A Survey on Data-driven Software Vulnerability Assessment and Prioritization

Authors: Triet H. M. Le, Huaming Chen, M. Ali Babar
Published: 2021-07-18 | Updated: 2022-04-04

Source: https://arxiv.org/abs/2107.08364

PDF: https://arxiv.org/pdf/2107.08364

Labels Predicted by AI

データ駆動型脆弱性評価 マルチクラス分類 脆弱性評価手法

Please note that these labels were automatically added by AI. Therefore, they may not be entirely accurate.
For more details, please see the About the Literature Database page.

Abstract

Software Vulnerabilities (SVs) are increasing in complexity and scale, posing great security risks to many software systems. Given the limited resources in practice, SV assessment and prioritization help practitioners devise optimal SV mitigation plans based on various SV characteristics. The surges in SV data sources and data-driven techniques such as Machine Learning and Deep Learning have taken SV assessment and prioritization to the next level. Our survey provides a taxonomy of the past research efforts and highlights the best practices for data-driven SV assessment and prioritization. We also discuss the current limitations and propose potential solutions to address such issues.