}
}
We study the vulnerability reports in the Common Vulnerability and Exposures (CVE) database by using topic models on their description texts to find prevalent vulnerability types and new trends semi-automatically. In our study of the 39,393 unique CVEs until the end of 2009, we identify the following trends, given here in the form of a weather forecast: PHP: declining, with occasional SQL injection. Buffer Overflows: flattening out after decline. Format Strings: in steep decline. SQL Injection… CONTINUE READING
Highly Cited
This paper has 64 citations. REVIEW CITATIONS

Citations

Publications citing this paper.
Showing 1-10 of 45 extracted citations

65 Citations

051015'12'14'16'18
Citations per Year
Semantic Scholar estimates that this publication has 65 citations based on the available data.

See our FAQ for additional information.

References

Publications referenced by this paper.
Showing 1-10 of 15 references

Vulnerability type distributions in CVE

  • S. M. Christey, R. A. Martin
  • http://cwe.mitre.org/documents/vuln-trends/ index…
  • 2007
Highly Influential
12 Excerpts

Coverity scan open source report 2009

  • Coverity, Inc.
  • Coverity, Inc., Tech. Rep., 2009.
  • 2009
1 Excerpt

Microsoft security intelligence report volume 7: January through June 2009

  • R. Boscovich
  • Microsoft, Inc., Tech. Rep., 2009.
  • 2009
1 Excerpt

Risk: The consensus security alert

  • SANS
  • http://www. sans.org/newsletters/risk/, September…
  • 2009
1 Excerpt

Similar Papers

Loading similar papers…