Conferences related to Vulnerability

Back to Top

2023 Annual International Conference of the IEEE Engineering in Medicine & Biology Conference (EMBC)

The conference program will consist of plenary lectures, symposia, workshops and invitedsessions of the latest significant findings and developments in all the major fields of biomedical engineering.Submitted full papers will be peer reviewed. Accepted high quality papers will be presented in oral and poster sessions,will appear in the Conference Proceedings and will be indexed in PubMed/MEDLINE.


ICC 2021 - IEEE International Conference on Communications

IEEE ICC is one of the two flagship IEEE conferences in the field of communications; Montreal is to host this conference in 2021. Each annual IEEE ICC conference typically attracts approximately 1,500-2,000 attendees, and will present over 1,000 research works over its duration. As well as being an opportunity to share pioneering research ideas and developments, the conference is also an excellent networking and publicity event, giving the opportunity for businesses and clients to link together, and presenting the scope for companies to publicize themselves and their products among the leaders of communications industries from all over the world.


2020 IEEE Symposium on Security and Privacy (SP)

Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field.

  • 2021 IEEE Symposium on Security and Privacy (SP)

    Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field.

  • 2019 IEEE Symposium on Security and Privacy (SP)

    Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field.

  • 2018 IEEE Symposium on Security and Privacy (SP)

    Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field.

  • 2017 IEEE Symposium on Security and Privacy (SP)

    Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field.Papers offer novel research contributions in any aspect of computer security or electronic privacy. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains.

  • 2016 IEEE Symposium on Security and Privacy (SP)

    Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field.Papers offer novel research contributions in any aspect of computer security or electronic privacy. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains.

  • 2015 IEEE Symposium on Security and Privacy (SP)

    Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field.Papers offer novel research contributions in any aspect of computer security or electronic privacy. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains.

  • 2014 IEEE Symposium on Security and Privacy (SP)

    IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners.

  • 2013 IEEE Symposium on Security and Privacy (SP) Conference dates subject to change

    IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners.

  • 2012 IEEE Symposium on Security and Privacy (SP) Conference dates subject to change

    IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners.

  • 2011 IEEE Symposium on Security and Privacy (SP)

    Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field.

  • 2010 IEEE Symposium on Security and Privacy (SP)

    S&P is interested in all aspects of computer security and privacy.

  • 2009 IEEE Symposium on Security and Privacy (SP)

    The IEEE Symposium on Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field.

  • 2008 IEEE Symposium on Security and Privacy (SP)

    Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field.

  • 2007 IEEE Symposium on Security and Privacy (SP)

    Research contributions in any aspect of computer security and electronic privacy including advances in the theory, design, implementation, analysis of empirical evaluation of secure systems.

  • 2006 IEEE Symposium on Security and Privacy (SP)

  • 2005 IEEE Symposium on Security and Privacy (SRSP)


2020 IEEE/ACM 42nd International Conference on Software Engineering (ICSE)

ICSE is the premier forum for researchers to present and discuss the most recent innovations,trends, outcomes, experiences, and challenges in the field of software engineering. The scopeis broad and includes all original and unpublished results of empirical, conceptual, experimental,and theoretical software engineering research.


GLOBECOM 2020 - 2020 IEEE Global Communications Conference

IEEE Global Communications Conference (GLOBECOM) is one of the IEEE Communications Society’s two flagship conferences dedicated to driving innovation in nearly every aspect of communications. Each year, more than 2,900 scientific researchers and their management submit proposals for program sessions to be held at the annual conference. After extensive peer review, the best of the proposals are selected for the conference program, which includes technical papers, tutorials, workshops and industry sessions designed specifically to advance technologies, systems and infrastructure that are continuing to reshape the world and provide all users with access to an unprecedented spectrum of high-speed, seamless and cost-effective global telecommunications services.


More Conferences

Periodicals related to Vulnerability

Back to Top

Aerospace and Electronic Systems Magazine, IEEE

The IEEE Aerospace and Electronic Systems Magazine publishes articles concerned with the various aspects of systems for space, air, ocean, or ground environments.


Automation Science and Engineering, IEEE Transactions on

The IEEE Transactions on Automation Sciences and Engineering (T-ASE) publishes fundamental papers on Automation, emphasizing scientific results that advance efficiency, quality, productivity, and reliability. T-ASE encourages interdisciplinary approaches from computer science, control systems, electrical engineering, mathematics, mechanical engineering, operations research, and other fields. We welcome results relevant to industries such as agriculture, biotechnology, healthcare, home automation, maintenance, manufacturing, pharmaceuticals, retail, ...


