%0 Journal Article
%T Cyber Security: Nonlinear Stochastic Models for Predicting the Exploitability
%A Sasith M. Rajasooriya
%A Chris. P. Tsokos
%A Pubudu Kalpani Kaluarachchi
%J Journal of Information Security
%P 125-140
%@ 2153-1242
%D 2017
%I Scientific Research Publishing
%R 10.4236/jis.2017.82009
%X Obtaining complete information regarding discovered vulnerabilities looks extremely difficult. Yet, developing statistical models requires a great deal of such complete information about the vulnerabilities. In our previous studies, we introduced a new concept of ¡°Risk Factor¡± of vulnerability which was calculated as a function of time. We introduced the use of Markovian approach to estimate the probability of a particular vulnerability being at a particular ¡°state¡± of the vulnerability life cycle. In this study, we further develop our models, use available data sources in a probabilistic foundation to enhance the reliability and also introduce some useful new modeling strategies for vulnerability risk estimation. Finally, we present a new set of Non-Linear Statistical Models that can be used in estimating the probability of being exploited as a function of time. Our study is based on the typical security system and vulnerability data that are available. However, our methodology and system structure can be applied to a specific security system by any software engineer and using their own vulnerabilities to obtain their probability of being exploited as a function of time. This information is very important to a company¡¯s security system in its strategic plan to monitor and improve its process for not being exploited.
%K Vulnerability Lifecycle
%K Stochastic Modeling
%K Security Risk Factor
%K Markov Process
%K Risk Evaluation
%U http://www.scirp.org/journal/PaperInformation.aspx?PaperID=75816