CVE Based Classification of Vulnerable IoT Systems

Grzegorz J. Blinowski , Paweł Piotrowski

Abstract

Common Vulnerabilities and Exposures database (CVE) is one of the largest publicly available source of software and hardware vulnerability data and reports. In this work we analyze the CVE database in the context of IoT device and system vulnerabilities. We introduce a real-world based classification of IoT systems. Then, we employ a SVM algorithm on selected subset of CVE database to classify “new” vulnerability records in this framework. The subset of interest consists of records that describe vulnerabilities of potential IoT devices of different applications, such as: home, industry, mobile controllers, networking, etc. The purpose of the classification is to develop and test an automatic system for recognition of vulnerable IoT devices and to test completes, sufficiency and reliability of CVE data in this respect.
Author Grzegorz J. Blinowski (FEIT / IN)
Grzegorz J. Blinowski,,
- The Institute of Computer Science
, Paweł Piotrowski (FEIT / ICS)
Paweł Piotrowski,,
- The Institute of Computer Science
Pages82-93
Publication size in sheets0.55
Book Zamojski Wojciech, Mazurkiewicz Jacek, Sugier Jarosław, Walkowiak Tomasz, Kacprzyk Janusz (eds.): Theory and Applications of Dependable Computer Systems. Proceedings of the Fifteenth International Conference on Dependability of Computer Systems DepCoS-RELCOMEX, Advances in Intelligent Systems and Computing, vol. 1173, 2020, Cham, Springer, ISBN 978-3-030-48255-8, [978-3-030-48256-5], 713 p., DOI:10.1007/978-3-030-48256-5
DOIDOI:10.1007/978-3-030-48256-5_9
URL https://link.springer.com/chapter/10.1007/978-3-030-48256-5_9
Languageen angielski
Score (nominal)40
Score sourceconferenceList
ScoreMinisterial score = 40.0, 15-07-2020, ChapterFromConference
Publication indicators Scopus Citations = 0
Citation count*
Cite
Share Share

Get link to the record


* presented citation count is obtained through Internet information analysis and it is close to the number calculated by the Publish or Perish system.
Back
Confirmation
Are you sure?