Communications Magazine, IEEE

IEEE Communications Magazine was the number three most-cited journal in telecommunications and the number eighteen cited journal in electrical and electronics engineering in 2004, according to the annual Journal Citation Report (2004 edition) published by the Institute for Scientific Information. Read more at http://www.ieee.org/products/citations.html. This magazine covers all areas of communications such as lightwave telecommunications, high-speed data communications, personal communications ...


Communications Surveys & Tutorials, IEEE

Each tutorial reviews currents communications topics in network management and computer and wireless communications. Available tutorials, which are 2.5 to 5 hours in length contains the original visuals and voice-over by the presenter. IEEE Communications Surveys & Tutorials features two distinct types of articles: original articles and reprints. The original articles are exclusively written for IEEE Communications Surveys & Tutorials ...


Communications, IEEE Transactions on

Telephone, telegraphy, facsimile, and point-to-point television, by electromagnetic propagation, including radio; wire; aerial, underground, coaxial, and submarine cables; waveguides, communication satellites, and lasers; in marine, aeronautical, space and fixed station services; repeaters, radio relaying, signal storage, and regeneration; telecommunication error detection and correction; multiplexing and carrier techniques; communication switching systems; data communications; and communication theory. In addition to the above, ...


More Periodicals

Most published Xplore authors for Vulnerability

Back to Top

Xplore Articles related to Vulnerability

Back to Top

Vulnerability Scrying Method for Software Vulnerability Discovery Prediction Without a Vulnerability Database

IEEE Transactions on Reliability, 2013

Predicting software vulnerability discovery trends can help improve secure deployment of software applications and facilitate backup provisioning, disaster recovery, diversity planning, and maintenance scheduling. Vulnerability discovery models (VDMs) have been studied in the literature as a means to capture the underlying stochastic process. Based on the VDMs, a few vulnerability prediction schemes have been proposed. Unfortunately, all these schemes suffer ...


Advance in research on groundwater vulnerability: A review

2011 International Conference on Multimedia Technology, 2011

Groundwater vulnerability research has great significance for water environment protection and sustainable groundwater resource utilization. In this review, the formation and development of "groundwater vulnerability" concept, including intrinsic vulnerability and specific vulnerability, were introduced. The recent advance in groundwater vulnerability studies were also summarized with an emphasis on the evaluation methods as well as their advantages and disadvantages. It is ...


Supporting automated vulnerability analysis using formalized vulnerability signatures

2012 Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering, 2012

Adopting publicly accessible platforms such as cloud computing model to host IT systems has become a leading trend. Although this helps to minimize cost and increase availability and reachability of applications, it has serious implications on applications' security. Hackers can easily exploit vulnerabilities in such publically accessible services. In addition to, 75% of the total reported application vulnerabilities are web ...


The Surface Water Vulnerability Assessment of Arid Pastoral Areas

2013 Third International Conference on Intelligent System Design and Engineering Applications, 2013

In recent years, human being's inappropriate development and utilization on water resources, together with the influence of climate change, Chinese arid pastoral areas has suffered serious threat to the sustainable utilization of water resources and ecological security. Under the current conditions, the grassland production development way of China's pastoral areas is mainly animal husbandry industry, and irrigation water is the ...


System Vulnerability Risk Evaluation using Connectivity Operator

2016 2nd IEEE International Conference on Computer and Communications (ICCC), 2016

In order to quantify the risk of security vulnerabilities, a vulnerability risk assessment methodology is proposed based on connectivity Operators, and vulnerability relationship is quantitatively analyzed on the use of the vulnerability attack graph. Two kinds of connectivity operator are proposed to calculate the connectivity between vulnerability, achieving a quantitative analysis of the vulnerability's self risk and spread risk. On ...


More Xplore Articles

Educational Resources on Vulnerability

Back to Top

IEEE-USA E-Books

  • Vulnerability Scrying Method for Software Vulnerability Discovery Prediction Without a Vulnerability Database

    Predicting software vulnerability discovery trends can help improve secure deployment of software applications and facilitate backup provisioning, disaster recovery, diversity planning, and maintenance scheduling. Vulnerability discovery models (VDMs) have been studied in the literature as a means to capture the underlying stochastic process. Based on the VDMs, a few vulnerability prediction schemes have been proposed. Unfortunately, all these schemes suffer from the same weaknesses: they require a large amount of historical vulnerability data from a database (hence they are not applicable to a newly released software application), their precision depends on the amount of training data, and they have significant amount of error in their estimates. In this work, we propose vulnerability scrying, a new paradigm for vulnerability discovery prediction based on code properties. Using compiler- based static analysis of a codebase, we extract code properties such as code complexity (cyclomatic complexity), and more importantly code quality (compliance with secure coding rules), from the source code of a software application. Then we propose a stochastic model which uses code properties as its parameters to predict vulnerability discovery. We have studied the impact of code properties on the vulnerability discovery trends by performing static analysis on the source code of four real-world software applications. We have used our scheme to predict vulnerability discovery in three other software applications. The results show that even though we use no historical data in our prediction, vulnerability scrying can predict vulnerability discovery with better precision and less divergence over time.

