An Analysis of the Vulnerability Discovery Process in Web Browsers

نویسندگان

  • Sung-Whan Woo
  • Omar H. Alhazmi
  • Yashwant K. Malaiya
چکیده

New vulnerabilities discovered in a web browser put millions of users at risk, requiring urgent attention from developers to address these vulnerabilities. This paper presents a quantitative characterization of browser vulnerabilities which can be used to project the number of vulnerabilities to plan, test and development resources more efficiently. Vulnerability discovery data for the three major browsers, Internet Explore, Firefox and Mozilla, are examined and fitted to a vulnerability discovery model, and the goodness of fit is statistically examined. The results show that the datasets fit the model well, suggesting that this model can be used for making future projections. When the vulnerabilities are partitioned into categories based on their type, the data of individual categories also fit the model separately. When the vulnerabilities are partitioned into three severity levels, the model is found to be applicable to vulnerabilities with high and low severities. It is observed that the popularity of a browser itself leads to a higher discovery rate.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Automatic Discovery of Technology Networks for Industrial-Scale R&D IT Projects via Data Mining

Industrial-Scale R&D IT Projects depend on many sub-technologies which need to be understood and have their risks analysed before the project can begin for their success. When planning such an industrial-scale project, the list of technologies and the associations of these technologies with each other is often complex and form a network. Discovery of this network of technologies is time consumi...

متن کامل

Designing a System for Trend Analysis of Users in Website Surfing in Iran Using Data Mining and Text Mining Algorithms

Background and Aim: As of the entrance of web surfing to the lifestyle of a vast majority of people in the society and the need for a more accurate social and cultural policy making in the field, authors intended to analyze the behavior of the society users in viewing different websites so as to help politicians and practitioners. Methods: Design science research method is used in this research...

متن کامل

Prioritize the ordering of URL queue in Focused crawler

The enormous growth of the World Wide Web in recent years has made it necessary to perform resource discovery efficiently. For a crawler it is not an simple task to download the domain specific web pages. This unfocused approach often shows undesired results. Therefore, several new ideas have been proposed, among them a key technique is focused crawling which is able to crawl particular topical...

متن کامل

Expert Discovery: A web mining approach

Expert discovery is a quest in search of finding an answer to a question: “Who is the best expert of a specific subject in a particular domain within peculiar array of parameters?” Expert with domain knowledge in any field is crucial for consulting in industry, academia and scientific community. Aim of this study is to address the issues for expert-finding task in real-world community. Collabor...

متن کامل

Thesis an Analysis of Vulnerabilities in Web Servers and Browser Using Time-base and Effort-based Models

OF THESIS AN ANALYSIS OF VULNERABILITIES IN WEB SERVERS AND BROWSER USING TIME-BASE AND EFFORT-BASED MODELS With the rapid in rease in the number of vulnerabilities dis overed in major software systems, se urity in omputing and internet-based transa tions is greatly threatened. These vulnerabilities an be exploited to damage a omputer system's se urity attributes on dentiality, integrity and av...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2006