1 |
O.H. Alhazmi, Y.K. Malaiya, and I. Ray, “Security Vulnerabilities in Software Systems: A Quantitative Perspective,” Proceeding of IFIP WG11.3 Working Conference on Data and Information Security, pp. 281-294, 2005.
|
2 |
M. Rajab, L. Ballard, N. Jagpal, P. Mavrommatis, D. Nojiri, N. Provos, et al., Trends in Circumventing Web-malware Detection, Technical Report, 2011.
|
3 |
C.P. Pfleeger and S.L. Pfleeger, Security in Computing, Prentice Hall PTR, New Jersey, 2003.
|
4 |
O.H. Alhazmi and Y.K. Malaiya, “Application of Vulnerability Discovery Models to Major Operating Systems,” IEEE Transactions on Reliability, Vol. 57, No. 1, pp. 14-22, 2008.
DOI
|
5 |
H. Joh, “Web Browser Secureness with Respect to CVSS,” Proceeding of the 2014 Fall Conference of the Korea Information Processing Society, Vol. 21, No. 2, pp. 464-465, 2014.
|
6 |
S. Frei, T. Duebendorfer, G. Ollmann, and M. May, Understanding the Web Browser Threat: Examination of Vulnerable Online Web Browser Populations and the “Insecurity Iceberg”, ETH Z urich Tech Report Nr. 288, 2008.
|
7 |
O.H. Alhazmi and Y.K. Malaiya, “Prediction Capabilities of Vulnerability Discovery Models,” Proceeding of Reliability and Maintainability Symposium, pp. 86-91, 2006.
|
8 |
H. Joh and Y.K. Malaiya, “Modeling Skewness in Vulnerability Discovery,” Quality and Reliability Engineering International, Vol. 30, No. 8, pp. 1445-1459, 2014.
DOI
|
9 |
P. Mell, K. Scarfone, and S. Romanosky, CVSS: A complete Guide to the Common Vulnerability Scoring System Version 2.0, Forum of Incident Response and Security Teams, 2007.
|
10 |
S.G. Eick, T.L. Graves, A.F. Karr, J. Marron, and A. Mockus, “Does Code Decay? Assessing the Evidence from Change Management Data,” IEEE Transactions on Software Engineering, Vol. 27, No. 1, pp. 1-12, 2001.
DOI
|
11 |
M. Acer and C. Jackson, “Critical Vulnerability in Browser Security Metrics,” Proceeding of Web 2.0 Security and Privacy, IEEE Symposium on Security and Privacy, Oakland, CA, USA, May 2010.
|
12 |
A. Grosskurth and M. Godfrey, “A Reference Architecture for Web Browsers," Proceeding of the 2005 International Conference on Software Maintenance, Budapest, Hungary, pp. 661-664, Sep. 2005.
|
13 |
K. Scarfone and P. Mell, “An Analysis of CVSS Version 2 Vulnerability Scoring,” Proceeding of 3rd International Symposium on Empirical Software Engineering and Measurement, pp. 516-525, 2009.
|
14 |
I. Mun and S. Oh, “Design and Implementation of A Weakness Analyzer for Mobile Applications,” Journal of Korea Multimedia Society, Vol. 14, No. 10, pp. 1335-1347, 2011.
DOI
ScienceOn
|
15 |
T. Duebendorfer and S. Frei, “Web Browser Security Update Effectiveness,” Proceeding of the 4th International Conference on Critical Information Infrastructures Security, pp. 124-137, 2010.
|
16 |
G. Schryen, “Is Open Source Security a Myth? What do Vulnerability and Patch Data Say?,” Communications of the Association for Computing Machinery, Vol. 54, No. 5, pp. 130-140, 2011.
DOI
|
17 |
F. Akiyama, “An Example of Software System Debugging,” Proceeding of International Federation for Information Processing Congress, pp. 353-379, 1971.
|
18 |
B.T. Compton and C. Withrow, “Prediction and Control of ADA Software Defects,” Journal of Systems and Software, Vol. 12, No. 3, pp. 199-207, 1990.
DOI
|
19 |
L. Hatton, “Reexamining the Fault Density Component Size Connection,” IEEE Software, Vol. 14, No. 2, pp. 89-97, 1997.
DOI
|
20 |
J. Rosenberg, “Some Misconceptions About Lines of Code,” Proceeding of the 4th IEEE International Software Metrics Symposium, pp. 137-142, 1997.
|