A metric for software vulnerabilities classication
نویسنده
چکیده
Vulnerability discovery and exploits detection are two wide areas of study in software engineering. This preliminary work tries to combine existing methods with machine learning techniques to define a metric classification of vulnerable computer programs. First a feature set has been defined and later two models have been tested against real world vulnerabilities. A relation between the classifier choice and the features has also been outlined.
منابع مشابه
A Vulnerability Metric for the Design Phase of Object Oriented Software
Unlike quality, quantitative estimation of security at design phase of object oriented software is largely missing. The work examines that coupling is one of the object oriented design characteristic responsible for propagation of vulnerabilities in the design of software. A metric is proposed to determine whether the design of one version of a software system is more vulnerable than another wi...
متن کاملSecurity Metrics for Software System
Security metrics for software systems provide quantitative measurement for the degree of trustworthiness for software systems. This paper proposes a new approach to define software security metrics based on vulnerabilities included in the software systems and their impacts on software quality. We use the Common Vulnerabilities and Exposures (CVE), an industry standard for vulnerability and expo...
متن کاملk-Zero Day Safety: A Network Security Metric for
By enabling a direct comparison of different security solutions with respect to their relative effectiveness, a network security metric may provide quantifiable evidences to assist security practitioners in securing computer networks. However, research on security metrics has been hindered by difficulties in handling zero day attacks exploiting unknown vulnerabilities. In fact, the security ris...
متن کاملPredicting Unknown Vulnerabilities using Software Metrics and Maturity Models
We face an increasing reliance on software-based services, applications, platforms, and infrastructures to accomplish daily activities. It is possible to introduce vulnerabilities during any software life cycle and these vulnerabilities could lead to security attacks. It is known that as the software complexity increases, discovering a new security vulnerability introduced by subsequent updates...
متن کاملExploring the Relationship Between Architecture Coupling and Software Vulnerabilities
Employing software metrics, such as size and complexity, for predicting defects has been given a lot of attention over the years and proven very useful. However, the few studies looking at software architecture and vulnerabilities are limited in scope and findings. We explore the relationship between software vulnerabilities and component metrics (like code churn and cyclomatic complexity), as ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1212.3669 شماره
صفحات -
تاریخ انتشار 2012