Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

How to Predict Which Vulnerabilities Will Be Exploited - Tudor Dumitras - USENIX Enigma Conference - 2019

USENIX Enigma Conference via YouTube

Overview

Explore the intricacies of predicting software vulnerability exploitation in this 21-minute conference talk from USENIX Enigma 2019. Delve into research findings based on data from 10 million hosts, uncovering insights on global vulnerability impact and exploitation trends. Learn about the decreasing fraction of exploited vulnerabilities despite their growing discovery rate, and understand why popular vulnerability metrics like CVSS scores poorly correlate with real-world exploits. Discover how combining technical vulnerability characteristics, social media information, and patching rates can create predictive models for assessing exploitation risks. Gain valuable knowledge on objectively evaluating defensive technologies, determining biggest security risks, and applying data-driven approaches to cybersecurity decision-making and policy formulation.

Syllabus

Intro
How Do You Give Security Advice?
To Patch or Not To Patch?
Can We Predict Exploits?
Must Validate Predictions-Exploits in the Wild
Machine Learning and Security Predictions
Prediction With Intrinsic Features
What Are We Predicting?
Intuition: CVE-2017-0144
Mining Twitter to predict Exploitation
Predicting Exploits in the Wild
Did We Get Lucky?
Time to Patch 50% of Vulnerable Hosts
One Vulnerability, Different Patches
Patching Patterns As Risk Factors
#3. Prediction Performance
What You Can Do Today
What You Can Do Tomorrow

Taught by

USENIX Enigma Conference

Reviews

Start your review of How to Predict Which Vulnerabilities Will Be Exploited - Tudor Dumitras - USENIX Enigma Conference - 2019

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.