An Empirical Methodology to Evaluate Vulnerability Discovery Models
نویسندگان
چکیده
منابع مشابه
An Idea of an Independent Validation of Vulnerability Discovery Models
Having a precise vulnerability discovery model (VDM) would provide a useful quantitative insight to assess software security. Thus far, several models have been proposed with some evidence supporting their goodness-of-fit. In this work we describe an independent validation of the applicability of these models to the vulnerabilities of the popular browsers Firefox, Google Chrome and Internet Exp...
متن کاملA Systematically Empirical Evaluation of Vulnerability Discovery Models: a Study on Browsers' Vulnerabilities
A precise vulnerability discovery model (VDM) will provide a useful insight to assess software security, and could be a good prediction instrument for both software vendors and users to understand security trends and plan ahead patching schedule accordingly. Thus far, several models have been proposed and validated. Yet, no systematically independent validation by somebody other than the author...
متن کاملAn empirical investigation into supply chain vulnerability
A growing number of academicians and practitioners have put supply chain risks on their agendas, particularly triggered by a recent series of catastrophic events that have disrupted economies and supply chains around the globe. Given the increasing awareness of this important topic, the purpose of this research was to study supply chain risks in more detail and to investigate the relationship b...
متن کاملAn Independent Validation of Vulnerability Discovery
Having a precise vulnerability discovery model (VDM) would provide a useful quantitative insight to assess software security. Thus far, several models have been proposed with some evidence supporting their goodness-of-fit. In this work we describe an independent validation of the applicability of six existing VDMs in seventeen releases of the three popular browsers Firefox, Google Chrome and In...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Transactions on Software Engineering
سال: 2014
ISSN: 0098-5589,1939-3520,2326-3881
DOI: 10.1109/tse.2014.2354037