CVE Based Classification of Vulnerable IoT Systems
Grzegorz J. Blinowski , Paweł Piotrowski
AbstractCommon Vulnerabilities and Exposures database (CVE) is one of the largest publicly available source of software and hardware vulnerability data and reports. In this work we analyze the CVE database in the context of IoT device and system vulnerabilities. We introduce a real-world based classification of IoT systems. Then, we employ a SVM algorithm on selected subset of CVE database to classify “new” vulnerability records in this framework. The subset of interest consists of records that describe vulnerabilities of potential IoT devices of different applications, such as: home, industry, mobile controllers, networking, etc. The purpose of the classification is to develop and test an automatic system for recognition of vulnerable IoT devices and to test completes, sufficiency and reliability of CVE data in this respect.
|Publication size in sheets||0.55|
|Book||Zamojski Wojciech, Mazurkiewicz Jacek, Sugier Jarosław, Walkowiak Tomasz, Kacprzyk Janusz (eds.): Theory and Applications of Dependable Computer Systems. Proceedings of the Fifteenth International Conference on Dependability of Computer Systems DepCoS-RELCOMEX, Advances in Intelligent Systems and Computing, vol. 1173, 2020, Cham, Springer, ISBN 978-3-030-48255-8, [978-3-030-48256-5], 713 p., DOI:10.1007/978-3-030-48256-5|
|Score||= 40.0, 15-07-2020, ChapterFromConference|
|Publication indicators||= 0|
* presented citation count is obtained through Internet information analysis and it is close to the number calculated by the Publish or Perish system.