We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.SE

Change to browse by:

References & Citations

DBLP - CS Bibliography

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Software Engineering

Title: A Survey on Data-driven Software Vulnerability Assessment and Prioritization

Abstract: Software Vulnerabilities (SVs) are increasing in complexity and scale, posing great security risks to many software systems. Given the limited resources in practice, SV assessment and prioritization help practitioners devise optimal SV mitigation plans based on various SV characteristics. The surges in SV data sources and data-driven techniques such as Machine Learning and Deep Learning have taken SV assessment and prioritization to the next level. Our survey provides a taxonomy of the past research efforts and highlights the best practices for data-driven SV assessment and prioritization. We also discuss the current limitations and propose potential solutions to address such issues.
Comments: Accepted for publication in the ACM Computing Surveys journal (CSUR), 2022
Subjects: Software Engineering (cs.SE); Artificial Intelligence (cs.AI); Cryptography and Security (cs.CR); Machine Learning (cs.LG)
Cite as: arXiv:2107.08364 [cs.SE]
  (or arXiv:2107.08364v4 [cs.SE] for this version)

Submission history

From: Triet Le [view email]
[v1] Sun, 18 Jul 2021 04:49:22 GMT (220kb,D)
[v2] Sun, 25 Jul 2021 05:28:28 GMT (220kb,D)
[v3] Mon, 14 Feb 2022 05:31:30 GMT (226kb,D)
[v4] Mon, 4 Apr 2022 01:23:13 GMT (227kb,D)

Link back to: arXiv, form interface, contact.