Assessing computer security vulnerability
ACM SIGOPS Operating Systems Review
Security in computing
A Metrics Suite for Object Oriented Design
IEEE Transactions on Software Engineering
Software Security: Building Security In
Software Security: Building Security In
Companion of the 30th international conference on Software engineering
A systematic method for generating quality requirements spectrum
Proceedings of the 2009 ACM symposium on Applied Computing
Spectrum Analysis for Quality Requirements by Using a Term-Characteristics Map
CAiSE '09 Proceedings of the 21st International Conference on Advanced Information Systems Engineering
Can complexity, coupling, and cohesion metrics be used as early indicators of vulnerabilities?
Proceedings of the 2010 ACM Symposium on Applied Computing
The fluid software metadata framework (FSM)
Proceedings of the 2nd ACM SIGCHI symposium on Engineering interactive computing systems
A comparison of software design security metrics
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
Using complexity, coupling, and cohesion metrics as early indicators of vulnerabilities
Journal of Systems Architecture: the EUROMICRO Journal
SSL VPNs: SSL VPN and return on investment: A possible combination
Network Security
Improving software security using search-based refactoring
SSBSE'12 Proceedings of the 4th international conference on Search Based Software Engineering
Hi-index | 0.00 |
Software security metrics are measurements to assess security related imperfections (or perfections) introduced during software development. A number of security metrics have been proposed. However, all the perspectives of a software system have not been provided specific attention. While most security metrics evaluate software from a system-level perspective, it can also be useful to analyze defects at a lower level, i.e., at the source code level. To address this issue, we propose some code-level security metrics which can be used to suggest the level of security of a code segment. We provide guidelines about where and how these metrics can be used to improve source code structures. We have also conducted two case studies to demonstrate the applicability of the proposed metrics.