| 基于市场占有率的操作系统安全漏洞检测模型 |
| |
| 引用本文: | 吴彩华,刘俊涛,朱小冬,叶飞. 基于市场占有率的操作系统安全漏洞检测模型[J]. 计算机科学, 2009, 36(4): 159-162 |
| |
| 作者姓名: | 吴彩华 刘俊涛 朱小冬 叶飞 |
| |
| 作者单位: | 军械工程学院6系维修工程研究所,石家庄,050003;军械工程学院5系软件工程教研室,石家庄,050003 |
| |
| 摘 要: | 操作系统等系统软件中的安全漏洞本质上是一种没有满足软件安全性的缺陷.对安全漏洞的检测过程进行深入研究能够使安全测试人员合理分配测试资源,更准确地评估软件的安全性.深入分析了影响操作系统软件安全漏洞检测的因素,认为安全漏洞检测速度与软件的市场占有率、已发现漏洞数和未发现漏洞数成正比.在此基础上建立了基于市场占有率的漏洞检测模型.该模型表明:在软件发布之前只会暴露少量安全漏洞;某些安全漏洞最终不会被检测到.这两个结论已被实际的数据证实.最后用提出的模型分析了三种流行操作系统的漏洞检测数据集.与同类模型相比,模型具有更好的拟合能力与预测能力.
|
| 关 键 词: | 安全漏洞 安全性评估 漏洞检测 |
| 收稿时间: | 2008-05-05 |
Vulnerability Discovery Model Based on Market Share for Operating Systems |
| |
| WU Cai-hua,LIU Jun-tao,ZHU Xiao-dong,YE Fei. Vulnerability Discovery Model Based on Market Share for Operating Systems[J]. Computer Science, 2009, 36(4): 159-162 |
| |
| Authors: | WU Cai-hua LIU Jun-tao ZHU Xiao-dong YE Fei |
| |
| Affiliation: | Maintenance Engineering Institute;Department Six;Mechanism Engineering College;Shijiazhuang 050003 China;Sect.Software Engineering;Department Five;Shijiazhuang 050003;China |
| |
| Abstract: | Essentially,vulnerability is a kind of software defect dissatisfying the security requirements.Research on the process of vulnerability discovery can help the security testers assign the resource correctly and then evaluate the security of the system accurately.The factors influencing the vulnerability discovery were analyzed,and then it is concluded that the change rate of the cumulative number of vulnerabilities is in direct proportion to the market share of the software,number of discovered vulnerabiliti... |
| |
| Keywords: | Vulnerability Security evaluation Vulnerability discovery |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
点击此处可从《计算机科学》下载全文 |
