Published: July 25, 2017
Author(s)
Richard Kuhn (NIST), M S Raunak (Loyola University Maryland), Raghu Kacker (NIST)
Conference
Name: 2017 IEEE International Conference on Software Quality Reliability and Security (QRS-C 2017)
Dates: 07/25/2017 - 07/29/2017
Location: Prague, Czech Republic
Citation: Proceedings. 2017 IEEE International Conference on Software Quality, Reliability and Security (Companion Volume) (QRS-C 2017), pp. 587-588
Computer security has been a subject of serious study for at least 40 years, and a steady stream of innovations has improved our ability to protect networks and applications. But attackers have adapted and changed methods over the years as well. Where do we stand today in the battle between attackers and defenders? Are attackers gaining ground, as it often seems when reading press accounts of the latest data exposure? This analysis seeks to answer these questions using data from the US National Vulnerability Database (NVD), and to identify classes of vulnerabilities where improvements will be most cost effective.
Computer security has been a subject of serious study for at least 40 years, and a steady stream of innovations has improved our ability to protect networks and applications. But attackers have adapted and changed methods over the years as well. Where do we stand today in the battle between...
See full abstract
Computer security has been a subject of serious study for at least 40 years, and a steady stream of innovations has improved our ability to protect networks and applications. But attackers have adapted and changed methods over the years as well. Where do we stand today in the battle between attackers and defenders? Are attackers gaining ground, as it often seems when reading press accounts of the latest data exposure? This analysis seeks to answer these questions using data from the US National Vulnerability Database (NVD), and to identify classes of vulnerabilities where improvements will be most cost effective.
Hide full abstract
Keywords
cybersecurity; National Vulnerability Database; vulnerabilities
Control Families
None selected
