Distributed Monitoring in Ad Hoc Networks: Conformance and Security Checking
ADHOC-NOW '08 Proceedings of the 7th international conference on Ad-hoc, Mobile and Wireless Networks
An advanced approach for modeling and detecting software vulnerabilities
Information and Software Technology
Measuring and ranking attacks based on vulnerability analysis
Information Systems and e-Business Management
| Hi-index | 0.00 |
When vulnerabilities are discovered in software, which often happens after deployment, they must be addressed as part of ongoing software maintenance. A mature software development organization should analyze vulnerabilities in order to determine how they, and similar vulnerabilities, can be prevented in the future. In this paper we present a structured method for analyzing and documenting the causes of software vulnerabilities. Applied during software maintenance, the method generates the information needed for improving the software development process, to prevent similar vulnerabilities in future releases. Our approach is based on vulnerability cause graphs, a structured representation of causes of software vulnerabilities.