loading
Documentation
  • Login
  • Sign-Up

Research.Publish.Connect.

Paper

Authors: Daniel Hein and Hossein Saiedian

Affiliation: University of Kansas, United States

ISBN: 978-989-758-167-0

Keyword(s): Secure Software Engineering, Software Vulnerability, Information Security, Vulnerability Prediction Model.

Related Ontology Subjects/Areas/Topics: Computer-Supported Education ; Enterprise Information Systems ; Information Systems Analysis and Specification ; Information Technologies Supporting Learning ; Security ; Security and Privacy

Abstract: Identification of attack-prone entities is a crucial step toward improving the state of information security in modern software based systems. Recent work in the fields of empirical software engineering and defect prediction show promise toward identifying and prioritizing attack prone entities using information extracted from software version control repositories. Equipped with knowledge of the most vulnerable entities, organizations can efficiently allocate resources to more effectively leverage secure software development practices, isolating and expunging vulnerabilities before they are released in production products. Such practices include security reviews, automated static analysis, and penetration testing, among others. Efficiently focusing secure development practices on entities of greatest need can help identify and eliminate vulnerabilities in a more cost effective manner when compared to wholesale application for large products.

PDF ImageFull Text

Download
Sign In Guest: Register as new SCITEPRESS user or Join INSTICC now for free.

Sign In SCITEPRESS user: please login.

Sign In INSTICC Members: please login. If not a member yet, Join INSTICC now for free.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 54.225.16.58. INSTICC members have higher download limits (free membership now)

In the current month:
Recent papers: 1 available of 1 total
2+ years older papers: 2 available of 2 total

Paper citation in several formats:
Hein D. and Saiedian H. (2016). Predicting Attack Prone Software Components using Repository Mined Change Metrics.In Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-167-0, pages 554-563. DOI: 10.5220/0005812905540563

@conference{icissp16,
author={Daniel Hein and Hossein Saiedian},
title={Predicting Attack Prone Software Components using Repository Mined Change Metrics},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2016},
pages={554-563},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005812905540563},
isbn={978-989-758-167-0},
}

TY - CONF

JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Predicting Attack Prone Software Components using Repository Mined Change Metrics
SN - 978-989-758-167-0
AU - Hein D.
AU - Saiedian H.
PY - 2016
SP - 554
EP - 563
DO - 10.5220/0005812905540563

Sorted by: Show papers

Note: The preferred Subjects/Areas/Topics, listed below for each paper, are those that match the selected paper topics and their ontology superclasses.
More...

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.

Show authors

Note: The preferred Subjects/Areas/Topics, listed below for each author, are those that more frequently used in the author's papers.
More...