TY - GEN
T1 - Ontology-Driven Framework for Trend Analysis of Vulnerabilities and Impacts in IoT Hardware
AU - Bandi, Charan
AU - Salehi, Soheil
AU - Hassan, Rakibul
AU - Manoj, Sai
AU - Homayoun, Houman
AU - Rafatirad, Setareh
N1 - Publisher Copyright:
© 2021 IEEE.
PY - 2021/1
Y1 - 2021/1
N2 - The number of publicly known cyber-security vulnerabilities submitted to the National Vulnerability Database (NVD) has increased significantly. However, it is cumbersome to explore useful information from this large corpus of unstructured data to find meaningful trends over time without proper tools. Prior works with this purpose have mainly focused on the software vulnerabilities and fail to provide a storytelling framework that can extract useful information about the relationship and trends within the CVE and CWE databases over time. Additionally, hardware attacks on IoT devices are evolving very rapidly due to the recent proliferation of computing devices in mobile and IoT domains. Thus, herein, we focus on IoT hardware vulnerabilities and develop an Ontology-driven Storytelling Framework (OSF) which aims to identify similar patterns of vulnerabilities over time, to help mitigate the impacts of vulnerabilities or predict and prevent future vulnerabilities.
AB - The number of publicly known cyber-security vulnerabilities submitted to the National Vulnerability Database (NVD) has increased significantly. However, it is cumbersome to explore useful information from this large corpus of unstructured data to find meaningful trends over time without proper tools. Prior works with this purpose have mainly focused on the software vulnerabilities and fail to provide a storytelling framework that can extract useful information about the relationship and trends within the CVE and CWE databases over time. Additionally, hardware attacks on IoT devices are evolving very rapidly due to the recent proliferation of computing devices in mobile and IoT domains. Thus, herein, we focus on IoT hardware vulnerabilities and develop an Ontology-driven Storytelling Framework (OSF) which aims to identify similar patterns of vulnerabilities over time, to help mitigate the impacts of vulnerabilities or predict and prevent future vulnerabilities.
KW - Common Vulnerability and Exposure (CVE)
KW - Common Weakness Enumeration (CWE)
KW - Hardware Vulnerability
KW - Internet of Things (IoT)
KW - National Vulnerability Database (NVD)
KW - Natural Language Processing (NLP)
KW - Ontology Learning
UR - https://www.scopus.com/pages/publications/85102643839
UR - https://www.scopus.com/pages/publications/85102643839#tab=citedBy
U2 - 10.1109/ICSC50631.2021.00045
DO - 10.1109/ICSC50631.2021.00045
M3 - Conference contribution
AN - SCOPUS:85102643839
T3 - Proceedings - 2021 IEEE 15th International Conference on Semantic Computing, ICSC 2021
SP - 211
EP - 214
BT - Proceedings - 2021 IEEE 15th International Conference on Semantic Computing, ICSC 2021
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 15th IEEE International Conference on Semantic Computing, ICSC 2021
Y2 - 27 January 2021 through 29 January 2021
ER -