Title

Poster: Understanding The Hidden Cost Of Software Vulnerabilities: Measurements And Predictions

Keywords

NVD; Prediction; Vulnerability Economics

Abstract

In this work, we study the hidden cost of software vulnerabilities reported in the National Vulnerability Database (NVD) through stock price analysis. We perform a high-fidelity data augmentation to ensure data reliability for estimating vulnerability disclosure dates as a baseline for assessing software vulnerabilities' implication. We further build a model for stock price prediction using the NARX Neural Network model to estimate the effect of vulnerability disclosure on the stock price. Compared to prior work, which relies on linear regression models, our approach is shown to provide better accuracy. Our analysis shows that the effect of vulnerabilities on vendors varies, and greatly depends on the specific industry.

Publication Date

5-29-2018

Publication Title

ASIACCS 2018 - Proceedings of the 2018 ACM Asia Conference on Computer and Communications Security

Number of Pages

793-795

Document Type

Article; Proceedings Paper

Personal Identifier

scopus

DOI Link

https://doi.org/10.1145/3196494.3201580

Socpus ID

85049155661 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/85049155661

This document is currently not available here.

Share

COinS