Skip to main content
Kent Academic Repository

Analysis of the NIST database towards the composition of vulnerabilities in attack scenarios

Franqueira, Virginia N. L. and van Keulen, Maurice (2008) Analysis of the NIST database towards the composition of vulnerabilities in attack scenarios. Technical report. Centre for Telematics and Information Technology, University of Twente, Netherlands (KAR id:77544)


The composition of vulnerabilities in attack scenarios has been traditionally performed based on detailed pre- and post-conditions. Although very precise, this approach is dependent on human analysis, is time consuming, and not at all scalable. We investigate the NIST National Vulnerability Database (NVD) with three goals: (i) understand the associations among vulnerability attributes related to impact, exploitability, privilege, type of vulnerability and clues derived from plaintext descriptions, (ii) validate our initial composition model which is based on required access and resulting effect, and (iii) investigate the maturity of XML database technology for performing statistical analyses like this directly on the XML data. In this report, we analyse 27,273 vulnerability entries (CVE [1]) from the NVD. Using only nominal information, we are able to e.g. identify clusters in the class of vulnerabilities

with no privilege which represent 52% of the entries.

Item Type: Reports and Papers (Technical report)
Uncontrolled keywords: Network vulnerabilities, attack scenarios, CVE, CVSS, XQuery, XML database
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: Virginia Franqueira
Date Deposited: 17 Oct 2019 10:54 UTC
Last Modified: 16 Nov 2021 10:26 UTC
Resource URI: (The current URI for this page, for reference purposes)

University of Kent Author Information

Franqueira, Virginia N. L..

Creator's ORCID:
CReDIT Contributor Roles:
  • Depositors only (login required):

Total unique views for this document in KAR since July 2020. For more details click on the image.