Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Prioritizing Vulnerabilities using ANP and Evaluating their Optimal Discovery and Patch Release Time
Amity Institute of Information Technology, Amity University.
Amity Center for Interdisciplinary Research, Amity University.
Luleå University of Technology, Department of Civil, Environmental and Natural Resources Engineering, Operation, Maintenance and Acoustics.
Amity Institute of Information Technology, Amity University.
2019 (English)In: International Journal of Mathematics in Operational Research (IJMOR), ISSN 1757-5850, E-ISSN 1757-5869, Vol. 14, no 2, p. 236-267Article in journal (Refereed) Published
Abstract [en]

Method for filtering and identifying a vulnerability class that has high probability of occurrence is needed by organisations to patch their software in a timely manner. In this paper, our first step is to filter the most frequently observed vulnerability type/class through a multi-criteria decision making that involves dependency among various criteria and feedback from various alternatives, known as analytic network process. We will also formulate a cost model to provide a solution to the developers facing high revenue debt because of the occurrence of highly exploited vulnerabilities belonging to the filtered group. The main aim of formulating the cost model is to evaluate the optimal discovery and patch release time such that the total developer's cost could be minimised subject to risk constraints. To illustrate the proposed approach, reported vulnerabilities of Google Chrome with high exploitability have been examined at its source level.

Place, publisher, year, edition, pages
InderScience Publishers, 2019. Vol. 14, no 2, p. 236-267
National Category
Other Civil Engineering
Research subject
Operation and Maintenance
Identifiers
URN: urn:nbn:se:ltu:diva-66589DOI: 10.1504/IJMOR.2019.097758Scopus ID: 2-s2.0-85061331859OAI: oai:DiVA.org:ltu-66589DiVA, id: diva2:1157134
Note

Validerad;2019;Nivå 1;2019-03-01 (johcin) 

Available from: 2017-11-15 Created: 2017-11-15 Last updated: 2019-03-01Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records BETA

Kumar, Uday

Search in DiVA

By author/editor
Kumar, Uday
By organisation
Operation, Maintenance and Acoustics
In the same journal
International Journal of Mathematics in Operational Research (IJMOR)
Other Civil Engineering

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 72 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf