Shortcuts in software development generate technical debt and software vulnerabilities. We propose a framework that will allow stakeholders an effective way to forecast the trend in software vulnerabilities and allow stakeholders to provide the necessary resources to reduce the attack surface and the probability of software failure. We demonstrated that our method can forecast vulnerabilities in several open-source projects, and seasonality in daily, monthly, and yearly total vulnerabilities. Our preliminary results indicate that we can use forecasting methods up to 90 days out with accuracy. In this paper, we present our technique, methodology of preparation of inputs for the proposed artificial intelligence model, and the results of analysis of three open source projects.
CITATION STYLE
Shrove, M. T., & Jovanov, E. (2021). Is There a Prophet Who Can Predict Software Vulnerabilities? In Advances in Intelligent Systems and Computing (Vol. 1271 AISC, pp. 242–243). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-58703-1_17
Mendeley helps you to discover research relevant for your work.