Zero-Day Vulnerabilities, Cartography, and Quantification Initiative

Authors

DOI:

https://doi.org/10.34190/eccws.25.1.4570

Keywords:

Vulnerability, zero-day attacks, Knowledge Graph

Abstract

Zero-day vulnerabilities have become a critical concern across security teams. Despite their growing frequency, they remain a largely uncharted domain: there is currently no consolidated information, statistical visibility, or cartography describing the true scale of the problem. Organisations lack metrics that would enable them to understand how zero-days are distributed among products or technological ecosystems, limiting their ability to anticipate, detect, and accurately assess the risks associated with these vulnerabilities. In the absence of a structural understanding of the phenomenon, organisations rely on linear, product-centred approaches inherited from traditional vulnerability management and built around indicators such as CVE identifiers, CVSS scores, or patch availability. Although these indicators are essential, they do not capture the multidimensional relationships and ecosystem-level dependencies that shape zero-day behaviour. Consequently, analyses remain confined to individual vulnerabilities rather than the structures that connect them, leaving organisations without models capable of describing how zero-days emerge, cluster, or propagate across technologies. To address this gap, this work begins with an in-depth a posteriori phase aimed at establishing the first consolidated inventory of past zero-days. This fundamental effort is intended to establish an initial structural basis that will enable further long-term research into the systemic characteristics of zero-day vulnerabilities.  Afterwards, this study seeks to reveal “domino effects”, clusters of technological weakness, and cross-product propagation paths that remain invisible in traditional analytical frameworks. The goal is to provide a new visualisation to support not only future predictive models and improved detection strategies, but also more informed and contextualised risk assessments. By moving beyond linear scoring systems and embracing a structural, graph-driven perspective, this work lays the groundwork for a more proactive, comprehensive understanding of zero-day vulnerabilities and the technological ecosystems they inhabit.

Author Biography

Myriam Ouraou, Thales

Myriam Ouraou is a cybersecurity engineer specialised in Connected Objects and Cybersecurity, and a graduate of ESILV Paris. She spent two years as an apprentice Cybersecurity Engineer at Thales, where she worked on vulnerability detection and prioritisation across restricted industrial and cloud environments. She is currently pursuing a PhD at Thales and the De Vinci Research Center, where she applies graph- and hypergraph-based learning techniques to rethink how organisations assess and manage vulnerabilities at scale. Her work aims to bring more intelligence, context and foresight to vulnerability management, moving beyond traditional methods towards predictive, data-driven approaches.

Downloads

Published

2026-06-15

Issue

Vol. 25 No. 1 (2026): The Proceedings of the 25th European Conference on Cyber Warfare & Security (ECCWS 2026)

Section

PhD Papers

License

Copyright (c) 2026 European Conference on Cyber Warfare and Security

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.