Vulnerability discovery in multiple version software systems: open source and commercial software systems
| dc.contributor.author | Kim, Jin Yoo, author | |
| dc.contributor.author | Malaiya, Yashwant K., advisor | |
| dc.contributor.author | Jayasumana, Anura P., committee member | |
| dc.contributor.author | Ray, Indrakshi, committee member | |
| dc.date.accessioned | 2007-01-03T04:43:05Z | |
| dc.date.available | 2007-01-03T04:43:05Z | |
| dc.date.issued | 2007 | |
| dc.description | Department Head: L. Darrell Whitley. | |
| dc.description.abstract | The vulnerability discovery process for a program describes the rate at which the vulnerabilities are discovered. A model of the discovery process can be used to estimate the number of vulnerabilities likely to be discovered in the near future. Past studies have considered vulnerability discovery only for individual software versions, without considering the impact of shared code among successive versions and the evolution of source code. These affecting factors in vulnerability discovery process need to be taken into account estimate the future software vulnerability discovery trend more accurately. This thesis examines possible approaches for taking these factors into account in the previous works. We implemented these factors on vulnerability discovery process. We examine a new approach for quantitatively vulnerability discovery process, based on shared source code measurements among multiple version software system. The applicability of the approach is examined using Apache HTTP Web server and Mysql DataBase Management System (DBMS). The result of this approach shows better goodness of fit than fitting result in the previous researches. Using this revised software vulnerability discovery process, the superposition effect which is an unexpected vulnerability discovery in the previous researches could be determined by software discovery model. The multiple software vulnerability discovery model (MVDM) shows that vulnerability discovery rate is different with single vulnerability discovery model's (SVDM) discovery rate because of newly considered factors. From these result, we create and applied new SVDM for open source and commercial software. This single vulnerability process is examined, and the model testing result shows that SVDM can be an alternative modeling. The modified vulnerability discovery model will be presented for supporting previous researches' weakness, and the theoretical modeling will be discuss for more accurate explanation. | |
| dc.format.medium | masters theses | |
| dc.identifier | 2007_summer_Kim_COMS.pdf | |
| dc.identifier | ETDF2007100001COMS | |
| dc.identifier.uri | http://hdl.handle.net/10217/26808 | |
| dc.language | English | |
| dc.language.iso | eng | |
| dc.publisher | Colorado State University. Libraries | |
| dc.relation | Catalog record number (MMS ID): 991024394269703361 | |
| dc.relation | QA76.76.C68.K56 2007 | |
| dc.relation.ispartof | 2000-2019 | |
| dc.rights | Copyright and other restrictions may apply. User is responsible for compliance with all applicable laws. For information about copyright law, please see https://libguides.colostate.edu/copyright. | |
| dc.title | Vulnerability discovery in multiple version software systems: open source and commercial software systems | |
| dc.type | Text | |
| dcterms.rights.dpla | This Item is protected by copyright and/or related rights (https://rightsstatements.org/vocab/InC/1.0/). You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s). | |
| thesis.degree.discipline | Computer Science | |
| thesis.degree.grantor | Colorado State University | |
| thesis.degree.level | Masters | |
| thesis.degree.name | Master of Science (M.S.) |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- 2007_summer_Kim_COMS.pdf
- Size:
- 856.97 KB
- Format:
- Adobe Portable Document Format
- Description: