Measuring the Exploitation of Weaknesses in the Wild

Identifying the software weaknesses exploited by attacks supports efforts to reduce developer introduction of vulnerabilities and to guide security code review efforts. A weakness is a bug or fault type that can be exploited through an operation that results in a security-relevant error. Ideally, th...

Full description

Saved in:
Bibliographic Details
Published inIT professional Vol. 26; no. 3; pp. 14 - 21
Main Authors Mell, Peter, Bojanova, Irena, Galhardo, Carlos
Format Journal Article
LanguageEnglish
Published Washington IEEE 01.05.2024
IEEE Computer Society
Subjects
Codes
Computer bugs
Computer hacking
Error analysis
Exploitation
Internet
Manuals
Reviews
Security
Software
Online AccessGet full text

Cover

More Information
Summary:Identifying the software weaknesses exploited by attacks supports efforts to reduce developer introduction of vulnerabilities and to guide security code review efforts. A weakness is a bug or fault type that can be exploited through an operation that results in a security-relevant error. Ideally, the security community would measure the prevalence of the software weaknesses used in actual exploitation. This work advances that goal by introducing a simple metric that utilizes public data feeds to determine the probability of a weakness being exploited in the wild for any 30-day window. The metric is evaluated on a set of 130 weaknesses that were commonly found in vulnerabilities between April 2021 and March 2024. Our analysis reveals that 92% of the weaknesses are not being constantly exploited.
ISSN:1520-9202
1941-045X
DOI:10.1109/MITP.2024.3399485