Title :
Estimating Software Vulnerabilities
Author :
Jones, Jeffrey R.
Author_Institution :
Microsoft, Redmond
Abstract :
Any given piece of software has some number of publicly disclosed vulnerabilities at any moment, leaving the system exposed to potential attack. A method for identifying and analyzing these vulnerabilities uses public data from easily accessible sources.
Keywords :
computer crime; software metrics; performance metrics; software vulnerability estimation; Computer hacking; Computer industry; Data analysis; Data security; Databases; Delay; Linux; Open source software; Software measurement; Web server; Microsoft; data; software vulnerabilities; vulnerability disclosure;
Journal_Title :
Security & Privacy, IEEE
DOI :
10.1109/MSP.2007.81
