Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ICST
2010
IEEE
2010
IEEE
Searching for a Needle in a Haystack: Predicting Security Vulnerabilities for Windows Vista
—Many factors are believed to increase the vulnerability of software system; for example, the more widely deployed or popular is a software system the more likely it is to be attacked. Early identification of defects has been a widely investigated topic in software engineering research. Early identification of software vulnerabilities can help mitigate these attacks to a large degree by focusing better security verification efforts in these components. Predicting vulnerabilities is complicated by the fact that vulnerabilities are, most often, few in number and introduce significant bias by creating a sparse dataset in the population. As a result, vulnerability prediction can be thought of us preverbally “searching for a needle in a haystack.” In this paper, we present a large-scale empirical study on Windows Vista, where we empirically evaluate the efficacy of classical metrics like complexity, churn, coverage, dependency measures, and organizational structure of the company to p...
Real-time Traffic| Added | 26 Jan 2011 |
| Updated | 26 Jan 2011 |
| Type | Journal |
| Year | 2010 |
| Where | ICST |
| Authors | Thomas Zimmermann, Nachiappan Nagappan, Laurie A. Williams |
Comments (0)
Researcher Info
|
