Exploit Probabilities Conditioned on CVSS Scores

Abstract

We present data-driven results that probe the relationship between the existence of cyber exploits - a stand-in for threat assessment - with CVSS scores, which are a particular metric of cyber vulnerability. Initial results indicate a roughly power-law relationship with an exponent of 7:5 plus or minus 1:4, rising to a maximum of about 9 percent for vulnerabilities with the most severe (highest) CVSS scores.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Nov 04, 2016
Accession Number
AD1098014

Entities

People

  • A. B. Wollaber
  • P. C. Trepagnier

Organizations

  • MIT Lincoln Laboratory

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Air Force
  • Curve Fitting
  • Data Science
  • Databases
  • Governments
  • Information Science
  • Information Systems
  • Massachusetts
  • Materials
  • Probability
  • Standards
  • Statistical Analysis
  • Threat Evaluation
  • Threats
  • Vulnerability

Readers

  • Atmospheric Science/Meteorology
  • Cybersecurity.
  • Statistical inference.

Technology Areas

  • Cyber