A Look at the Time Delays in CVSS Vulnerability Scoring
| dc.contributor.author | Jukka Ruohonen | |
| dc.contributor.organization | fi=ohjelmistotekniikka|en=Software Engineering| | |
| dc.contributor.organization-code | 2610302 | |
| dc.converis.publication-id | 27791900 | |
| dc.converis.url | https://research.utu.fi/converis/portal/Publication/27791900 | |
| dc.date.accessioned | 2022-10-27T12:15:15Z | |
| dc.date.available | 2022-10-27T12:15:15Z | |
| dc.description.abstract | <p>This empirical paper examines the time delays that occur between the publication of Common Vulnerabilities and Exposures (CVEs) in the National Vulnerability Database (NVD) and the Common Vulnerability Scoring System (CVSS) information attached to published CVEs. According to the empirical results based on regularized regression analysis of over eighty thousand archived vulnerabilities, (i) the CVSS content does not statistically influence the time delays, which, however, (ii) are strongly affected by a decreasing annual trend. In addition to these results, the paper contributes to the empirical research tradition of software vulnerabilities by a couple of insights on misuses of statistical methodology.<br /></p> | |
| dc.identifier.eissn | 2210-8327 | |
| dc.identifier.jour-issn | 2210-8327 | |
| dc.identifier.olddbid | 174239 | |
| dc.identifier.oldhandle | 10024/157333 | |
| dc.identifier.uri | https://www.utupub.fi/handle/11111/34062 | |
| dc.identifier.url | https://www.sciencedirect.com/science/article/pii/S2210832717302995 | |
| dc.identifier.urn | URN:NBN:fi-fe2021042717656 | |
| dc.language.iso | en | |
| dc.okm.affiliatedauthor | Ruohonen, Jukka | |
| dc.okm.discipline | 113 Computer and information sciences | en_GB |
| dc.okm.discipline | 113 Tietojenkäsittely ja informaatiotieteet | fi_FI |
| dc.okm.internationalcopublication | not an international co-publication | |
| dc.okm.internationality | International publication | |
| dc.okm.type | A1 ScientificArticle | |
| dc.publisher | Elsevier | |
| dc.publisher.country | Netherlands | en_GB |
| dc.publisher.country | Alankomaat | fi_FI |
| dc.publisher.country-code | NL | |
| dc.relation.doi | 10.1016/j.aci.2017.12.002 | |
| dc.relation.ispartofjournal | Applied Computing and Informatics | |
| dc.source.identifier | https://www.utupub.fi/handle/10024/157333 | |
| dc.title | A Look at the Time Delays in CVSS Vulnerability Scoring | |
| dc.year.issued | 2017 |
Tiedostot
1 - 1 / 1
Ladataan...
- Name:
- 1801.00938.pdf
- Size:
- 737.78 KB
- Format:
- Adobe Portable Document Format
- Description:
- Final draft