Abstract
Cyber-attacks are launched through the exploitation of some existing vulnerabilities in the software, hardware, system and/or network. Machine learning algorithms can be used to forecast the number of post release vulnerabilities. Traditional neural networks work like a black box approach; hence it is unclear how reasoning is used in utilizing past data points in inferring the subsequent data points. However, the long short-term memory network (LSTM), a variant of the recurrent neural network, is able to address this limitation by introducing a lot of loops in its network to retain and utilize past data points for future calculations. Moving on from the previous finding, we further enhance the results to predict the number of vulnerabilities by developing a time series-based sequential model using a long short-term memory neural network. Specifically, this study developed a supervised machine learning based on the non-linear sequential time series forecasting model with a long short-term memory neural network to predict the number of vulnerabilities for three vendors having the highest number of vulnerabilities published in the national vulnerability database (NVD), namely microsoft, IBM and oracle. Our proposed model outperforms the existing models with a prediction result root mean squared error (RMSE) of as low as 0.072.
| Original language | English |
|---|---|
| Pages (from-to) | 4381-4391 |
| Number of pages | 11 |
| Journal | International Journal of Electrical and Computer Engineering |
| Volume | 11 |
| Issue number | 5 |
| DOIs | |
| Publication status | Published - Oct 2021 |
| Externally published | Yes |
Keywords
- Information security
- Long short-term memory network
- Recurrent neural network
- Supervised machine learning
- Threat intelligence
- Time series
- Vulnerability prediction model
ASJC Scopus subject areas
- General Computer Science
- Electrical and Electronic Engineering