loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Daniel Hein and Hossein Saiedian

Affiliation: University of Kansas, United States

Keyword(s): Secure Software Engineering, Software Vulnerability, Information Security, Vulnerability Prediction Model.

Related Ontology Subjects/Areas/Topics: Computer-Supported Education ; Enterprise Information Systems ; Information Systems Analysis and Specification ; Information Technologies Supporting Learning ; Security ; Security and Privacy

Abstract: Identification of attack-prone entities is a crucial step toward improving the state of information security in modern software based systems. Recent work in the fields of empirical software engineering and defect prediction show promise toward identifying and prioritizing attack prone entities using information extracted from software version control repositories. Equipped with knowledge of the most vulnerable entities, organizations can efficiently allocate resources to more effectively leverage secure software development practices, isolating and expunging vulnerabilities before they are released in production products. Such practices include security reviews, automated static analysis, and penetration testing, among others. Efficiently focusing secure development practices on entities of greatest need can help identify and eliminate vulnerabilities in a more cost effective manner when compared to wholesale application for large products.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.222.121.160

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Hein, D. and Saiedian, H. (2016). Predicting Attack Prone Software Components using Repository Mined Change Metrics. In Proceedings of the 2nd International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-167-0; ISSN 2184-4356, SciTePress, pages 554-563. DOI: 10.5220/0005812905540563

@conference{icissp16,
author={Daniel Hein and Hossein Saiedian},
title={Predicting Attack Prone Software Components using Repository Mined Change Metrics},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy - ICISSP},
year={2016},
pages={554-563},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005812905540563},
isbn={978-989-758-167-0},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy - ICISSP
TI - Predicting Attack Prone Software Components using Repository Mined Change Metrics
SN - 978-989-758-167-0
IS - 2184-4356
AU - Hein, D.
AU - Saiedian, H.
PY - 2016
SP - 554
EP - 563
DO - 10.5220/0005812905540563
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic