Given the increasing intricacy of cyber attacks, it is crucial to anticipate security vulnerabilities to implement proactive defensive tactics precisely. This study provides a comprehensive examination of the efficacy and efficiency of the Autoregressive Integrated Moving Average (ARIMA) model for forecasting trends in security vulnerabilities. The objective of this research is not to propose or present revolutionary solutions but to contribute a rigorous evaluation of ARIMA’s applicability in this domain. The data is sourced from an open-access Common Vulnerabilities and Exposures (CVE) dataset, encompassing nearly a decade of information. Our analysis focuses on 16 specific vulnerabilities using Common Weakness Enumeration (CWE) keywords, including SQL injection, cross-site scripting (XSS), and buffer overflow, with an emphasis on tracking and forecasting their occurrences. We rigorously evaluate the accuracy of the ARIMA model’s predictions by comparing them with actual observed data from 2023. The evaluation primarily assesses the model’s capacity to predict each type of vulnerability’s incidence rate, highlighting its strengths and limitations. Our findings illustrate the correlation between expected and actual events, demonstrating the model’s ability to capture the dynamic nature of cybersecurity vulnerabilities. This paper contributes to the field by providing empirical evidence of the efficacy of statistical model-based time-series forecasting in cybersecurity. It also suggests improvements for predictive models and advocates for integrating predictive analytics into cybersecurity strategies.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Forecasting Cyber Vulnerabilities: A Critical Analysis of ARIMA Models’ Efficacy and Efficiency

  • N. H. M. Arafat,
  • Weiqing Sun

摘要

Given the increasing intricacy of cyber attacks, it is crucial to anticipate security vulnerabilities to implement proactive defensive tactics precisely. This study provides a comprehensive examination of the efficacy and efficiency of the Autoregressive Integrated Moving Average (ARIMA) model for forecasting trends in security vulnerabilities. The objective of this research is not to propose or present revolutionary solutions but to contribute a rigorous evaluation of ARIMA’s applicability in this domain. The data is sourced from an open-access Common Vulnerabilities and Exposures (CVE) dataset, encompassing nearly a decade of information. Our analysis focuses on 16 specific vulnerabilities using Common Weakness Enumeration (CWE) keywords, including SQL injection, cross-site scripting (XSS), and buffer overflow, with an emphasis on tracking and forecasting their occurrences. We rigorously evaluate the accuracy of the ARIMA model’s predictions by comparing them with actual observed data from 2023. The evaluation primarily assesses the model’s capacity to predict each type of vulnerability’s incidence rate, highlighting its strengths and limitations. Our findings illustrate the correlation between expected and actual events, demonstrating the model’s ability to capture the dynamic nature of cybersecurity vulnerabilities. This paper contributes to the field by providing empirical evidence of the efficacy of statistical model-based time-series forecasting in cybersecurity. It also suggests improvements for predictive models and advocates for integrating predictive analytics into cybersecurity strategies.