scholarly journals Vulnerability Discovery in Multi-Version Software Systems

2007 ◽  
Author(s):  
Jinyoo Kim ◽  
Yashwant K. Malaiya ◽  
Indrakshi Ray
Keyword(s):  
Software Systems ◽  
Vulnerability Discovery

scholarly journals An updated analysis of seasonal variations of the security vulnerability discovery process

2020 ◽  
Vol 12 (2) ◽  
pp. 122-133
Author(s):  
Ariane Santos Borges ◽  
Paulo H. R. Gabriel ◽  
Rodrigo Sanches Miani
Keyword(s):  
Operating Systems ◽  
Seasonal Variations ◽  
Replication Study ◽  
Software Systems ◽  
Discovery Process ◽  
Security Vulnerability ◽  
Vulnerability Discovery ◽  
Discovery Rates

Several factors may influence the security vulnerability discovery rates. The projection of these rates might help the development and the prioritization of software patches. Previous work studied the seasonal behaviors of the vulnerability discovery process for several operating systems and web related software systems. We propose a replication study of an experiment conducted more than a decade ago to understand the changes in the dynamics of the security vulnerability discovery rates. In contrast to the findings from ten years ago, the investigated systems do not exhibit a year-end peak. Besides, the higher incidence during mid-year months for Microsoft operating systems was only noticed for the most recent Windows OSes: Windows 8.1 and Windows 10. These results highlight the importance of reproducibility in scientific works. In the area of cybersecurity, in particular, it is important that models are created from studies conducted using updated data.

Pattern-based methods for vulnerability discovery

2017 ◽  
Vol 59 (2) ◽  
Author(s):  
Fabian Yamaguchi
Keyword(s):  
Domain Knowledge ◽  
Graph Mining ◽  
Software Systems ◽  
Exact Methods ◽  
Software Projects ◽  
Software Analysis ◽  
Novel Approach ◽  
Vulnerability Discovery ◽  
Automated Software ◽  
Present Pattern

AbstractDiscovering and eliminating critical vulnerabilities in program code is a key requirement for the secure operation of software systems. This task rests primarily on the shoulders of experienced code analysts who inspect programs in-depth to identify weaknesses. As software systems grow in complexity, while the amount of security critical code increases, supplying these analysts with effective methods to assist in their work becomes even more crucial. Unfortunately, exact methods for automated software analysis are rarely of help in practice, as they do not scale to the complexity of contemporary software projects, and are not designed to benefit from the analyst's domain knowledge. To address this problem, we present pattern-based vulnerability discovery, a novel approach of devising assistant methods for vulnerability discovery that are build with a high focus on practical requirements. The approach combines techniques of static analysis, machine learning, and graph mining to lend imprecise but highly effective methods that allow analysts to benefit from the machine's pattern recognition abilities without sacrificing the strengths of manual analysis.

scholarly journals Software Risk Assessment for Windows Operating Systems with respect to CVSS

2019 ◽  
Vol 4 (11) ◽  
pp. 41-45
Author(s):  
HyunChul Joh
Keyword(s):  
Operating Systems ◽  
Scientific Investigation ◽  
Risk Assessments ◽  
Software Systems ◽  
Web Browsers ◽  
Software Vulnerabilities ◽  
Vulnerability Discovery ◽  
Quantitative Examination ◽  
Software Risk ◽  
The Given

CVSS is recognized as a de facto standard for categorizing and measuring software vulnerabilities in both how easy for exploitation for the given security bug and how much impact on a system having the vulnerability in a sense of the three security factors. Meanwhile, since the early 2000s, quantitative risk assessments of software systems had been able to be examined thanks to the accumulated enough datasets for a scientific investigation. However, there are still a lot of research attempts not to be taken in a quantitative examination of software risk assessments. In this paper, we are quantitatively analyzing CVSS scores in vulnerabilities from the three most recent Windows products, namely, Windows 7, Windows 8.1 and Windows 10. The result shows that AML vulnerability discovery model represents Windows vulnerability discovery trend reasonably. Furthermore, we found explicitly that, most of the time, security bugs are compromised with no authentication required systems. This result is corresponding with the output from the previous research based on Web browsers.

