1 |
O.H. Alhazmi, Y.K. Malaiya, and I. Ray, "Security Vulnerabilities in Software Systems: A Quantitative Perspective," in Proceedings of the Working Conference on Data and Information Security, pp. 281-294, 2005.
|
2 |
H. Okamura, M. Tokuzane, and T. Dohi, "Quantitative Security Evaluation for Software System from Vulnerability Database," Journal of Software Engineering and Applications, vol. 6, no. 4A, pp. 15-23, 2013.
DOI
|
3 |
A. Singh, R. K. Bansal, and N. Jha, "Open Source Software vs Proprietary Software," International Journal of Computer Applications, vol. 114 no. 18, pp. 26-31, 2015.
DOI
|
4 |
S. Dhir and S. Dhir, "Adoption of open-source software versus proprietary software: An exploratory study," Strategic Change, vol. 26, no. 4, pp. 363-371, 2017.
DOI
|
5 |
S. Sridhar, K. Altinkemer, and J. Rees, "Software Vulnerabilities: Open Source versus Proprietary Software Security," in Preceedings of Americas Conference on Information Systems, Omaha, Nebraska, USA, Aug. 2005.
|
6 |
O. H. Alhazmi and Y. K. Malaiya, "Prediction capabilities of vulnerability discovery models," in Proceedings of annual reliability and maintainability symposium, pp. 86-91, 2006.
|
7 |
D. Nettleton, Commercial Data Mining, Chapter 6 -Selection of Variables and Factor Derivation, M. Kaufmann and et al. (Eds.), Boston, pp. 79-104, 2014.
|
8 |
Y. K. Malaiya, N. Karunanithi, and P. Verma, "Predicta-bility of software reliability models," IEEE Transa-ctions on Reliability, vol. 41, no. 4, pp. 539-546, 1992.
DOI
|
9 |
N. Ullah, M. Morisio, and A. Vetro, "A Comparative Analysis of Software Reliability Growth Models using Defects Data of Closed and Open Source Software," in Proceedings of the 35th Annual IEEE Software Engineering Workshop, Greece, pp. 187-192, Oct. 2012.
|
10 |
F.K. Wai, L.W. Yong, D.M. Divakaran, and V.L.L. Thing, "Predicting vulnerability discovery rate using past versions of a software," in Proceedings of the 2018 IEEE International Conference on Service Operations and Logistics, and Informatics, pp. 220-225, 2018.
|
11 |
A. Kaya, A.S. Keceli, C. Catal, and B. Tekinerdogan, "The impact of feature types, classifiers, and data balancing techniques on software vulnerability prediction models," Journal of Software Evolution and Process, vol. 31, no. 9, 2019.
|
12 |
C.P. Pfleeger and S. L. Pfleeger, Security in Computing, 3rd ed., Prentice Hall PTR, 2003.
|
13 |
L. Allodi, "Economic Factors of Vulnerability Trade and Exploitation," in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, TX, USA, pp. 1483-1499, 2017.
|
14 |
K. Scarfone and P. Mell, "An Analysis of CVSS Version 2 Vulnerability Scoring," in Proceedings of the 2009 International Symposium on Empirical Software Engineering and Measurement, pp. 516-525, 2009.
|
15 |
O.H. Alhazmi and Y.K. Malaiya, "Application of Vulnerability Discovery Models to Major Operating Systems," IEEE Transactions on Reliability, vol. 57, no. 1, pp. 14-22, 2008.
DOI
|
16 |
H. Joh, "Assessing Web Browser Security Vulnerabilities with respect toCVSS," Journal of Korea Multimedia Society, vol. 18, no. 2, pp. 199-206, 2015.
DOI
|
17 |
Qualys Inc., "The Laws of Vulnerabilities 2.0" in Black hat 2009, 28 July 2009; https://www.qualys.com/docs/laws-of-vulnerabilities-2.0.pdf
|
18 |
H.K. Browne, W. A. Arbaugh, J. McHugh, and W.L. Fithen, "A trend analysis of exploitation', in Proceedings of IEEE Symposium on Security and Privacy, pp. 214-229, May 2001.
|
19 |
H. Joh and Y. K. Malaiya, "Modeling Skewness in Vulnerability Discovery," Quality and Reliability Engineering International, vol. 30, no. 8, pp. 1445-1459, 2014.
DOI
|
20 |
A. Boulanger, "Open-source versus proprietary software: Is one more reliable and secure than the other?," IBM Systems Journal, vol. 44, no. 2, pp. 239-248, 2005.
DOI
|
21 |
S. H. Houmb, V. N. Franqueira, and E. A. Engum, "Quantifying Security Risk Level from CVSS Estimates of Frequency and Impact," Journal of Systems and Software, vol. 83, no. 9, pp. 1622-1634, 2010.
DOI
|