当前位置: X-MOL 学术Sustain. Comput. Inform. Syst. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Time series forecast modeling of vulnerabilities in the android operating system using ARIMA and deep learning methods
Sustainable Computing: Informatics and Systems ( IF 3.8 ) Pub Date : 2021-01-14 , DOI: 10.1016/j.suscom.2021.100515
Kerem Gencer , Fatih Başçiftçi

Security vulnerability prediction models allow estimation of the number of potential vulnerabilities and evaluation of the risks caused by these vulnerabilities. In particular, for modeling the vulnerabilities that may occur in software versions over time, it is appropriate to take the necessary countermeasures. These models are crucial in areas such as determining the number of resources required to cope with security vulnerabilities. These reported vulnerabilities, we anticipate the actions of OS companies to make strategic and operational decisions such as secure deployment. The operating system includes backup provisioning, disaster recovery. Although many vulnerability predictions models have been constructed, most of these are for operating systems and internet browsers, and non-exist for the Android mobile operating system, which has the highest number of users. In contrast to other studies, the present study investigated Android vulnerabilities that directly depend on time. Time series, multilayer perceptron (MLP), convolutional neural network (CNN), long short term memory (LSTM), Convolutional LSTM (ConvLSTM) and CNN-LSTM based models were generated, and the best model, providing the lowest error rates for the prediction of future security vulnerabilities, was selected. Data for the creation of the models were obtained by filtering security vulnerabilities published in the National Vulnerability Database (NVD) using the keyword Android. It was observed that the LSTM model has an error rate of 26.830 and the ARIMA model has an error rate of 18.449. Finally, it has been determined that LSTM based algorithms reach error rates that can compete with classical time series models despite limited data.



中文翻译:

使用ARIMA和深度学习方法对Android操作系统中的漏洞进行时间序列预测建模

安全漏洞预测模型允许估算潜在漏洞的数量,并评估由这些漏洞引起的风险。特别是,为了对随着时间的推移软件版本中可能出现的漏洞建模,采取必要的对策是适当的。这些模型在诸如确定应对安全漏洞所需的资源数量等领域至关重要。这些漏洞已报告,我们预计操作系统公司将采取行动来制定战略和运营决策,例如安全部署。该操作系统包括备份配置,灾难恢复。尽管已经构建了许多漏洞预测模型,但是其中大多数模型用于操作系统和互联网浏览器,而对于Android移动操作系统则不存在,用户数量最多。与其他研究相反,本研究调查了直接依赖于时间的Android漏洞。生成了基于时间序列,多层感知器(MLP),卷积神经网络(CNN),长期短期记忆(LSTM),基于卷积LSTM(ConvLSTM)和CNN-LSTM的模型,而最佳模型则为该模型提供了最低的错误率选择了对未来安全漏洞的预测。用于创建模型的数据是通过过滤使用关键字Android的国家漏洞数据库(NVD)中发布的安全漏洞而获得的。观察到LSTM模型的错误率为26.830,ARIMA模型的错误率为18.449。最后,

更新日期:2021-01-28
down
wechat
bug