Visualization and Analysis of the National Vulnerability Database
The National Vulnerability Database (NVD) is the U.S. government repository of standards based vulnerability management data represented using the The Security Content Automation Protocol (SCAP). NVD is continually updated.
We have developed a tool, NVDvis, that reads the latest version of the National Vulnerability Database. The user can choose Common Vulnerabilities and Exposures (CVE) 2.0 or CVE 1.2. The tool does an initial analysis that is displayed in the Data Analysis pane of the tool. It displays which CVE database was selected and how many entries there were. It provides the average vulnerability score as well as the distribution of the scores. It shows the number of elements, as well as the percentage for each value of the six attributes that make up the score, the part, Common Weakness Enumeration ID (CWE-ID), and distribution of date-time. The tool enables the user to:
- Filter the data in a variety of ways. NVDvis can filter on the vulnerability score as well as the six attributes that contribute to the score: Access vector, access complexity, authentication, confidentiality impact, integrity impact, and availability impact. It also provides access to Part (application, hardware, operating system), CWE-ID, date-time, and vendor. After each filtering operation, the Data Analysis pane is updated as well as the visualization.
- Parallel Coordinate plot the data. These plots are a way to visualize multidimensional data. They were invented by Alfred Inselberg, who has a tutorial online. Our visualization can be viewed both on the desktop as well as in our immersive environment.
- Output data in a variety of formats for further analysis:
- csv format (comma separated values) that is easily read by the R Statistical Package. R provides access to many analysis techniques as well as other visualization packages such as rggobi. This format is also read by many software packages.
- arff format that is read by the Weka open source data mining software. This format is also read by other machine learning software packages.
- Binary format that enables a user to pick up where he or she left off.
- Descriptions to enable text mining.
To see more images, see the Multimedia Page for this project.
Return to Visualization
Return to Visualization
NVDvis tool interface
Additional Project Information:
- Judith E. Terrill, Group Leader
- Kevin Rawlings
- John Hagedorn
- Styvens Belloge
- Terence Griffin
- Sandy Ressler
- David Waltermire
- Harold Booth
- Murugiah Souppaya
- Charles Wergin
- Christopher McCormick
- Karen Scarfone