1 resultado para VULNERABILITIES
em Coffee Science - Universidade Federal de Lavras
Filtro por publicador
- University of Cagliari UniCA Eprints (1)
- Abertay Research Collections - Abertay University’s repository (1)
- Academic Research Repository at Institute of Developing Economies (1)
- AMS Tesi di Dottorato - Alm@DL - Università di Bologna (1)
- AMS Tesi di Laurea - Alm@DL - Università di Bologna (1)
- Andina Digital - Repositorio UASB-Digital - Universidade Andina Simón Bolívar (1)
- Aquatic Commons (6)
- Archive of European Integration (5)
- Archivo Digital para la Docencia y la Investigación - Repositorio Institucional de la Universidad del País Vasco (1)
- Aston University Research Archive (6)
- B-Digital - Universidade Fernando Pessoa - Portugal (1)
- Biblioteca de Teses e Dissertações da USP (3)
- Biblioteca Digital | Sistema Integrado de Documentación | UNCuyo - UNCUYO. UNIVERSIDAD NACIONAL DE CUYO. (1)
- Biblioteca Digital da Câmara dos Deputados (1)
- Biblioteca Digital da Produção Intelectual da Universidade de São Paulo (4)
- Biblioteca Digital da Produção Intelectual da Universidade de São Paulo (BDPI/USP) (1)
- Biblioteca Digital de la Universidad Católica Argentina (1)
- Biblioteca Digital de Teses e Dissertações Eletrônicas da UERJ (12)
- BORIS: Bern Open Repository and Information System - Berna - Suiça (9)
- Boston University Digital Common (3)
- Brock University, Canada (1)
- Cambridge University Engineering Department Publications Database (1)
- CentAUR: Central Archive University of Reading - UK (5)
- Chinese Academy of Sciences Institutional Repositories Grid Portal (3)
- Cochin University of Science & Technology (CUSAT), India (2)
- Coffee Science - Universidade Federal de Lavras (1)
- Comissão Econômica para a América Latina e o Caribe (CEPAL) (17)
- Dalarna University College Electronic Archive (1)
- Deakin Research Online - Australia (71)
- Digital Commons - Michigan Tech (1)
- Digital Commons at Florida International University (8)
- DigitalCommons@The Texas Medical Center (3)
- Doria (National Library of Finland DSpace Services) - National Library of Finland, Finland (3)
- DRUM (Digital Repository at the University of Maryland) (1)
- Duke University (3)
- Ecology and Society (1)
- eResearch Archive - Queensland Department of Agriculture; Fisheries and Forestry (1)
- Glasgow Theses Service (2)
- Illinois Digital Environment for Access to Learning and Scholarship Repository (1)
- Indian Institute of Science - Bangalore - Índia (1)
- Instituto Politécnico de Viseu (1)
- Instituto Superior de Psicologia Aplicada - Lisboa (1)
- Massachusetts Institute of Technology (1)
- Memoria Académica - FaHCE, UNLP - Argentina (3)
- Ministerio de Cultura, Spain (1)
- National Center for Biotechnology Information - NCBI (1)
- Nottingham eTheses (1)
- Portal de Revistas Científicas Complutenses - Espanha (3)
- Portal do Conhecimento - Ministerio do Ensino Superior Ciencia e Inovacao, Cape Verde (1)
- Publishing Network for Geoscientific & Environmental Data (3)
- QSpace: Queen's University - Canada (1)
- QUB Research Portal - Research Directory and Institutional Repository for Queen's University Belfast (27)
- Queensland University of Technology - ePrints Archive (55)
- RCAAP - Repositório Científico de Acesso Aberto de Portugal (13)
- RDBU - Repositório Digital da Biblioteca da Unisinos (1)
- ReCiL - Repositório Científico Lusófona - Grupo Lusófona, Portugal (1)
- Repositório Aberto da Universidade Aberta de Portugal (1)
- Repositório Alice (Acesso Livre à Informação Científica da Embrapa / Repository Open Access to Scientific Information from Embrapa) (1)
- Repositório Científico da Universidade de Évora - Portugal (5)
- Repositório Científico do Instituto Politécnico de Lisboa - Portugal (1)
- Repositorio de la Universidad de Cuenca (1)
- Repositório digital da Fundação Getúlio Vargas - FGV (10)
- Repositório Institucional da Universidade de Aveiro - Portugal (1)
- Repositório Institucional da Universidade de Brasília (4)
- Repositório Institucional da Universidade Estadual de São Paulo - UNESP (1)
- Repositório Institucional da Universidade Federal do Rio Grande - FURG (1)
- Repositório Institucional da Universidade Federal do Rio Grande do Norte (1)
- Repositorio Institucional de la Universidad de Málaga (1)
- Repositório Institucional UNESP - Universidade Estadual Paulista "Julio de Mesquita Filho" (25)
- Research Open Access Repository of the University of East London. (3)
- SAPIENTIA - Universidade do Algarve - Portugal (1)
- Savoirs UdeS : plateforme de diffusion de la production intellectuelle de l’Université de Sherbrooke - Canada (2)
- Universidad de Alicante (1)
- Universidad del Rosario, Colombia (7)
- Universidad Politécnica de Madrid (11)
- Universidade Complutense de Madrid (1)
- Universidade de Lisboa - Repositório Aberto (3)
- Universidade Federal de Uberlândia (1)
- Universidade Federal do Pará (3)
- Universidade Federal do Rio Grande do Norte (UFRN) (9)
- Universidade Técnica de Lisboa (1)
- Universitätsbibliothek Kassel, Universität Kassel, Germany (1)
- Université de Lausanne, Switzerland (2)
- Université de Montréal (4)
- Université de Montréal, Canada (12)
- Université Laval Mémoires et thèses électroniques (1)
- University of Michigan (1)
- University of Queensland eSpace - Australia (3)
- University of Southampton, United Kingdom (1)
- University of Washington (3)
- WestminsterResearch - UK (1)
- Worcester Research and Publications - Worcester Research and Publications - UK (1)
Resumo:
Security defects are common in large software systems because of their size and complexity. Although efficient development processes, testing, and maintenance policies are applied to software systems, there are still a large number of vulnerabilities that can remain, despite these measures. Some vulnerabilities stay in a system from one release to the next one because they cannot be easily reproduced through testing. These vulnerabilities endanger the security of the systems. We propose vulnerability classification and prediction frameworks based on vulnerability reproducibility. The frameworks are effective to identify the types and locations of vulnerabilities in the earlier stage, and improve the security of software in the next versions (referred to as releases). We expand an existing concept of software bug classification to vulnerability classification (easily reproducible and hard to reproduce) to develop a classification framework for differentiating between these vulnerabilities based on code fixes and textual reports. We then investigate the potential correlations between the vulnerability categories and the classical software metrics and some other runtime environmental factors of reproducibility to develop a vulnerability prediction framework. The classification and prediction frameworks help developers adopt corresponding mitigation or elimination actions and develop appropriate test cases. Also, the vulnerability prediction framework is of great help for security experts focus their effort on the top-ranked vulnerability-prone files. As a result, the frameworks decrease the number of attacks that exploit security vulnerabilities in the next versions of the software. To build the classification and prediction frameworks, different machine learning techniques (C4.5 Decision Tree, Random Forest, Logistic Regression, and Naive Bayes) are employed. The effectiveness of the proposed frameworks is assessed based on collected software security defects of Mozilla Firefox.