منابع مشابه
A metric for software vulnerabilities classication
Vulnerability discovery and exploits detection are two wide areas of study in software engineering. This preliminary work tries to combine existing methods with machine learning techniques to define a metric classification of vulnerable computer programs. First a feature set has been defined and later two models have been tested against real world vulnerabilities. A relation between the classif...
متن کاملSoftware Vulnerabilities: Open Source versus Proprietary Software Security
This study seeks to empirically investigate specific security characteristics of both open source software and proprietary software. Operating system software vulnerability data spanning several years are collected and analyzed to determine if significant differences exist in terms of inter-arrival times of published vulnerabilities and patch releases. Open source software is only marginally qu...
متن کاملSoftware Security Vulnerabilities Seen As Feature Interactions
The security of software applications is an important domain, and one that mixes formalisms (e.g. when dealing with cryptography and security protocols) with very ad hoc, low level practical solutions. In this paper, we look at a subset of the “security” field: the production of secure, general purpose software from a software engineering viewpoint. We call this simply “software security”. We s...
متن کاملMarket for Software Vulnerabilities? Think Again
Software vulnerability disclosure has become a critical area of concern for policy-makers. Traditionally, Computer Emergency Response Team (CERT) acts as an infomediary between benign identifiers (who voluntarily report vulnerability information) and software users. After verifying a reported vulnerability, CERT sends out a public “advisory” so that users can safeguard their systems against pot...
متن کاملA Taxonomy of Causes of Software Vulnerabilities in Internet Software
At the root of almost every security incident on the Internet are one or more software vulnerabilities, i.e. security-related bugs in the software that can be exploited by an attacker to perform actions he should not be able to perform. Analysis of vulnerability alerts as distributed by organisations like CERT([CER]) or SANS([SAN]), and analysis of causes of actual incidents shows that many vul...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: SHS Web of Conferences
سال: 2017
ISSN: 2261-2424
DOI: 10.1051/shsconf/20173501059