Analysis of software vulnerability classification based on different technical parameters

被引:11
|
作者
Garg, Shivi [1 ]
Singh, R. K. [1 ]
Mohapatra, A. K. [1 ]
机构
[1] Indira Gandhi Delhi Tech Univ Women, Informat Technol Dept, New Delhi, India
来源
INFORMATION SECURITY JOURNAL | 2019年 / 28卷 / 1-2期
关键词
Malicious; malware; software; security; taxonomy; vulnerability; EMBEDDED SYSTEMS SECURITY; ATTACK; MODEL;
D O I
10.1080/19393555.2019.1628325
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This paper presents a comprehensive analysis of software vulnerabilities based on different technical parameters. The taxonomy of vulnerabilities presented here offers an insight into their frequency; susceptibility; correlation with instances or events, exploits, and artifacts; and assessment of the successful countermeasures. Furthermore, this paper presents the current state-of-the-art in the domain of software threats and vulnerabilities. In addition, it highlights various methods for identification of different types of vulnerabilities. These methods have their own advantages, associated costs, and inherent risks. The current work would help analyze various threats that a system could face, and subsequently it could guide the security engineer to take quick and cost-effective countermeasures.
引用
收藏
页码:1 / 19
页数:19
相关论文
共 50 条
  • [1] An Automatic Software Vulnerability Classification Framework
    Davari, Maryam
    Zulkernine, Mohammad
    Jaafar, Fehmi
    PROCEEDINGS 2017 INTERNATIONAL CONFERENCE ON SOFTWARE SECURITY AND ASSURANCE (ICSSA), 2017, : 44 - 49
  • [2] Context-Aware Software Vulnerability Classification Using Machine Learning
    Siewruk, Grzegorz
    Mazurczyk, Wojciech
    IEEE ACCESS, 2021, 9 : 88852 - 88867
  • [3] Vulnerability impact analysis in software project dependencies based on Satisfiability Modulo Theories (SMT)
    Marquez, A. German
    Varela-Vaca, Angel Jesus
    Lopez, Maria Teresa Goemez
    Galindo, Jose A.
    Benavides, David
    COMPUTERS & SECURITY, 2024, 139
  • [4] Taxonomic Analysis of Classification Schemes in Vulnerability Databases
    Tripathi, Anshu
    Singh, Umesh Kumar
    2011 6TH INTERNATIONAL CONFERENCE ON COMPUTER SCIENCES AND CONVERGENCE INFORMATION TECHNOLOGY (ICCIT), 2012, : 686 - 691
  • [5] Advisory: Vulnerability analysis in software development project dependencies
    Marquez, German
    Galindo, Jose A.
    Varela-Vaca, Angel Jesus
    Gomez Lopez, Maria Teresa
    Benavides, David
    26TH ACM INTERNATIONAL SYSTEMS AND SOFTWARE PRODUCT LINE CONFERENCE, SPLC 2022, VOL B, 2022, : 99 - 102
  • [6] Vulnerability-Aware Resilient Networks: Software Diversity-Based Network Adaptation
    Zhang, Qisheng
    Cho, Jin-Hee
    Moore, Terrence J.
    Chen, Ing-Ray
    IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, 2021, 18 (03): : 3154 - 3169
  • [7] Vulnerability analysis of GPS receiver software
    Gonzalez, G. Mori
    Petrunin, I.
    Zbikowski, R.
    Voutsis, K.
    Moreno, R. Verdeguer
    2019 INTERNATIONAL CONFERENCE ON LOCALIZATION AND GNSS (ICL-GNSS), 2019,
  • [8] Software Vulnerability Analysis and Discovery Using Deep Learning Techniques: A Survey
    Zeng, Peng
    Lin, Guanjun
    Pan, Lei
    Tai, Yonghang
    Zhang, Jun
    IEEE ACCESS, 2020, 8 : 197158 - 197172
  • [9] Time Lag-Based Modelling for Software Vulnerability Exploitation Process
    Anand A.
    Bhatt N.
    Kaur J.
    Tamura Y.
    Journal of Cyber Security and Mobility, 2021, 10 (04): : 663 - 678
  • [10] LIVABLE: Exploring Long-Tailed Classification of Software Vulnerability Types
    Wen, Xin-Cheng
    Gao, Cuiyun
    Luo, Feng
    Wang, Haoyu
    Li, Ge
    Liao, Qing
    IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2024, 50 (06) : 1325 - 1339
12345