Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
MTZ-Fachkongress

Antriebe und Energiesysteme von morgen


Austausch von Automobil- und Energiewirtschaft

Am 14./15. Mai geht es in Chemnitz um die Mobilitätswende durch Elektro- und Wasserstofffahrzeuge.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Nth-Order Multifunction Filter Employing Current Differencing Transconductance Amplifiers Kapitel lesen Erstes Kapitel lesen

2015 | OriginalPaper | Buchkapitel

Predicting Severity of Software Vulnerability Based on Grey System Theory

verfasst von : Jinkun Geng, Daren Ye, Ping Luo

Erschienen in: Algorithms and Architectures for Parallel Processing

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Vulnerabilities usually represents the risk level of software, therefore, it is of high value to predict vulnerabilities so as to evaluate the security level of software. Current researches mainly focus on predicting the number of vulnerabilities or the occurrence time of vulnerabilities, however, to our best knowledge, there are no other researches focusing on the prediction of vulnerabilities’ severity, which we think is an important aspect reflecting vulnerabilities and software security. To compensate for this deficiency, we propose a novel method based on grey system theory to predict the severity of vulnerabilities. The experiment is carried on the real data collected from CVE and proves the feasibility of our predicting method.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Program Obfuscator for Privacy-Carrying Unidirectional One-hop Re-encryption
Nächstes Kapitel Characterization of Android Applications with Root Exploit by Using Static Feature Analysis
Literatur
1.
2.
Gürbüz, H.G., Er, N.P., Tekinerdogan, B.: Architecture framework for software safety. In: Amyot, D., Casas, P.F., Mussbacher, G. (eds.) SAM 2014. LNCS, vol. 8769, pp. 64–79. Springer, Heidelberg (2014)
3.
Yafang, H., Yanzhao, L., Ping, L.: Ssrgm: software strong reliability growth model based on failure loss. In: 2012 Fifth International Symposium on Parallel Architectures, Algorithms and Programming (PAAP), pp. 255–261 (2012)
4.
Yanzhao, L., Lei, Z., Ping, L., Yao, Y.: Research of trustworthy software system in the network. In: 2012 Fifth International Symposium on Parallel Architectures, Algorithms and Programming (PAAP), pp. 287–294 (2012)
5.
Leveson, N.G.: Software safety: why, what, and how. ACM Comput. Surv. 18(2), 125–163 (1986)CrossRef
6.
7.
Alhazmi, O.H., Malaiya, Y.K.: Quantitative vulnerability assessment of systems software. In: Proceedings of Annual Reliability and Maintainability Symposium, pp. 615–620 (2005)
8.
Alhazmi, O., Malaiya, Y.: Prediction capabilities of vulnerability discovery models. In: Proceedings of the RAMS 2006, Annual Reliability and Maintainability Symposium, pp. 86–91 (2006)
9.
Rahimi, S., Zargham, M.: Vulnerability scrying method for software vulnerability discovery prediction without a vulnerability database. IEEE Trans. Reliab. 62(2), 395–407 (2013)CrossRef
10.
Shin, Y., Williams, L.: An empirical model to predict security vulnerabilities using code complexity metrics. In: Proceedings of ESEM 2008, pp. 315–317 (2008)
11.
Scandariato, R., Walden, J., Hovsepyan, A., Joosen, W.: Predicting vulnerable software components via text mining. IEEE Trans. Softw. Eng. 40(10), 1 (2014)CrossRef
12.
Shin, Y., Meneely, A., Williams, L., Osborne, J.A.: Evaluating complexity, code churn, and developer activity metrics as indicators of software vulnerabilities. IEEE Trans. Softw. Eng. 37(6), 772–787 (2010)CrossRef
13.
Shin, Y., Williams, L.: Is complexity really the enemy of software security?. In: ACM Conference on Computer and Communications Security, pp. 47–50 (2008)
14.
Rescorla, E.: Is finding security holes a good idea? IEEE Secur. Priv. Mag. 3(1), 14–19 (2005)CrossRef
15.
Kayacan, E., Ulutas, B., Kaynak, O.: Grey system theory-based models in time series prediction. Expert Syst. Appl. 37(2), 1784–1789 (2010)CrossRef
16.
Bauer, L., Garriss, S., McCune, J.M., Reiter, M.K., Rouse, J., Rutenbar, P.: Device-enabled authorization in the grey system. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 431–445. Springer, Heidelberg (2005)CrossRef
17.
Shin, Y., Williams, L.: Can traditional fault prediction models be used for vulnerability prediction? Empirical Softw. Eng. 18(1), 25–59 (2013)CrossRef
18.
19.
Forecasting electricity demand using Grey-Markov model. In: 2008 International Conference on Machine Learning and Cybernetics, pp. 1244–1248. IEEE (2008)
20.
Chen, C.I., Chen, H.L., Chen, S.P.: Forecasting of foreign exchange rates of Taiwan’s major trading partners by novel nonlinear Grey Bernoulli model NGBM(1, 1). Commun. Nonlinear Sci. Numer. Simul. 13(6), 1194–1204 (2008)CrossRef
21.
Rotchana, I., Salam, P.A., Kumar, S., et al.: Forecasting of municipal solid waste quantity in a developing country using multivariate grey models. Waste Manag. 39, 3–14 (2015)CrossRef
22.
Hamzacebi, C., Es, H.A.: Forecasting the annual electricity consumption of Turkey using an optimized grey model. Energy 70(3), 165–171 (2014). As the access to this document is restricted, you may want to look for a different version under “Related research” (further below) or for a different version of itCrossRef
23.
Xie, N.M., Liu, S.F., Yang, Y.J., et al.: On novel grey forecasting model based on non-homogeneous index sequence. Appl. Math. Model. 37(7), 5059–5068.27 (2013)MathSciNetCrossRef
24.
Truong, D.Q., Ahn, K.K.: Wave prediction based on a modified grey model MGM(1,1) for real-time control of wave energy converters in irregular waves. Renew. Ener. 43, 242–255 (2012)CrossRef
25.
Wang, Z.X., Dang, Y.G., Pei, L.L.: Modeling approach for oscillatory sequences based on GM(1,1) power model. Syst. Eng. Electron. 33(11), 2440–2444 (2011). (In Chinese)MATH
26.
Wang, Z.X.: Grey forecasting method for small sample oscillating sequences based on Fourier series. Control Decis. 29(2), 270–274 (2014). (In Chinese)MATH
27.
Wang, Z.X.: Oscillating GM(1,1) power model and its application. Control Decis. 28, 1459–1464 (2013). (In Chinese)
Metadaten
Titel
Predicting Severity of Software Vulnerability Based on Grey System Theory
verfasst von
Jinkun Geng
Daren Ye
Ping Luo
Copyright-Jahr
2015
Buch
Algorithms and Architectures for Parallel Processing

Print ISBN: 978-3-319-27160-6

Electronic ISBN: 978-3-319-27161-3

Copyright-Jahr: 2015

DOI
https://doi.org/10.1007/978-3-319-27161-3_13

Premium Partner

    Bildnachweise