Modeling the delivery of security advisories and CVEs
نویسندگان
چکیده
This empirical paper models three structural factors that are hypothesized to affect the turnaround times between the publication of security advisories and Common Vulnerabilities and Exposures (CVEs). The three structural factors are: (i) software product age at the time of advisory release; (ii) severity of vulnerabilities coordinated; and (iii) amounts of CVEs referenced in advisories. Although all three factors are observed to provide only limited information for statistically predicting the turnaround times in a dataset comprised of Microsoft, openSUSE, and Ubuntu operating system products, the paper outlines new research directions for better understanding the current problems related to vulnerability coordination.
منابع مشابه
A Survey of Security issues in Collaborative Virtual Environment
Collaborative virtual environments (CVEs) are computerenabled distributed systems that allow multiple users to work on different computers which are interconnected through different networks to interact in a shared virtual world. The security of CVE system becomes an important part of the system, because a weakness in CVEs might lead unpleasant results. In this paper, we survey the CVE systems ...
متن کاملFormal approach on modeling and predicting of software system security: Stochastic petri net
To evaluate and predict component-based software security, a two-dimensional model of software security is proposed by Stochastic Petri Net in this paper. In this approach, the software security is modeled by graphical presentation ability of Petri nets, and the quantitative prediction is provided by the evaluation capability of Stochastic Petri Net and the computing power of Markov chain. Each...
متن کاملOptimal Strategies of Increasing Business Alignment, in Social Security Organization, with Quality Function Deployment (QFD) Approach
Considering the importance of the concept of strategic alignment of information technology (IT) in today economic organizations, this study attempted to extract the organization's IT strategies in order to increase the degree of strategic alignment and consequently the optimal strategies in the field of marketing and service delivery for social security organization. Using QFD technique and hie...
متن کاملZero-inflated negative binomial modeling, efficiency for analysis of length of maternity hospitalization
Background: Mothers’ delivery is one of the most common hospitalization factors throughout the world and it’s modeling can explain distribution and effective factors on rising and decreasing of it. The objective of the present study was a suitable modeling for mother hospitalization time and comparing it with different models. Materials & Methods: Present study is an observational and cross-s...
متن کاملA Game Theoretic Approach in Strategy Generation for Moving Target Defense in Web Applications
The present complexity in designing web applications makes software security a difficult goal to achieve. An attacker can explore a deployed service on the web and attack at his/her own leisure. Moving Target Defense (MTD) in web applications is an effective mechanism to nullify this advantage of their reconnaissance but the framework demands a good switching strategy when switching between mul...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Comput. Sci. Inf. Syst.
دوره 14 شماره
صفحات -
تاریخ انتشار 2017