Statistical analysis of security violations in computer software

This paper provides an statistical analysis of a large number of security incidents reported over the last five years. These incidents are categorized based on the operating system platform used and the type of vulnerability exploited. This analysis shows that incidents of security breaches have occurred in nearly every operating system, and the exploitation of the buffer overflow problem, insecure/incorrect access control, privilege elevation, and denial of service constitute a significant majority of security attacks today.