Authors: MingJian Tang; Mamoun Alazab; Yuxiu Luo; Matthew Donlon
Addresses: Digital Protection Group, Commonwealth Bank of Australia, NSW 2000, Australia ' School of Engineering and IT, Charles Darwin University, Darwin, Northern Territory, 0909, Australia ' Department of Computing and Information Systems, The University of Melbourne, VIC 3010, Australia ' Digital Protection Group, Commonwealth Bank of Australia, NSW 2000, Australia
Abstract: Cybercriminal use of the internet continues to grow and poses a serious threat to individuals, businesses and governments. Software vulnerabilities represent a main cause of cybersecurity problems. Every day security engineers deal with a flow of cyber security incidents that are increasing. Effective management of software vulnerabilities is imperative for modern organisations regardless of their size. However, the vulnerability management processes tend to be more reactive in nature; relying on the publication of vulnerabilities, creation of signatures, and the scanning and detection process before control mitigations can be put into place. A forecasting model of the anticipated volume of future disclosures that leverages the rich historical vulnerability data will provide important insights help develop strategies for the proactive management of vulnerabilities. This study is the first to discover the existence of volatility clustering in the vulnerability disclosure trend. Through our novel framework for statistically analysing long-term vulnerability disclosures between January 1999 and January 2016, the result shows that our model can predict the likelihood that software contains yet to be discovered vulnerabilities and be exposed to future threats such as zero-day attacks. Such knowledge could be potentially an important first step in crime detection and prevention and improve security practices.
Keywords: cyber security; cybercrime; risk analysis; vulnerability disclosure; volatility; generalised autoregressive conditional heteroskedasticity; time series.
International Journal of Electronic Security and Digital Forensics, 2018 Vol.10 No.3, pp.255 - 275
Received: 24 Mar 2017
Accepted: 21 Oct 2017
Published online: 15 May 2018 *