Large-Scale Empirical Study of Important Features Indicative of Discovered Vulnerabilities to Assess Application Security

Existing research on vulnerability discovery models shows that the existence of vulnerabilities inside an application may be linked to certain features, e.g., size or complexity, of that application. However, the applicability of such features to demonstrate the relative security between two applica...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on information forensics and security 2019-09, Vol.14 (9), p.2315-2330
Main Authors: Mengyuan Zhang, de Carne de Carnavalet, Xavier, Lingyu Wang, Ragab, Ahmed
Format: Article
Language:English
Subjects:
Complexity
Complexity theory
Correlation
Correlation analysis
Feature extraction
Machine learning
Measurement
Predictive models
Security
Software
software security
Software vulnerability analysis
Vulnerability
vulnerability discovery model
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Existing research on vulnerability discovery models shows that the existence of vulnerabilities inside an application may be linked to certain features, e.g., size or complexity, of that application. However, the applicability of such features to demonstrate the relative security between two applications is not well studied, which may depend on multiple factors in a complex way. In this paper, we perform the first large-scale empirical study of the correlation between various features of applications and the abundance of vulnerabilities. Unlike existing work, which typically focuses on one particular application, resulting in limited successes, we focus on the more realistic issue of assessing the relative security level among different applications. To the best of our knowledge, this is the most comprehensive study of 780 real-world applications involving 6498 vulnerabilities. We apply seven feature selection methods to nine feature subsets selected among 34 collected features, which are then fed into six types of machine learning models, producing 523 estimations. The predictive power of important features is evaluated using four different performance measures. This paper reflects that the complexity of applications is not the only factor in vulnerability discovery and the human-related factors contribute to explaining the number of discovered vulnerabilities in an application.
ISSN:1556-6013
1556-6021
DOI:10.1109/TIFS.2019.2895963