Software vulnerability analysis and discovery using machine. Factor analysis of information risk fair defines vulnerability as. Note that the text may not contain all macros that bibtex supports. These software failures, commonly referred to as computer vulnerabilities. Victor krsul treating the subject software vulnerability analysis krs98 that he issued at. Krsul i software development in antagonistic and dynamic operational environments proceedings of the 3rd symposium on requirements engineering for information security, 114 jonsson e, stromberg l and lindskog s on the functional relation between security and dependability impairments proceedings of the 1999 workshop on new security. Software vulnerability analysis by ivan victor krsul purdue epubs. Due to their potential high severity impacts, many different. They can cause the loss of information and reduce the value or usefulness of the system. This analysis may be performed by applying statistical analysis and knowledge discovery tools. These status reports should show all interactions with other software. A machineoriented integrated vulnerability database for. Download citation software vulnerability analysis the consequences of a class of system failures, commonly known as software vulnerabilities, violate.
The idea of software vulnerability stems from the fact that the development and. Computer vulnerability analysis thesis proposal 1 introduction. A decade later, in 1998, krsul krsul, 1998 defined the software vulnerability in. Security vulnerability likelihood department of computer science. This is a technique for assessing the vulnerability of a software code. The consequences of a class of system failures, commonly known as software vulnerabilities, violate security policies. Thesis, purdue university, coast technical report 9809, 1998. Experimental analysis of software vulnerabilities 6. Software vulnerability analysis by ivan victor krsul. Computer security professionals and researchers do not have a history of.
The results are listed in the vulnerability assessment report, which focuses on providing enterprises with a list of. Software security vulnerabilities are one of the critical issues in the realm of computer security. The most damaging software vulnerabilities of 2017, so far. In this dissertation, quantitative analysis is presented dealing with i modeling vulnerability. There are a range of potential methodologies that could be used to undertake a vulnerability assessment. A vulnerability assessment uses automated network security scanning tools. In computer security, a vulnerability is a weakness which can be exploited by a threat actor. An analysis of some software vulnerabilities nist csrc. What is a vulnerability assessment vulnerability analysis. A wide variety of software vulnerabilities across consumer and enterprise technology were discovered in 2017. To refer to this entry, you may select and copy the text below and paste it into your bibtex document. A priori classifications of software vulnerabilities 7.
1063 926 517 639 903 919 1281 822 160 817 1275 134 830 493 751 1613 416 610 940 829 186 233 600 623 154 866 60 873 1394 742 874 908 70 1291 613