Title: A Survey on the State of the Art of Vulnerability Assessment Techniques
Authors: Eva Sotos Martínez, Nora M. Villanueva ,Lilian Adkinson Orellana
Document type: Publication in Conference proceedings
Publication info: CISIS 2021 Conference http://2021.cisisconference.eu/
14th International Conference on Computational Intelligence in Security for Information Systems and 12th International Conference on European Transnational Educational (CISIS 2021 and ICEUTE 2021). CISIS – ICEUTE 2021. Advances in Intelligent Systems and Computing, vol 1400. 22 September 2021
A suitable vulnerability assessment process improves the overall security of an organization, and therefore, reduces the chances that an attacker could breach the IT system. The detection of vulnerabilities is one of the first steps in software security lifecycle, but in some cases, it is not enough. Understanding how a vulnerability can affect the rest of the system as well as forecasting its exploitability are important issues when assessing its real impact. Under this premise, this paper presents an overview of the state of the art, including different approaches related to the detection, forecasting and propagation of vulnerabilities in software, focusing mainly on Machine Learning and Data Mining techniques.