• norsk
    • English
  • norsk 
    • norsk
    • English
  • Logg inn
Vis innførsel 
  •   Hjem
  • Øvrige samlinger
  • Publikasjoner fra CRIStin - NTNU
  • Vis innførsel
  •   Hjem
  • Øvrige samlinger
  • Publikasjoner fra CRIStin - NTNU
  • Vis innførsel
JavaScript is disabled for your browser. Some features of this site may not work without it.

Vulnerability Discovery Modelling With Vulnerability Severity

Ankur, Shukla; Katt, Basel; Nweke, Livinus Obiora
Peer reviewed, Journal article
Accepted version
Thumbnail
Åpne
Ankur (274.0Kb)
Permanent lenke
https://hdl.handle.net/11250/2651590
Utgivelsesdato
2019
Metadata
Vis full innførsel
Samlinger
  • Institutt for informasjonssikkerhet og kommunikasjonsteknologi [1563]
  • Publikasjoner fra CRIStin - NTNU [19793]
Originalversjon
10.1109/CICT48419.2019.9066187
Sammendrag
Web browsers are primary targets of attacks because of their extensive uses and the fact that they interact with sensitive data. Vulnerabilities present in a web browser can pose serious risk to millions of users. Thus, it is pertinent to address these vulnerabilities to provide adequate protection for personally identifiable information. Research done in the past has showed that few vulnerability discovery models (VDMs) highlight the characterization of vulnerability discovery process. In these models, severity which is one of the most crucial properties has not been considered. Vulnerabilities can be categorized into different levels based on their severity. The discovery process of each kind of vulnerabilities is different from the other. Hence, it is essential to incorporate the severity of the vulnerabilities during the modelling of the vulnerability discovery process. This paper proposes a model to assess the vulnerabilities present in the software quantitatively with consideration for the severity of the vulnerabilities. It is possible to apply the proposed model to approximate the number of vulnerabilities along with vulnerability discovery rate, future occurrence of vulnerabilities, risk analysis, etc. Vulnerability data obtained from one of the major web browsers (Google Chrome) is deployed to examine goodness-of-fit and predictive capability of the proposed model. Experimental results justify the fact that the model proposed herein can estimate the required information better than the existing VDMs.
Utgiver
Institute of Electrical and Electronics Engineers (IEEE)
Tidsskrift
IEEE Conference Publication

Kontakt oss | Gi tilbakemelding

Personvernerklæring
DSpace software copyright © 2002-2019  DuraSpace

Levert av  Unit
 

 

Bla i

Hele arkivetDelarkiv og samlingerUtgivelsesdatoForfattereTitlerEmneordDokumenttyperTidsskrifterDenne samlingenUtgivelsesdatoForfattereTitlerEmneordDokumenttyperTidsskrifter

Min side

Logg inn

Statistikk

Besøksstatistikk

Kontakt oss | Gi tilbakemelding

Personvernerklæring
DSpace software copyright © 2002-2019  DuraSpace

Levert av  Unit