Learning-based Analysis on the Exploitability of Security Vulnerabilities

Author

Adam BlissFollow

Date of Graduation

12-2018

Document Type

Thesis

Degree Name

Bachelor of Science

Degree Level

Undergraduate

Department

Computer Science and Computer Engineering

Advisor/Mentor

Li, Qinghua

Committee Member/Reader

Patitz, Matthew

Committee Member/Second Reader

Thompson, Dale

Abstract

The purpose of this thesis is to develop a tool that uses machine learning techniques to make predictions about whether or not a given vulnerability will be exploited. Such a tool could help organizations such as electric utilities to prioritize their security patching operations. Three different models, based on a deep neural network, a random forest, and a support vector machine respectively, are designed and implemented. Training data for these models is compiled from a variety of sources, including the National Vulnerability Database published by NIST and the Exploit Database published by Offensive Security. Extensive experiments are conducted, including testing the accuracy of each model, dynamically training the models on a rolling window of training data, and filtering the training data by various features. Of the chosen models, the deep neural network and the support vector machine show the highest accuracy (approximately 94% and 93%, respectively), and could be developed by future researchers into an effective tool for vulnerability analysis.

Keywords

vulnerability, exploit, machine learning, deep neural network, random forest, support vector machine

Citation

Bliss, A. (2018). Learning-based Analysis on the Exploitability of Security Vulnerabilities. Computer Science and Computer Engineering Undergraduate Honors Theses Retrieved from https://scholarworks.uark.edu/csceuht/61