  • Advance in research on groundwater vulnerability: A review

    Groundwater vulnerability research has great significance for water environment protection and sustainable groundwater resource utilization. In this review, the formation and development of "groundwater vulnerability" concept, including intrinsic vulnerability and specific vulnerability, were introduced. The recent advance in groundwater vulnerability studies were also summarized with an emphasis on the evaluation methods as well as their advantages and disadvantages. It is important and urgent to set up new groundwater vulnerability models capable of evaluating both primary contamination resistance abilities of vadose zone and characteristics of pollutants relevant to their migration and transformation in aquifer. The credibility and uncertainty of groundwater vulnerability evaluation results has attracted more and more attentions of government agencies and researchers and is becoming a hot topic.

  • Supporting automated vulnerability analysis using formalized vulnerability signatures

    Adopting publicly accessible platforms such as cloud computing model to host IT systems has become a leading trend. Although this helps to minimize cost and increase availability and reachability of applications, it has serious implications on applications' security. Hackers can easily exploit vulnerabilities in such publically accessible services. In addition to, 75% of the total reported application vulnerabilities are web application specific. Identifying such known vulnerabilities as well as newly discovered vulnerabilities is a key challenging security requirement. However, existing vulnerability analysis tools cover no more than 47% of the known vulnerabilities. We introduce a new solution that supports automated vulnerability analysis using formalized vulnerability signatures. Instead of depending on formal methods to locate vulnerability instances where analyzers have to be developed to locate specific vulnerabilities, our approach incorporates a formal vulnerability signature described using OCL. Using this formal signature, we perform program analysis of the target system to locate signature matches (i.e. signs of possible vulnerabilities). A newly-discovered vulnerability can be easily identified in a target program provided that a formal signature for it exists. We have developed a prototype static vulnerability analysis tool based on our formalized vulnerability signatures specification approach. We have validated our approach in capturing signatures of the OWSAP Top10 vulnerabilities and applied these signatures in analyzing a set of seven benchmark applications.

  • The Surface Water Vulnerability Assessment of Arid Pastoral Areas

    In recent years, human being's inappropriate development and utilization on water resources, together with the influence of climate change, Chinese arid pastoral areas has suffered serious threat to the sustainable utilization of water resources and ecological security. Under the current conditions, the grassland production development way of China's pastoral areas is mainly animal husbandry industry, and irrigation water is the most widespread water use habits. Therefore, taking the Damao County as a research area, which is a typical arid pastoral area in China, this paper summarize and define the surface water resources vulnerability attribute of pastoral area, and research the content of surface water resources vulnerability from the aspects of natural vulnerability, human vulnerability and carrying vulnerability. And then the corresponding surface water resources vulnerability assessment index system of arid pastoral areas can be set up, the results of the study show that the vulnerability performance of Damao County is obvious, from the view of vulnerability's spatial distribution, the northern and western areas are much more sensitive than other areas. What's more, the research results also can tell us that the vulnerability contribution of surface water resources on Damao County from high to low in turn is natural vulnerability, human vulnerability, carrying vulnerability.

  • System Vulnerability Risk Evaluation using Connectivity Operator

    In order to quantify the risk of security vulnerabilities, a vulnerability risk assessment methodology is proposed based on connectivity Operators, and vulnerability relationship is quantitatively analyzed on the use of the vulnerability attack graph. Two kinds of connectivity operator are proposed to calculate the connectivity between vulnerability, achieving a quantitative analysis of the vulnerability's self risk and spread risk. On this basis the risk assessment algorithm VREA-CO is raised, assessing the system overall risk. The vulnerability assessment results can help managers identify key vulnerabilities, and improve safety management efficiency. Example analysis shows that the method is feasible and effective.

