TY - GEN
T1 - Predicting vulnerable software components using software network graph
AU - Wei, Shengjun
AU - Du, Xiaojiang
AU - Hu, Changzhen
AU - Shan, Chun
N1 - Publisher Copyright:
© 2017, Springer International Publishing AG.
PY - 2017
Y1 - 2017
N2 - Vulnerability Prediction Models (VPMs) are used to predict vulnerability-prone modules and now many software security metrics have been proposed. In this paper, we predict vulnerability-prone components. Based on software network graph we define component cohesion and coupling metrics which are used as security metrics to build the VPM. To validate the prediction performance, we conduct an empirical study on Firefox 3.6. We compare the results with other works’, it shows that our model has a good performance in the accuracy, precision, and recall, and indicate that the proposed metrics are also effective in vulnerability prediction.
AB - Vulnerability Prediction Models (VPMs) are used to predict vulnerability-prone modules and now many software security metrics have been proposed. In this paper, we predict vulnerability-prone components. Based on software network graph we define component cohesion and coupling metrics which are used as security metrics to build the VPM. To validate the prediction performance, we conduct an empirical study on Firefox 3.6. We compare the results with other works’, it shows that our model has a good performance in the accuracy, precision, and recall, and indicate that the proposed metrics are also effective in vulnerability prediction.
KW - Component cohesion and coupling
KW - Software network
KW - Software security
KW - Vulnerability prediction
UR - http://www.scopus.com/inward/record.url?scp=85034251228&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-69471-9_21
DO - 10.1007/978-3-319-69471-9_21
M3 - Conference contribution
AN - SCOPUS:85034251228
SN - 9783319694702
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 280
EP - 290
BT - Cyberspace Safety and Security - 9th International Symposium, CSS 2017, Proceedings
A2 - Wu, Wei
A2 - Castiglione, Aniello
A2 - Wen, Sheng
PB - Springer Verlag
T2 - 9th International Symposium on Cyberspace Safety and Security, CSS 2017
Y2 - 23 October 2017 through 25 October 2017
ER -