ITLACMDScientific Applications  Visualization Group
Scientific Visualization
Attractive Image NIST
Up Visualization Parallel Computing Data Mining Released Software

Visualization and Analysis of the National Vulnerability Databases

The National Vulnerability Database (NVD) is the U.S. government repository of standards based vulnerability management data represented using the The Security Content Automation Protocol (SCAP). NVD is continually updated.

We have developed a tool, NVDvis, that reads the lastest version of the National Vulnerability Database. The user can choose CVE 2.0 or CVE 1.2. The tool does an initial analysis that is displayed in the Data Analysis pane of the tool. It says which CVE database was selected and how many entries there were. It provides the average vulnerabilty score as well as the distribution of the scores. It gives the number of elements as well as the percentage for each value of the six attributes that make up the score as well as the part and CWE-ID and distribution of date-time. The tool enables the user to:

  1. Filter the data in a variety of ways. NVDvis can filter on the vulnerability score as well as the six attributes that contribute to the score: Access vector, access complexity, authentication, confidentiality impact, integrity impact, and availability impact. It also provides access to Part (application, hardware, operating system), CWE-ID, date-time, and vendor. After each filtering operation, the Data Analysis pane is updated as well as the visualization.
  2. Parallel Coordinate plot the data. These plots are a way to visualize multidimensional data. They were invented by Alfred Inselberg, who has a tutorial online. Our visualization can be viewed both on the desktop as well as in our immersive environment.
  3. Output data in a variety of formats for further analysis:
    (bullet) csv format (comma separated values) that is easily read by the R Statistical Package. R provides access to many analysis techniques as well as other visualization packages such as rggobi.. This format is also read by many software packages.
    (bullet) arff format that is read by the Weka open source data mining software. This format is also read by other machine learning software packages
    (bullet) binary format that enables a user to pick up where they left off
    (bullet) descriptions to enable text mining

(bullet) Demonstrations and presentations of the tool at the 6th Annual IT Security Automation Conference, September 27th - 30th, 2010 Baltimore, MD

(bullet) Judith E. Terrill
(bullet) Kevin Rawlings
(bullet) Christopher Johnson
(bullet) David Waltermire
(bullet) Harold Booth
(bullet) John G. Hagedorn
(bullet) Murugiah Souppaya
(bullet) Charles Wergin
(bullet) Christopher McCormack
(bullet) Karen Scarfone
(bullet) Styvens Bellog
(bullet) Group Leader: Judith E. Terrill

Figure 1: NVDvis tool interface.
Figure 1: NVDvis tool interface.
Figure 2: Parallel Coordinate Plot produced by the NVDvis tool.
Figure 2: Parallel Coordinate Plot produced by the NVDvis tool.

Privacy Policy | Disclaimer | FOIA
NIST is an agency of the U.S. Commerce Department.
Date created: 2007-12-10, Last updated: 2011-01-12.