| Title |
Evaluation of vulnerability inventories using a classification algorithm / |
| Translation of Title |
Pažeidžiamumo aprašų vertinimas naudojant klasifikavimo algoritmą. |
| Authors |
Čižikovas, Arnas |
| Full Text |
|
| Pages |
40 |
| Keywords [eng] |
CVE, CWE, CVSS, Random Forest Classifier, SVC, Logistic Regression Classifier, CVE, CWE, CVSS, Atsitiktiniu˛ mišku˛ klasifikavimas, Palaikomu˛ju˛ vektoriu˛ klasifikatorius, Logistinės regresijos klasifikatorius. |
| Abstract [eng] |
Cybersecurity vulnerabilities pose a significant threat to organisations, so it is essential to iden- tify and prioritise them to mitigate potential risks. Newly emerging breaches are classified slowly, yet they keep increasing every year. Treat assessment is an extraordinarily long and complex pro- cess, and it can take months to start taking adequate measures to protect against cyber attacks. This study compares classification algorithms for vulnerability inventories using the Common Vulnerabilities and Exposures (CVE), the Common Weakness Enumeration (CWE), and the Com- mon Vulnerability Scoring System (CVSS). We compare and contrast the CVEs, CWEs, and CVSSs to evaluate the performance of different classification algorithms in classifying CVEs by their CWE mapping and their Common Vulnerability Scoring System (CVSS) vectors. The research provides a broader overview of the fundamental concepts of CVE, CWE, and CVSS, their differences and applicability, how they relate, and how they are interrelated. The analysis aims to identify the optimal methods for developing a new classification algorithm faster and more accurately than ex- isting algorithms and methodologies. This study contributes to developing automated vulnerability assessment and prioritisation methods to help organisations improve their cybersecurity posture. |
| Dissertation Institution |
Vilniaus universitetas. |
| Type |
Master thesis |
| Language |
English |
| Publication date |
2025 |
