Quantitative vulnerability assessment of systems software

Alhazmi, Omar H.; Malaiya, Yashwant K.

doi:10.1109/rams.2005.1408432

Cited by 76 publications

(87 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The technical support for that version and hence the frequency of update patches will then begin to decline. This s-shaped behavior shown in Figure 4 can be described by a time-based model introduced earlier by Alhazmi and Malaiya [16]. Let y be the cumulative number of vulnerabilities.…”

Section: Modeling the Vulnerability Discovery Processmentioning

confidence: 96%

“…The similarity of the plots in the later phase suggests that Windows 98 and Windows 95 shared a significant fraction of the code. The installed base of Windows 98 peaked during 1999-2000 [16]. At some time after this, the discovery rates of vulnerabilities in both versions slowed down.…”

Section: An Examination Of the Remaining Vulnerabilitiesmentioning

confidence: 99%

“…The slope is significantly sharper than for Windows 98. The sharpness of the curve for XP is explained by its fast adoption rate [16], making finding vulnerabilities in XP more rewarding. Windows 98 has showed a longer learning phase followed by a linear accumulation, later followed by saturation.…”

Section: An Examination Of the Remaining Vulnerabilitiesmentioning

confidence: 99%

“…Unlike the two previous figures, we do not observe a prominent time-lag between the two. The reason is that both of them gained installed base gradually [16]. The use of NT peaked around end of 2001, but its share did not drop dramatically as the share for Win2000 grew.…”

Section: An Examination Of the Remaining Vulnerabilitiesmentioning

confidence: 99%

“…Anderson [15] has proposed a model for a vulnerability-finding rate using a thermodynamics analogy. Alhazmi and Malaiya [16] have presented two models for the process of vulnerabilities discovery using data for Windows 98 and NT 4.0. In the current work we focus on the density of defects in software that constitute vulnerabilities, using data from five versions of Windows and two versions of Red Hat Linux.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Security Vulnerabilities in Software Systems: A Quantitative Perspective

Alhazmi

Malaiya

Ray

2005

Data and Applications Security XIX

View full text Add to dashboard Cite

Abstract. Security and reliability are important attributes of complex software systems. It is now common to use quantitative methods for evaluating and managing reliability. In this work we examine the feasibility of quantitatively characterizing some aspects of security.In particular, we investigate if it is possible to predict the number of vulnerabilities that can potentially be identified in a future release of a software system. We use several major operating systems as representatives of complex software systems. The data on vulnerabilities discovered in some of the popular operating systems is analyzed. We examine this data to determine if the density of vulnerabilities in a program is a useful measure. We try to identify what fraction of software defects are security related, i.e., are vulnerabilities. We examine the dynamics of vulnerability discovery hypothesizing that it may lead us to an estimate of the magnitude of the undiscovered vulnerabilities still present in the system. We consider the vulnerability-discovery rate to see if models can be developed to project future trends. Finally, we use the data for both commercial and open-source systems to determine whether the key observations are generally applicable. Our results indicate that the values of vulnerability densities fall within a range of values, just like the commonly used measure of defect density for general defects. Our examination also reveals that vulnerability discovery may be influenced by several factors including sharing of codes between successive versions of a software system.

show abstract

Section: Modeling the Vulnerability Discovery Processmentioning

confidence: 96%

Section: An Examination Of the Remaining Vulnerabilitiesmentioning

confidence: 99%

Section: An Examination Of the Remaining Vulnerabilitiesmentioning

confidence: 99%

Section: An Examination Of the Remaining Vulnerabilitiesmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Security Vulnerabilities in Software Systems: A Quantitative Perspective

Alhazmi

Malaiya

Ray

2005

Data and Applications Security XIX

View full text Add to dashboard Cite

show abstract

Modeling Skewness in Vulnerability Discovery

Joh

Malaiya

2013

Quality & Reliability Eng

View full text Add to dashboard Cite

A vulnerability discovery model attempts to model the rate at which the vulnerabilities are discovered in a software product. Recent studies have shown that the S-shaped Alhazmi-Malaiya Logistic (AML) vulnerability discovery model often fits better than other models and demonstrates superior prediction capabilities for several major software systems. However, the AML model is based on the logistic distribution, which assumes a symmetrical discovery process with a peak in the center. Hence, it can be expected that when the discovery process does not follow a symmetrical pattern, an asymmetrical distribution based discovery model might perform better. Here, the relationship between performance of S-shaped vulnerability discovery models and the skewness in target vulnerability datasets is examined. To study the possible dependence on the skew, alternative S-shaped models based on the Weibull, Beta, Gamma and Normal distributions are introduced and evaluated. The models are fitted to data from eight major software systems. The applicability of the models is examined using two separate approaches: goodness of fit test to see how well the models track the data, and prediction capability using average error and average bias measures. It is observed that an excellent goodness of fit does not necessarily result in a superior prediction capability. The results show that when the prediction capability is considered, all the right skewed datasets are represented better with the Gamma distribution-based model. The symmetrical models tend to predict better for left skewed datasets; the AML model is found to be the best among them.

show abstract

A taxonomy framework based on ITU‐TX‐805 security architecture for quantitative determination of computer network vulnerabilities

Mohammadi

Sherkat

Jamporazmey

2012

Security Comm Networks

View full text Add to dashboard Cite

Network vulnerability taxonomy has become increasingly important in the area of information and data exchange for its potential use not only in identification of vulnerabilities but also in their assessment and prioritization. Computer networks play an important role in information and communication infrastructure. However, they are constantly exposed to a variety of vulnerability risks. In their attempts to create secure information exchange systems, scientists have concentrated on understanding the nature and typology of these vulnerabilities. Their efforts aimed at establishing secure networks have led to the development of a variety of methods and techniques for quantifying vulnerability. The objectives of the present paper are twofold: (1) to develop a taxonomy framework for the classification of network vulnerabilities on the basis of the ITU‐TX‐805 security architecture and (2) to develop a method on the basis of the second edition of Common Vulnerability Scoring System for the quantification of vulnerabilities within the proposed taxonomy framework. It is expected that the framework proposed in this paper will provide a comprehensive taxonomic structure that can be extended to all the different aspects of network vulnerability. Furthermore, it will help in the identification and effective management of vulnerabilities by their quantification. Copyright © 2012 John Wiley & Sons, Ltd.

show abstract

Quantitative vulnerability assessment of systems software

Cited by 76 publications

References 8 publications

Security Vulnerabilities in Software Systems: A Quantitative Perspective

Security Vulnerabilities in Software Systems: A Quantitative Perspective

Modeling Skewness in Vulnerability Discovery

A taxonomy framework based on ITU‐TX‐805 security architecture for quantitative determination of computer network vulnerabilities

Contact Info

Product

Resources

About