Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Dynamic Availability Analysis for the Flexible Manufacturing System Based on a Two-Step Stochastic Model Kapitel lesen Erstes Kapitel lesen

2022 | OriginalPaper | Buchkapitel

Analyzing Interrelationships Among Software Vulnerabilities Using Fuzzy DEMATEL Approach

verfasst von : Misbah Anjum, P. K. Kapur, Vernika Agarwal, Vivek Kumar

Erschienen in: Reliability and Maintainability Assessment of Industrial Systems

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

The increasing data infringement is pressuring software organizations to create and maintain secure software. Although, not all assaults can be anticipated or prevented, many can be avoided by eliminating vulnerabilities in software. Security teams must discover a mechanism to understand the interdependence of vulnerabilities after their discovery to identify which security vulnerability pose the greatest risk and demand immediate attention. The limited revenue and the time taken by the software testers put additional pressure to select those with high severity and are being a cause for other severe flaws. Addressing such defects is the main step towards understanding the cause-effect relationship among the vulnerabilities. The present objective is to propose a framework for assessing these interrelationships of various software vulnerabilities by utilizing Fuzzy Decision-making Trial and Evaluation Laboratory (F-DEMATEL). The fuzzy theory assists in the decision mapping, whereas the DEMATEL technique is utilized to illustrate the contextual link between the kinds of vulnerability. The data is validated for software testing company placed in northern India.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Reliability Evaluation and Cost Optimization of Solar Air-Conditioner
Nächstes Kapitel Universal Generating Function Approach for Evaluating Reliability and Signature of All-Digital Protection Systems
Literatur
1.
Gourisetti SNG, Mylrea M, Patangia H (2019) Cybersecurity vulnerability mitigation framework through empirical paradigm (CyFEr): prioritized gap analysis. IEEE Syst J 14(2):1897–1908CrossRef
2.
3.
Gubbi J, Buyya R, Marusic S, Palaniswami M (2013) Internet of Things (IoT): a vision, architectural elements, and future directions. Future Gener Comput Syst 29(7):1645–1660CrossRef
4.
Kapur PK, Pham H, Gupta A, Jha PC (2011) Software reliability assessment with OR applications. Springer, London, p 364CrossRef
5.
6.
Singh UK, Joshi C, Kanellopoulos D (2019) A framework for zero-day vulnerabilities detection and prioritization. J Inf Secur Appl 46:164–172
7.
Huang CC, Lin FY, Lin FYS, Sun YS (2013) A novel approach to evaluate software vulnerability prioritization. J Syst Softw 86(11):2822–2840CrossRef
8.
Shrivastava AK, Sharma R, Kapur PK (2015) Vulnerability discovery model for a software system using stochastic differential equation. In: 2015 international conference on futuristic trends on computational analysis and knowledge management (ABLAZE). IEEE, pp 199–205
9.
Dondo MG (2008) A vulnerability prioritization system using a fuzzy risk analysis approach. In IFIP international information security conference. Springer, Boston, MA, pp 525–540
10.
11.
Liu Q, Zhang Y, Kong Y, Wu Q (2012) Improving VRSS-based vulnerability prioritization using analytic hierarchy process. J Syst Softw 85(8):1699–1708CrossRef
12.
Kimura M (2006) Software vulnerability: definition, modelling, and practical evaluation for e-mail transfer software. Int J Press Vessels Pip 83(4):256–261CrossRef
13.
Okamura H, Tokuzane M, Dohi T (2013) Quantitative security evaluation for software system from vulnerability database. J Softw Eng Appl 06:15CrossRef
14.
Kapur PK, Garg RB (1992) A software reliability growth model for an error-removal phenomenon. Softw Eng J 7(4):291–294CrossRef
15.
Kansal Y, Kapur PK, Kumar U, Kumar D (2017) User-dependent vulnerability discovery model and its interdisciplinary nature. Int J Life Cycle Reliab Saf Eng, Springer 6(1):23–29CrossRef
16.
Younis A, Joh H, Malaiya Y (2011) Modeling learningless vulnerability discovery using a folded distribution. In: Proceedings of SAM, vol 11, pp 617–623
17.
Arora A, Krishnan R, Nandkumar A, Telang R, Yang Y (2004). Impact of vulnerability disclosure and patch availability-an empirical analysis. In: Third workshop on the economics of information security vol 24, pp 1268–1287
18.
Anjum M, Agarwal V, Kapur PK, Khatri SK (2020) Two-phase methodology for prioritization and utility assessment of software vulnerabilities. Int J Syst Assurance Eng Manage 11(2):289–300CrossRef
19.
Liu Q, Zhang Y (2011) VRSS: a new system for rating and scoring vulnerabilities. Comput Commun 34(3):264–273CrossRef
20.
Kazimieras Zavadskas E, Antucheviciene J, Chatterjee P (2019) Multiple-criteria decision-making (MCDM) techniques for business processes information management
21.
Govindan K, Rajendran S, Sarkis J, Murugesan P (2015) Multicriteria decision making approaches for green supplier evaluation and selection: a literature review. J Clean Prod 98:66–83CrossRef
22.
Mardani A, Jusoh A, Zavadskas EK (2015) Fuzzy multiple criteria decision-making techniques and applications–two decades review from 1994 to 2014. Expert Syst Appl 42(8):4126–4148CrossRef
23.
Zhang X, Xu Z (2015) Soft computing based on maximizing consensus and fuzzy TOPSIS approach to interval-valued intuitionistic fuzzy group decision making. Appl Soft Comput 26:42–56CrossRef
24.
Chen N, Xu Z (2015) Hesitant fuzzy ELECTRE II approach: a new way to handle multi-criteria decision-making problems. Inf Sci 2015(292):175–197CrossRef
25.
Anjum M, Kapur PK, Agarwal V, Khatri SK (2020) A framework for prioritizing software vulnerabilities using fuzzy best-worst method. In: 2020 8th international conference on reliability, infocom technologies and optimization (trends and future directions) (ICRITO). IEEE, pp 311–316
26.
Sibal R, Sharma R, Sabharwal S (2017) Prioritizing software vulnerability types using multi-criteria decision-making techniques. Life Cycle Reliab Saf Eng 6(1):57–67CrossRef
27.
Narang S, Kapur PK, Damodaran D, Majumdar R (2018) Prioritizing types of vulnerability on the basis of their severity in multi-version software systems using DEMATEL technique. In: 2018 7th international conference on reliability, infocom technologies and optimization (trends and future directions) (ICRITO). IEEE, pp 162–167
28.
National Vulnerability Database, nvd.nist.gov/, 2020
29.
30.
Agarwal V, Govindan K, Darbari JD, Jha PC (2016) An optimization model for sustainable solutions towards implementation of reverse logistics under collaborative framework. Int J Syst Assurance Eng Manage 7(4):480–487CrossRef
31.
Opricovic S, Tzeng GH (2003) Defuzzification within a multicriteria decision model. Int J Uncertainty, Fuzziness Knowl-Based Syst 11(05):635–652MathSciNetCrossRef
Metadaten
Titel
Analyzing Interrelationships Among Software Vulnerabilities Using Fuzzy DEMATEL Approach
verfasst von
Misbah Anjum
P. K. Kapur
Vernika Agarwal
Vivek Kumar
Copyright-Jahr
2022
Buch
Reliability and Maintainability Assessment of Industrial Systems

Print ISBN: 978-3-030-93622-8

Electronic ISBN: 978-3-030-93623-5

Copyright-Jahr: 2022

DOI
https://doi.org/10.1007/978-3-030-93623-5_13

Premium Partner

    Bildnachweise