This library allows you to mine Common Vulnerabilities and Exposures (CVE) for the National Vulnerability Database (NVD) and using their Common Vulnerability Scoring Systems (CVSS), obtain Utilities for input to a game theoritic solver. We use this for generate efficitent strategies for web-appications that can automatically switch between the technology they use to host the service. This phenoomenon is known as Moving Target Defense (MTD). For understanding how Aritificial Intelligence (AI) can boost the security of such defense mechanisms, feel free to read our paper published in AAMAS'17.
To run the script, you can use these commands from the home directory:
cd src
./generate_game_data.sh 2014 2015
The year values 2014 and 2015 can be used to tell the code to mind data from a specific year to another specific year.
This repository used the data which was obtained from the NVD website and is updated on a regulare basis. To work on latest data, please download the latest data and place them in the nvd_data
file.
The Game Theoretic solver which can use the generated file BSSG_input.txt
can be found in the StackelbergEquilibribumSolvers repository.