@kopolindo
@giorgiofox (original idea)
Alex Ely Kossovsky for the awesome statistical review of Chi-Square vs SSD on Benford distributions.
We are trying to understand if security assessment results are Benford-like.
If they are then we can judge security assessment outcomes (big big big numbers must be involved).
- Generating CVSS score based on CVE Details Distribution
- Normalizing them with exponential function
- Calculating SSD (Sum of Squared Deviations). Chi-square is not compatible with Benford distributions, as explained here by Alex Ely Kossovsky (:beer:)
- Iterating this process on and on, to collect more and more data
True, false, blah, not important, hackers gonna hack, just "fun'n'profit" ;)
Choice: go
Why: concurrency
Result: go...home Alex... :(
$ make race
It creates a benford executable in the same src folder.
Limitation 8192 concurrent goroutines.
$ make build
It creates a benford executable in the same src folder
$ make install
It creates a benford executable in $GOPATH/bin/
$ make uninstall
$ ./benford -h
Usage of ./benford:
-chart
Create a scattered chart in output folder
-csv string
CSV Output filename
-human
Human readable vs CSV readable
-iterations int
Number of iterations (default 1)
-max-sample int
Finish with this sample size (default -1)
-min-sample int
Start from this sample size (default -1)
-sample int
Size of the sample to be generated
-verbose
Verbose, print compliancy
-version
Print version
-iterations is the (int) number of actual runs for the program (default: 1)
-sample is the (int) number of the vulnerabilities among which distribute the scores
-min-sample minimum of the sample set if use case is to range over multiple sample sets. It excludes -sample
-max-sample maximum of the sample set if use case is to range over multiple sample sets. It excludes -sample
-verbose print also additional messages (e.g., compliancy of computed SSD)
-version print the version and build of the program
-chart generates chart(s) in output folder
-human print in human readable format
-csv output results in output folder, with provided file name
Run 200 times iterations (each iterations returns one SSD)
Samples spanning from 10000 (vulnerabilities scores) to 20000 (vulnerabilities scores)
Output:
- one csv file containing: sample, min, max, average, devstd values
- one line chart plotting min, max, average (three series overs Y axis) behavior versus sample (X axis)
$ ./benford -min-sample 10000 -max-sample 20000 -iterations 200 -chart -csv test.csv
Samples 0% | | (78/10001) [1m9s:2h27m11s]
Output:
$ ls output
'SSDs result distribution vs samples_line.html' test.csv
$ head output/test.csv
sample,min,max,average,devstd
10002,52.43,79.79,65.85,4.51
10006,54.42,75.33,65.21,4.11
10003,55.12,77.19,65.32,4.32
10004,57.28,79.51,65.82,4.26
10001,55.52,75.95,65.55,4.18
10005,51.90,78.48,65.46,4.12
10034,52.73,77.86,65.70,4.67
10007,53.30,76.37,65.46,4.63
10008,50.76,75.98,65.41,4.30