Forecasting Cyber Vulnerabilities: A Critical Analysis of ARIMA Models’ Efficacy and Efficiency
摘要
Given the increasing intricacy of cyber attacks, it is crucial to anticipate security vulnerabilities to implement proactive defensive tactics precisely. This study provides a comprehensive examination of the efficacy and efficiency of the Autoregressive Integrated Moving Average (ARIMA) model for forecasting trends in security vulnerabilities. The objective of this research is not to propose or present revolutionary solutions but to contribute a rigorous evaluation of ARIMA’s applicability in this domain. The data is sourced from an open-access Common Vulnerabilities and Exposures (CVE) dataset, encompassing nearly a decade of information. Our analysis focuses on 16 specific vulnerabilities using Common Weakness Enumeration (CWE) keywords, including SQL injection, cross-site scripting (XSS), and buffer overflow, with an emphasis on tracking and forecasting their occurrences. We rigorously evaluate the accuracy of the ARIMA model’s predictions by comparing them with actual observed data from 2023. The evaluation primarily assesses the model’s capacity to predict each type of vulnerability’s incidence rate, highlighting its strengths and limitations. Our findings illustrate the correlation between expected and actual events, demonstrating the model’s ability to capture the dynamic nature of cybersecurity vulnerabilities. This paper contributes to the field by providing empirical evidence of the efficacy of statistical model-based time-series forecasting in cybersecurity. It also suggests improvements for predictive models and advocates for integrating predictive analytics into cybersecurity strategies.