I-Corps: Data-Driven Risk Assessments for Software Vulnerabilities

I-Corps：数据驱动的软件漏洞风险评估

• 批准号: 2244900
• 负责人: Tudor Dumitras
• 金额: $ 5万
• 依托单位: University of Maryland, College Park
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2023
• 资助国家: 美国
• 起止时间: 2023-01-01 至 2023-06-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2244900&HistoricalAwards=false
• 关键词: Corps; Data; Driven; Risk; Assessments

The broader impact/commercial potential of this I-Corps project is the development of technology that addresses inefficiencies in the software update processes by complementing existing vulnerability assessment tools and allowing practitioners to update critical vulnerabilities faster in order to reduce the risk of attacks. The World Economic Forum ranks cyberattacks among the top 10 global risks of the decade. One of the main causes for these incidents are exploits against software vulnerabilities. A recent survey revealed that 27% of participating organizations were breached due to unpatched vulnerabilities. The impact of vulnerability exploits can often be seen through infamous ransomware campaigns which have affected several critical infrastructure sectors. Vulnerability exploits have shifted from being primarily a financial concern, to being a societal issue threatening the environment, national security, and even human life. As a result, removing software vulnerabilities as a target of cyber attackers is an urgent necessity. The government and industrial organizations can mitigate the risk of attacks by remediating vulnerabilities within their enterprise networks through software updates.This I-Corps project is based on the development of a technology that focuses on mitigating the impact of vulnerability exploits, which are one of the principal enablers of cyberattacks, and can be prevented through software updates. This project will provide novel tools to address the operational challenges involved in managing software updates by offering automatic, data-driven risk assessments for vulnerabilities. These tools use machine learning to learn historical associations between vulnerabilities and attacks. During deployment, the technology identifies newly disclosed vulnerabilities, collects publicly available information, and uses the machine learning models to compute various components related to the risk of exploits and attacks against these vulnerabilities.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

I-Corps项目更广泛的影响/商业潜力是通过补充现有漏洞评估工具来解决软件更新过程中的低效率问题的技术开发，并允许从业者更快地更新关键漏洞，以降低攻击风险。世界经济论坛（World Economic Forum）将网络攻击列为本十年全球十大风险之一。这些事件的主要原因之一是针对软件漏洞的攻击。最近的一项调查显示，27%的参与组织因未修补的漏洞而遭到入侵。漏洞利用的影响通常可以通过臭名昭著的勒索软件活动看到，这些活动已经影响了几个关键的基础设施部门。漏洞利用已经从主要的金融问题转变为威胁环境、国家安全甚至人类生命的社会问题。因此，消除作为网络攻击目标的软件漏洞是迫切需要的。政府和工业组织可以通过软件更新修复其企业网络中的漏洞来降低攻击风险。I-Corps项目的基础是开发一种技术，专注于减轻漏洞利用的影响，漏洞利用是网络攻击的主要促成因素之一，可以通过软件更新来防止。该项目将提供新颖的工具，通过提供自动的、数据驱动的漏洞风险评估，来解决涉及管理软件更新的操作挑战。这些工具使用机器学习来学习漏洞和攻击之间的历史关联。在部署期间，该技术识别新披露的漏洞，收集公开可用的信息，并使用机器学习模型计算与这些漏洞的利用和攻击风险相关的各种组件。该奖项反映了美国国家科学基金会的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。