Effort and coverage dependent vulnerability discovery modeling
2018 (English)Conference paper, Published paper (Refereed)
Abstract [en]
In this paper, our primary focus is to propose a generalized mathematical model that can discover potential vulnerabilities on the basis of two key factors: operational effort rate and operational coverage rate. Here, the term operational effort rate refers to the proportion of manpower required to discover vulnerabilities. The operational coverage rate refers to the proportion of software covered by the effort in discovering vulnerabilities. It is assumed that the proposed model follows the Non-Homogeneous Poisson process properties thus different distribution are used to formulate multiple cases. To evaluate the operational effort function, exponential and Weibull distribution are used considering coverage rate either to be a constant or logistic. For model validation, a case study of real commercial software data set has been used
Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2018. p. 329-334
Keywords [en]
Vulnerability, Vulnerability discovery model, Operational effort, Vulnerability reporter, Operational coverage rate, Coverage function
National Category
Other Civil Engineering
Research subject
Operation and Maintenance
Identifiers
URN: urn:nbn:se:ltu:diva-70272DOI: 10.1109/TEL-NET.2017.8343550ISI: 000443538200058Scopus ID: 2-s2.0-85049065956ISBN: 9781509067107 (electronic)OAI: oai:DiVA.org:ltu-70272DiVA, id: diva2:1237321
Conference
2nd International Conference on Telecommunication and Networks, TEL-NET 2017, Amity University, Noida, India, 10-17 August 2017
2018-08-082018-08-082021-10-15Bibliographically approved