Sciweavers

Share
ICC
2007
IEEE
111views Communications» more  ICC 2007»
9 years 3 months ago
SecureRank: A Risk-Based Vulnerability Management Scheme for Computing Infrastructures
— In this paper, we introduce a new scheme called SecureRank for prioritizing vulnerabilities to patch in computing systems/networks. This has become a key issue for IT infrastru...
Reiko Ann Miura-Ko, Nicholas Bambos
SCAM
2008
IEEE
9 years 3 months ago
Automated Detection of Code Vulnerabilities Based on Program Analysis and Model Checking
Ensuring the correctness and reliability of software systems is one of the main problems in software development. Model checking, a static analysis method, is preponderant in impr...
Lei Wang, Qiang Zhang, PengChao Zhao
ER
2009
Springer
166views Database» more  ER 2009»
9 years 3 months ago
A Modeling Ontology for Integrating Vulnerabilities into Security Requirements Conceptual Foundations
Abstract. Vulnerabilities are weaknesses in the requirements, design, and implementation, which attackers exploit to compromise the system. This paper proposes a vulnerability-cent...
Golnaz Elahi, Eric S. K. Yu, Nicola Zannone
ICST
2009
IEEE
9 years 3 months ago
Predicting Attack-prone Components
GEGICK, MICHAEL CHARLES. Predicting Attack-prone Components with Source Code Static Analyzers. (Under the direction of Laurie Williams). No single vulnerability detection techniqu...
Michael Gegick, Pete Rotella, Laurie A. Williams
HICSS
2009
IEEE
122views Biometrics» more  HICSS 2009»
9 years 4 months ago
Empirical Estimates and Observations of 0Day Vulnerabilities
We define a 0Day vulnerability to be any vulnerability, in deployed software, that has been discovered by at least one person but has not yet been publicly announced or patched. T...
Miles A. McQueen, Trevor A. McQueen, Wayne F. Boye...
books