Prediction of Software Vulnerabilities Using Random Forest Regressor

Abstract

The launch of new software technologies with new features helps the developer in software development but it can be prone to vulnerabilities. Software vulnerabilities are still a critical issue for software security as they can negatively impact the organization and the end user. To mitigate this problem, various techniques have been adopted, machine learning is one of them. The main objective of this paper is to predict the severity of software vulnerabilities using a random forest regressor algorithm. To evaluate the performance, two other machine learning algorithms are also implemented for the same task. A dataset of the National Vulnerabilities database is used for the present work. The efficacy of the models has been evaluated and compared using four different performance metrics namely mean absolute error, mean square error, root mean square error, and R2 score. Random forest regressor performed the best out of the applied machine learning algorithms with a root mean square error of 0.01945.