An Software Vulnerability Number Prediction Model Based on Micro-Parameters

Nie Chujiang; Zhao Xianfeng; Chen Kai; Han Zhengqing

Journal of Computer Research and Development > 2011 > 48(7): 1279-1287.

Nie Chujiang, Zhao Xianfeng, Chen Kai, Han Zhengqing. An Software Vulnerability Number Prediction Model Based on Micro-Parameters[J]. Journal of Computer Research and Development, 2011, 48(7): 1279-1287.

Citation:

PDF (1407 KB)

An Software Vulnerability Number Prediction Model Based on Micro-Parameters

1(State Key Laboratory of Information Security(Institute of Software, Chinese Academy of Sciences), Beijing 100190) 2(State Key Laboratory of Information Security(Graduate University of Chinese Academy of Sciences), Beijing 100049) 3(Institute of Computing Technology of Northern Jiaotong University, Beijing 100029)

More Information

Published Date: July 14, 2011

Graphical Abstract

Abstract

Abstract

As the cost caused by software vulnerabilities keeps increasing, people pay more and more attention to the researches on the vulnerability. Although discovering vulnerability is difficult because of the defect of vulnerability analysis, to predict the number of vulnerabilities is very useful in some domain, such as information security assessment. At present, the main methods to estimate the density of the vulnerabilities focus on the macro level, but they can not reflect the essential of vulnerability. A prediction model based on micro-parameter is proposed to predict the number of vulnerability with the micro-parameters of software, and it extracts the typical micro-parameters from some software series for the purpose of discovering the relationship between the vulnerability number and micro-parameters. With the hypothesis of vulnerability inheriting, the prediction model abstracts the micro-parameters from software and tries to find a linear relationship between the vulnerability number and some micro-parameters. This model also gives a method to predict the vulnerability number of software with its micro-parameters and the vulnerability number of its previous versions. This method is verified with 7 software series, and the results show the prediction model is effective.
- vulnerability predicts,
- software analysis,
- inherited vulnerability,
- history vulnerability,
- microscopic parameters

FullText(HTML)

References (0)

[1]	Liu Yanfang, Li Wenbin, Gao Yang. Adaptive Neighborhood Embedding Based Unsupervised Feature Selection[J]. Journal of Computer Research and Development, 2020, 57(8): 1639-1649. DOI: 10.7544/issn1000-1239.2020.20200219
[2]	Yao Sheng, Xu Feng, Zhao Peng, Ji Xia. Intuitionistic Fuzzy Entropy Feature Selection Algorithm Based on Adaptive Neighborhood Space Rough Set Model[J]. Journal of Computer Research and Development, 2018, 55(4): 802-814. DOI: 10.7544/issn1000-1239.2018.20160919
[3]	Zhang Yuanpeng, Deng Zhaohong, Chung Fu-lai, Hang Wenlong, Wang Shitong. Fast Self-Adaptive Clustering Algorithm Based on Exemplar Score Strategy[J]. Journal of Computer Research and Development, 2018, 55(1): 163-178. DOI: 10.7544/issn1000-1239.2018.20160937
[4]	Gu Lianchao, Cui Lizhen. A Scalable and Self-Adjust Multi-Tenant Data Storage Strategy Under Different SLAs[J]. Journal of Computer Research and Development, 2014, 51(9): 2058-2069. DOI: 10.7544/issn1000-1239.2014.20131339
[5]	Bi Xiaojun, Liu Guo'an, Xiao Jing. Dynamic Adaptive Differential Evolution Based on Novel Mutation Strategy[J]. Journal of Computer Research and Development, 2012, 49(6): 1288-1297.
[6]	Gong Maoguo, Cheng Gang, Jiao Licheng, and Liu Chao. Nondominated Individual Selection Strategy Based on Adaptive Partition for Evolutionary Multi-Objective Optimization[J]. Journal of Computer Research and Development, 2011, 48(4): 545-557.
[7]	Fan Xiaoqin, Jiang Changjun, Fang Xianwen, Ding Zhijun. Dynamic Web Service Selection Based on Discrete Particle Swarm Optimization[J]. Journal of Computer Research and Development, 2010, 47(1): 147-156.
[8]	Zeng Zhiqiang, Wu Qun, Liao Beishui, Zhu Shunzhi. An Improved Working Set Selection Strategy for Sequential Minimal Optimization Algorithm[J]. Journal of Computer Research and Development, 2009, 46(11): 1925-1933.
[9]	Liu Anfeng, Chen Zhigang, Long Guoping, and Zeng Zhiwen. A Resource Optimizing Scheduling Algorithm of Differentiated Service of Double Minimum Balance in Web Clusters[J]. Journal of Computer Research and Development, 2005, 42(11): 1969-1976.
[10]	Xu Mingwei, Hu Chunming, Liu Xudong, and Ma Dianfu. Research and Implementation of Web Service Differentiated QoS[J]. Journal of Computer Research and Development, 2005, 42(4): 669-675.