CVE Based Classification of Vulnerable IoT Systems
Authors:
- Grzegorz J. Blinowski,
- Paweł Piotrowski
Abstract
Common Vulnerabilities and Exposures database (CVE) is one of the largest publicly available source of software and hardware vulnerability data and reports. In this work we analyze the CVE database in the context of IoT device and system vulnerabilities. We introduce a real-world based classification of IoT systems. Then, we employ a SVM algorithm on selected subset of CVE database to classify “new” vulnerability records in this framework. The subset of interest consists of records that describe vulnerabilities of potential IoT devices of different applications, such as: home, industry, mobile controllers, networking, etc. The purpose of the classification is to develop and test an automatic system for recognition of vulnerable IoT devices and to test completes, sufficiency and reliability of CVE data in this respect.
- Record ID
- WUT8c78f69c68144882a0c73e03dec70fcf
- Author
- Pages
- 82-93
- Publication size in sheets
- 0.55
- Book
- Zamojski Wojciech, Wojciech Zamojski Mazurkiewicz Jacek, Jacek Mazurkiewicz Sugier Jarosław Jarosław Sugier [et al.] (eds.): Theory and Applications of Dependable Computer Systems. Proceedings of the Fifteenth International Conference on Dependability of Computer Systems DepCoS-RELCOMEX, Advances in Intelligent Systems and Computing, vol. 1173, 2020, Cham, Springer, 713 p., ISBN 978-3-030-48255-8. DOI:10.1007/978-3-030-48256-5 Opening in a new tab
- DOI
- DOI:10.1007/978-3-030-48256-5_9 Opening in a new tab
- URL
- https://link.springer.com/chapter/10.1007/978-3-030-48256-5_9 Opening in a new tab
- Language
- (en) English
- Score (nominal)
- 40
- Score source
- conferenceList
- Score
- = 40.0, 06-05-2022, ChapterFromConference
- Publication indicators
- = 6
- Uniform Resource Identifier
- https://repo.pw.edu.pl/info/article/WUT8c78f69c68144882a0c73e03dec70fcf/
- URN
urn:pw-repo:WUT8c78f69c68144882a0c73e03dec70fcf
* presented citation count is obtained through Internet information analysis and it is close to the number calculated by the Publish or PerishOpening in a new tab system.