VEST: A system for vulnerability exploit scoring & timing

Haipeng Chen, Jing Liu, Rui Liu, Noseong Park, V. S. Subrahmanian

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Knowing if/when a cyber-vulnerability will be exploited and how severe the vulnerability is can help enterprise security officers (ESOs) come up with appropriate patching schedules. Today, this ability is severely compromised: our study of data from MITRE and NIST shows that on average there is a 132 day gap between the announcement of a vulnerability by MITRE and the time NIST provides an analysis with severity score estimates and 8 important severity attributes. Many attacks happen during this very 132-day window. We present Vulnerability Exploit Scoring & Timing (VEST), a system for (early) prediction and visualization of if/when a vulnerability will be exploited, and its estimated severity attributes and score.

Original languageEnglish
Title of host publicationProceedings of the 28th International Joint Conference on Artificial Intelligence, IJCAI 2019
EditorsSarit Kraus
PublisherInternational Joint Conferences on Artificial Intelligence
Pages6503-6505
Number of pages3
ISBN (Electronic)9780999241141
Publication statusPublished - 2019 Jan 1
Event28th International Joint Conference on Artificial Intelligence, IJCAI 2019 - Macao, China
Duration: 2019 Aug 102019 Aug 16

Publication series

NameIJCAI International Joint Conference on Artificial Intelligence
Volume2019-August
ISSN (Print)1045-0823

Conference

Conference28th International Joint Conference on Artificial Intelligence, IJCAI 2019
CountryChina
CityMacao
Period19/8/1019/8/16

    Fingerprint

All Science Journal Classification (ASJC) codes

  • Artificial Intelligence

Cite this

Chen, H., Liu, J., Liu, R., Park, N., & Subrahmanian, V. S. (2019). VEST: A system for vulnerability exploit scoring & timing. In S. Kraus (Ed.), Proceedings of the 28th International Joint Conference on Artificial Intelligence, IJCAI 2019 (pp. 6503-6505). (IJCAI International Joint Conference on Artificial Intelligence; Vol. 2019-August). International Joint Conferences on Artificial Intelligence.