Navneet Bhatt
Department of Operational Research, University of Delhi, Delhi-110007, India.

Adarsh Anand
Department of Operational Research, University of Delhi, Delhi-110007, India.

V. S. S. Yadavalli
Department of Industrial and Systems Engineering, University of Pretoria, Republic of South Africa.

Vijay Kumar
Amity University, Noida, Uttar Pradesh, India.

DOI https://dx.doi.org/10.33889/IJMEMS.2017.2.4-022

  ;

Abstract

With the association of software security assurance in the development of code based systems; software developers are relying on the Vulnerability discovery models to mitigate the breaches by estimating the total number of vulnerabilities, before they’re exploited by the intruders. Vulnerability Discovery Models (VDMs) provide the quantitative classification of the flaws that exists in a software that will be discovered after a software is released. In this paper, we develop a vulnerability discovery model that accumulate the vulnerabilities due to the influence of previously discovered vulnerabilities. We further evaluate the proportion of previously discovered vulnerabilities along with the fraction additional vulnerabilities detected. The quantification methodology presented in this article has been accompanied with an empirical illustration on popular operating systems’ vulnerability data.

Keywords- Vulnerability discovery modeling, Software security, Vulnerability categorization.

Citation

Bhatt, N., Anand, A., Yadavalli, V. S. S., & Kumar, V. (2017). Modeling and Characterizing Software Vulnerabilities. International Journal of Mathematical, Engineering and Management Sciences, 2(4), 288-299. https://dx.doi.org/10.33889/IJMEMS.2017.2.4-022.