Repository logo
 

Vulnerability discovery in multiple version software systems: open source and commercial software systems

dc.contributor.authorKim, Jin Yoo, author
dc.contributor.authorMalaiya, Yashwant K., advisor
dc.contributor.authorJayasumana, Anura P., committee member
dc.contributor.authorRay, Indrakshi, committee member
dc.date.accessioned2007-01-03T04:43:05Z
dc.date.available2007-01-03T04:43:05Z
dc.date.issued2007
dc.descriptionDepartment Head: L. Darrell Whitley.
dc.description.abstractThe vulnerability discovery process for a program describes the rate at which the vulnerabilities are discovered. A model of the discovery process can be used to estimate the number of vulnerabilities likely to be discovered in the near future. Past studies have considered vulnerability discovery only for individual software versions, without considering the impact of shared code among successive versions and the evolution of source code. These affecting factors in vulnerability discovery process need to be taken into account estimate the future software vulnerability discovery trend more accurately. This thesis examines possible approaches for taking these factors into account in the previous works. We implemented these factors on vulnerability discovery process. We examine a new approach for quantitatively vulnerability discovery process, based on shared source code measurements among multiple version software system. The applicability of the approach is examined using Apache HTTP Web server and Mysql DataBase Management System (DBMS). The result of this approach shows better goodness of fit than fitting result in the previous researches. Using this revised software vulnerability discovery process, the superposition effect which is an unexpected vulnerability discovery in the previous researches could be determined by software discovery model. The multiple software vulnerability discovery model (MVDM) shows that vulnerability discovery rate is different with single vulnerability discovery model's (SVDM) discovery rate because of newly considered factors. From these result, we create and applied new SVDM for open source and commercial software. This single vulnerability process is examined, and the model testing result shows that SVDM can be an alternative modeling. The modified vulnerability discovery model will be presented for supporting previous researches' weakness, and the theoretical modeling will be discuss for more accurate explanation.
dc.format.mediummasters theses
dc.identifier2007_summer_Kim_COMS.pdf
dc.identifierETDF2007100001COMS
dc.identifier.urihttp://hdl.handle.net/10217/26808
dc.languageEnglish
dc.language.isoeng
dc.publisherColorado State University. Libraries
dc.relationCatalog record number (MMS ID): 991024394269703361
dc.relationQA76.76.C68.K56 2007
dc.relation.ispartof2000-2019
dc.rightsCopyright and other restrictions may apply. User is responsible for compliance with all applicable laws. For information about copyright law, please see https://libguides.colostate.edu/copyright.
dc.titleVulnerability discovery in multiple version software systems: open source and commercial software systems
dc.typeText
dcterms.rights.dplaThis Item is protected by copyright and/or related rights (https://rightsstatements.org/vocab/InC/1.0/). You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s).
thesis.degree.disciplineComputer Science
thesis.degree.grantorColorado State University
thesis.degree.levelMasters
thesis.degree.nameMaster of Science (M.S.)

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
2007_summer_Kim_COMS.pdf
Size:
856.97 KB
Format:
Adobe Portable Document Format
Description: