International Journal of Computer Science & Network Security

International Journal of Computer Science & Network Security (국제컴퓨터통신보호논문지학회)
권호 표지
DOI QR코드

DOI QR Code

Modeling of a Software Vulnerability Identification Method

  • Received : 2021.09.05
  • Published : 2021.09.30
Download PDF
⟨ Previous Next ⟩

Abstract

Software vulnerabilities are becoming more and more increasing, their role is to harm the computer systems of companies, governmental organizations and agencies. The main objective of this paper is to propose a method that will cluster future software vulnerabilities that may spread. This method is developed by combining the Multiple Correspondence Analysis (MCA), the Elbow procedure and the Kmeans Algorithm. A simulation was done on a dataset of 15713 observations. This simulation allowed us to identify families of future vulnerabilities. This model was evaluated using the silhouette index.

Keywords

References

  1. Peter Mell, Karen Scarfone, et Carnegie Mellon, ≪A Complete Guide to the Common Vulnerability Scoring System Version 2.0≫, 2007. https://www.first.org/cvss/v2/guide
  2. Mike Schiffman et Cisco CIAG, ≪Guide complet du CVSS v1≫, 2005.
  3. Wikistat, ≪Analyse factorielle multiple des correspondances (AFCM)≫. 2016.Disponible sur: https://www.math.univtoulouse.fr/~besse/Wikistat/pdf/st-m-explo-afcm.pdf
  4. G.Schaffrath et al, ≪An Overview of IP Flow-Based Intrusion Detection Communications Surveys & Tutorials≫, IEEE, 2010.
  5. Zhengjie Li et al, ≪Anomaly Intrusion Detection Method Based on K-means Clustering Algorithm with Particle Swarm Optimization,≫, International Conference of Information Technology, Computer Engineering and Management Sciences, 2011.
  6. K. Kumar et al, ≪≪Identifying Network Anomalies Using Clustering Technique in Weblog Data,≫, International Journal of Computers & Technology, , vol. 2 , n° %13, juin 2012.
  7. C. Gupta, A. Sinhal, et R. Kamble, ≪Intrusion Detection based on K-Means Clustering and Ant Colony Optimization: A Survey≫, IJCA, vol. 79, n° 6, p. 30-35, oct. 2013, doi: 10.5120/13747-1555.