  • The Research on a Patch Management System for Enterprise Vulnerability Update

    Because of virus and worms which make use of vulnerability of computer systems, computer software is getting in trouble increasingly. Although there are opportunities to defend these attacks at an earlier stage, people undergo several serious disturbances because many administrators and users didn't realize the essentiality of the patch management. The paper designs and implements a patch management system for vulnerability precaution protection which can efficiently repair vulnerabilities of computer systems in time. Developing a vulnerability management system needs two steps: constructing a vulnerability analysis database and implementing vulnerability management system (VMS) application software. The vulnerability analysis database is constructed based on CVE, Microsoft and others to report vulnerabilities in standard result forms by updating newest information, and is organized to be suitable to the distributed enterprise network. The VMS suggested in this paper can provide fast and more accurate vulnerability repair and proper guidelines to corresponding vulnerabilities.

  • PVDF: An automatic Patch-based Vulnerability Description and Fuzzing method

    Patch-based vulnerability analysis is a hot topic for security researchers and attackers, some important semantic can be used to discover new bugs or errors via information revealed from patch differences. However, automatic description for patched differences is always viewed as such a difficult task that similar work is usually achieve in manual method. In this paper, we present an automatic patch-based description for a type of privilege elevation vulnerability, and perform fuzzing test to excavate unknown bugs in further step. Focusing on feature in this type of vulnerability, we recognize vulnerability-related positions from patched differences, and divide them into multi-level attributes via normalized definitions. Furthermore, we present analysis procedure as relationship measurement among several attributes: binary difference, data structure of object, operation semantic and constraint formula. The root cause and exploitation method for vulnerability can be described on the leverage of gradual attribute deductions. At last, a CF- oriented fuzzing method is introduced based on verification of semantic and constraint formula. The effectiveness and performance of our prototype have been tested in evaluation, it proves that patch-related bugs all can be described in PVD (Patch-based Vulnerability Description) automatically, and some new bugs can be discovered in PVF (Patch-based Vulnerability Fuzzing). In addition, average time consumption of global running is less than systems or projects of related work.

  • Vulnerability Assessment of Power System Using Various Vulnerability Indices

    Vulnerability assessment in power systems is important so as to determine how vulnerable a power system in case of any unforeseen catastrophic events. To assess the level of system strength or weakness relative to the occurrence of an undesired event, a quantitative measure based on vulnerability index is often considered. The objective of this paper is to investigate and compare the performance of various vulnerability indices used for assessing the vulnerability of power systems when subjected to various contingencies. The vulnerability indices are based on anticipated loss of load as well as vulnerability information of individual system components such as real and reactive power generation, generation loss due to outage, bus voltage, loadability, transmission line real and reactive powers and line bus voltage angle difference. The vulnerability indices are compared so as to determine the effectiveness and accuracy of the indices in assessing the system vulnerability. In this study, power flow simulations were carried out on the IEEE 24 bus test system using the power system analysis and toolbox (PSAT) and the vulnerability indices were calculated using the MATLAB program.

  • On prioritization of vulnerability categories based on CVSS scores

    In view of increasing population of vulnerabilities, quantitative evaluation of vulnerabilities is necessary for efficient mitigation. Evaluation on classified vulnerability datasets can further improve the mitigation process. Objective of this paper is to develop security metrics to prioritize vulnerability categories based on CVSS scores to step ahead in this regard. In this context, security metrics are developed to reevaluate and unify vulnerability severity scores depending on availability of patches and age of vulnerability. Proposed metrics are applied on 5177 vulnerabilities extracted from NVD published in recent one year and vulnerability categories are prioritized and ranked based on cumulative severity scores.

  • Vulnerability evaluation of power system integrated with large-scale distributed generation based on complex network theory

    As the most wide-area industrial network, the power system can be modeled as a graph with edges and vertices, which represent the lines and buses of the power grid respectively. Further methodologies such as complex network theory may help in identifying the vulnerability of power grid, analyzing the contingency, preventing cascading blackouts and so on. When power system is integrated with distributed generation (DG), decentralized generation at distribution level replaces some of the centralized generation at transmission level. DG units are able to improve the reliability of the power system, shorten the electrical distance between the sources and loads, alleviate the long-distance large-capacity transmission, and increase the efficiency. This paper proposes several vulnerability indices, such as structural vulnerability index (SVI), contingency vulnerability index (CVI) and operational vulnerability index (OVI) to evaluate the impact of DG to power system vulnerability. The simulation in DIgSILENT/PowerFactory is conducted to assess the vulnerability of a 93-bus test power system, identify the vulnerable lines and buses, evaluate the improvement of the vulnerability index when the network is integrated with DG units, and may further to optimize the planning DG units in the future.



Standards related to Vulnerability

Back to Top

No standards are currently tagged "Vulnerability"


Jobs related to Vulnerability

Back to Top