Skip to main content
Conference ProceedingsOPEN ACCESS

VEST: A system for vulnerability exploit scoring & timing

IJCAI International Joint Conference on Artificial Intelligence (2019) 2019-August 6503-6505
DOI: 10.24963/ijcai.2019/937
21Citations
Citations of this article
28Readers
Mendeley users who have this article in their library.

Abstract

Knowing if/when a cyber-vulnerability will be exploited and how severe the vulnerability is can help enterprise security officers (ESOs) come up with appropriate patching schedules. Today, this ability is severely compromised: our study of data from MITRE and NIST shows that on average there is a 132 day gap between the announcement of a vulnerability by MITRE and the time NIST provides an analysis with severity score estimates and 8 important severity attributes. Many attacks happen during this very 132-day window. We present Vulnerability Exploit Scoring & Timing (VEST), a system for (early) prediction and visualization of if/when a vulnerability will be exploited, and its estimated severity attributes and score.

Cite

CITATION STYLE

APA

Chen, H., Liu, J., Liu, R., Park, N., & Subrahmanian, V. S. (2019). VEST: A system for vulnerability exploit scoring & timing. In IJCAI International Joint Conference on Artificial Intelligence (Vol. 2019-August, pp. 6503–6505). International Joint Conferences on Artificial Intelligence. https://doi.org/10.24963/ijcai.2019/937

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free