An idea of an independent validation of vulnerability discovery models

V.H. Nguyen, F. Massacci

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

Having a precise vulnerability discovery model (VDM) would provide a useful quantitative insight to assess software security. Thus far, several models have been proposed with some evidence supporting their goodness-of-fit. In this work we describe an independent validation of the applicability of these models to the vulnerabilities of the popular browsers Firefox, Google Chrome and Internet Explorer. The result shows that some VMDs do not simply fit the data, while for others there are both positive and negative evidences. © 2012 Springer-Verlag.
Original languageEnglish
Title of host publicationEngineering Secure Software and Systems - 4th International Symposium, ESSoS 2012, Proceedings
Pages89-96
DOIs
Publication statusPublished - 2012
Externally publishedYes
Event4th International Symposium on Engineering Secure Software and Systems, ESSoS 2012 - , Netherlands
Duration: 16 Feb 201217 Feb 2012

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference4th International Symposium on Engineering Secure Software and Systems, ESSoS 2012
CountryNetherlands
Period16/02/1217/02/12

Fingerprint Dive into the research topics of 'An idea of an independent validation of vulnerability discovery models'. Together they form a unique fingerprint.

Cite this