Vulnerability analysis for a quantitative security evaluation

@article{Vache2009VulnerabilityAF,
  title={Vulnerability analysis for a quantitative security evaluation},
  author={Geraldine Vache},
  journal={2009 3rd International Symposium on Empirical Software Engineering and Measurement},
  year={2009},
  pages={526-534}
}
  • Geraldine Vache
  • Published in
    3rd International Symposium…
    2009
  • Computer Science
  • This paper presents the quantitative characterization of vulnerability life cycle and of exploit creation by probability distributions. This work aims at helping the production of quantitative measures of information system security considering system environment. In this paper, we focus on two environmental factors: 1) the vulnerability life cycle and 2) the attacker behaviour. We look for the probability distributions and their parameters that could model quantatively these environmental… CONTINUE READING

    Create an AI-powered research feed to stay up to date with new papers like this posted to ArXiv

    Figures, Tables, and Topics from this paper.

    Citations

    Publications citing this paper.
    SHOWING 1-10 OF 16 CITATIONS

    A Vulnerability Life Cycle-Based Security Modeling and Evaluation Approach

    VIEW 4 EXCERPTS
    CITES BACKGROUND & METHODS
    HIGHLY INFLUENCED

    Évaluation quantitative de la sécurité. Approche basée sur les vulnérabilités

    VIEW 4 EXCERPTS
    CITES BACKGROUND
    HIGHLY INFLUENCED

    A Comprehensive Quality of Service Evaluation in Mimic System

    VIEW 1 EXCERPT
    CITES BACKGROUND

    References

    Publications referenced by this paper.
    SHOWING 1-10 OF 15 REFERENCES

    Assessing the risk of using vulnerable components

    VIEW 1 EXCERPT

    Milk or Wine: Does Software Security Improve with Age?

    VIEW 1 EXCERPT

    Security vulnerability categories in major software systems

    VIEW 1 EXCERPT

    A taxonomy of network and computer attacks

    VIEW 1 EXCERPT

    Is Fiding Security Holes a Good Idea

    • E. Rescola
    • IEEE Security and Privacy,
    • 2005
    VIEW 1 EXCERPT