TY - GEN
T1 - An idea of an independent validation of vulnerability discovery models
AU - Nguyen, V.H.
AU - Massacci, F.
PY - 2012
Y1 - 2012
N2 - Having a precise vulnerability discovery model (VDM) would provide a useful quantitative insight to assess software security. Thus far, several models have been proposed with some evidence supporting their goodness-of-fit. In this work we describe an independent validation of the applicability of these models to the vulnerabilities of the popular browsers Firefox, Google Chrome and Internet Explorer. The result shows that some VMDs do not simply fit the data, while for others there are both positive and negative evidences. © 2012 Springer-Verlag.
AB - Having a precise vulnerability discovery model (VDM) would provide a useful quantitative insight to assess software security. Thus far, several models have been proposed with some evidence supporting their goodness-of-fit. In this work we describe an independent validation of the applicability of these models to the vulnerabilities of the popular browsers Firefox, Google Chrome and Internet Explorer. The result shows that some VMDs do not simply fit the data, while for others there are both positive and negative evidences. © 2012 Springer-Verlag.
U2 - 10.1007/978-3-642-28166-2_9
DO - 10.1007/978-3-642-28166-2_9
M3 - Conference contribution
SN - 9783642281655
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 89
EP - 96
BT - Engineering Secure Software and Systems - 4th International Symposium, ESSoS 2012, Proceedings
T2 - 4th International Symposium on Engineering Secure Software and Systems, ESSoS 2012
Y2 - 16 February 2012 through 17 February 2012
ER -