Abstract
Protecting an organization’s intellectual property, financial secrets, and performance is crucial because it is sensitive data that if compromised could be catastrophic to the organization in question. As a result of the growing economy, organizations of scale have a significant portion of their infrastructure over technology which makes the organization vulnerable. The security teams of such organizations work to patch such vulnerabilities as they come across them but may spend a significant amount of organization resources fixing vulnerabilities that may not be exploited. After conducting our own research on the existing methods to prioritize vulnerabilities that have a higher probability of being exploited, we found that machine learning can be used to make the process of vulnerability prioritization efficient. This paper discusses our research on using machine learning for vulnerability prioritization and the different machine learning algorithms that can be of use for the same. This paper also discusses our approach on creating a system for vulnerability prioritization in an organization.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Farooq HM, Otaibi NM (2018) Optimal machine learning algorithms for cyber threat detection. In: 2018 UKSim AMSS 20th international conference on modelling and simulation. IEEE
Alperin KB, Wollaber AB, Gomez SR (2020) Improving interpretability for cyber vulnerability assessment using focus and context visualizations. In: 2020 IEEE symposium on visualization for cyber security (VizSec), IEEE, pp 30–39
Alenezi F, Tsokos CP (2020) Machine learning approach to predict computer operating systems vulnerabilities. In: 2020 3rd International conference on computer applications and information security (ICCAIS), IEEE, pp 1–6
Spring JM, Galyardt A, Householder AD, VanHoudnos N (2020) On managing vulnerabilities in AI/ML systems. New Secur Paradigms Workshop 2020:111–126
Edkrantz MICHEL (2015) Predicting exploit likelihood for cyber vulnerabilities with machine learning. Master’s thesis
Aota, Masaki, Hideaki Kanehara, Masaki Kubo, Noboru Murata, Bo Sun, and Takeshi Takahashi. “Automation of Vulnerability Classification from its Description using Machine Learning.“ In 2020 IEEE Symposium on Computers and Communications (ISCC), pp. 1–7. IEEE, 2020.
Khazaei A, Ghasemzadeh M, Derhami V (2016) An automatic method for CVSS score prediction using vulnerabilities description. J Intell Fuzzy Syst 30(1):89–96
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Prashant Shah, D., Munesh Patel, S., Vinay Tailor, J., Rajiv Kumar Bhagat, S., Nanade, A. (2023). Context-Based Vulnerability Risk Scoring and Prioritization. In: Gupta, D., Khanna, A., Bhattacharyya, S., Hassanien, A.E., Anand, S., Jaiswal, A. (eds) International Conference on Innovative Computing and Communications. Lecture Notes in Networks and Systems, vol 473. Springer, Singapore. https://doi.org/10.1007/978-981-19-2821-5_58
Download citation
DOI: https://doi.org/10.1007/978-981-19-2821-5_58
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-2820-8
Online ISBN: 978-981-19-2821-5
eBook Packages: EngineeringEngineering (R0)