Methods of parallel computing for multilevel fuzzy Takagi – Sugeno systems

2016 ◽  
pp. 141-149
Author(s):  
S.V. Yershov ◽  
◽  
R.М. Ponomarenko ◽  
Keyword(s):  
Dynamic Models ◽  
Fuzzy Inference ◽  
Knowledge Bases ◽  
Comparative Characteristic ◽  
Software Systems ◽  
Scientific Papers ◽  
Speed Up ◽  
Diagnostic Software ◽  
Takagi Sugeno

Parallel tiered and dynamic models of the fuzzy inference in expert-diagnostic software systems are considered, which knowledge bases are based on fuzzy rules. Tiered parallel and dynamic fuzzy inference procedures are developed that allow speed up of computations in the software system for evaluating the quality of scientific papers. Evaluations of the effectiveness of parallel tiered and dynamic schemes of computations are constructed with complex dependency graph between blocks of fuzzy Takagi – Sugeno rules. Comparative characteristic of the efficacy of parallel-stacked and dynamic models is carried out.

A Literature Review Study of Software Defect Prediction using Machine Learning Techniques

2018 ◽  
Vol 6 (6) ◽  
pp. 300 ◽  
Author(s):  
Feidu Akmel ◽  
Ermiyas Birihanu ◽  
Bahir Siraj
Keyword(s):  
Machine Learning ◽  
Software Metrics ◽  
Quality Standard ◽  
Machine Learning Techniques ◽  
Software Systems ◽  
Health Care Insurance ◽  
Software Defect ◽  
Learning Techniques ◽  
Software Product

Software systems are any software product or applications that support business domains such as Manufacturing,Aviation, Health care, insurance and so on.Software quality is a means of measuring how software is designed and how well the software conforms to that design. Some of the variables that we are looking for software quality are Correctness, Product quality, Scalability, Completeness and Absence of bugs, However the quality standard that was used from one organization is different from other for this reason it is better to apply the software metrics to measure the quality of software. Attributes that we gathered from source code through software metrics can be an input for software defect predictor. Software defect are an error that are introduced by software developer and stakeholders. Finally, in this study we discovered the application of machine learning on software defect that we gathered from the previous research works.

ANALYZING AND IMPROVING WEB APPLICATION QUALITY USING DESIGN PATTERNS

2012 ◽  
Vol 2 (2) ◽  
pp. 112-116
Author(s):  
Shikha Bhatia ◽  
Mr. Harshpreet Singh
Keyword(s):  
Web Application ◽  
Design Pattern ◽  
Design Patterns ◽  
Web Applications ◽  
Past Research ◽  
Software Systems ◽  
Interactive Software ◽  
Web Based ◽  
Software Application ◽  
Execution Speed

With the mounting demand of web applications, a number of issues allied to its quality have came in existence. In the meadow of web applications, it is very thorny to develop high quality web applications. A design pattern is a general repeatable solution to a generally stirring problem in software design. It should be noted that design pattern is not a finished product that can be directly transformed into source code. Rather design pattern is a depiction or template that describes how to find solution of a problem that can be used in many different situations. Past research has shown that design patterns greatly improved the execution speed of a software application. Design pattern are classified as creational design patterns, structural design pattern, behavioral design pattern, etc. MVC design pattern is very productive for architecting interactive software systems and web applications. This design pattern is partition-independent, because it is expressed in terms of an interactive application running in a single address space. We will design and analyze an algorithm by using MVC approach to improve the performance of web based application. The objective of our study will be to reduce one of the major object oriented features i.e. coupling between model and view segments of web based application. The implementation for the same will be done in by using .NET framework.

Sign in / Sign up

Export Citation Format

Share Document