|
|||||
|
|
| 一种多周期漏洞发布预测模型 | |
| 引用本文: | 陈恺,冯登国,苏璞睿,聂楚江,张晓菲.一种多周期漏洞发布预测模型[J].软件学报,2010,21(9):2367-2375. |
| 作者姓名: | 陈恺 冯登国 苏璞睿 聂楚江 张晓菲 |
| 作者单位: | 1. 中国科学院,研究生院,信息安全国家重点实验室,北京,100049;中国科学院,软件研究所,信息安全国家重点实验室,北京,100190;信息安全共性技术国家工程研究中心,北京,100190 2. 中国科学院,研究生院,信息安全国家重点实验室,北京,100049;中国科学院,软件研究所,信息安全国家重点实验室,北京,100190 3. 中国科学院,软件研究所,信息安全国家重点实验室,北京,100190 4. 中国信息安全产品测评认证中心,北京,100089 |
| 基金项目: | Supported by the National Natural Science Foundation of China under Grant Nos.60703076, 60970028 (国家自然科学基金); the National High-Tech Research and Development Plan of China under Grant Nos.2006AA01Z412, 2007AA01Z451, 2007AA01Z475, 2007AA01Z465, 2007AA01A414 |
| 摘 要: | 提出了一种多周期漏洞发布预测模型,描述了漏洞发现数量与时间的关系,预测漏洞发布过程.该模型引入周期概念,扩展了原单一增长过程的漏洞发布预测模型,增大了现有模型的适用范围.提出了相关参数的计算方法与初值选取方法,对8个版本的Windows操作系统进行实验分析.结果表明,该模型增加了预测过程的有效性,同时提高了预测结果的准确性. |
| 关 键 词: | 漏洞 预测 模型 多周期 CSF |
| 收稿时间: | 9/3/2008 12:00:00 AM |
| 修稿时间: | 2009/4/10 0:00:00 |
Multi-Cycle Vulnerability Discovery Model for Prediction |
|
| CHEN Kai,FENG Deng-Guo,SU Pu-Rui,NIE Chu-Jiang and ZHANG Xiao-Fei.Multi-Cycle Vulnerability Discovery Model for Prediction[J].Journal of Software,2010,21(9):2367-2375. | |
| Authors: | CHEN Kai FENG Deng-Guo SU Pu-Rui NIE Chu-Jiang and ZHANG Xiao-Fei |
| Abstract: | This paper presents a multi-cycle vulnerability discovery model which shows the vulnerability discovery process and the relationship between the number of vulnerabilities and their release time. The model makes use of a cycle, which expands the scope of old models. A method is proposed to compute the parameters of this model to fit the discover process of the target software. Different rules are also given to find the initial values. Experiments are made on eight Windows operating systems. The results show that this model is more effective and more accurate than current models. |
| Keywords: | vulnerability predict model multi-cycle CSF |
| 本文献已被 万方数据 等数据库收录! | |
| 点击此处可从《软件学报》浏览原始摘要信息 | |
| 点击此处可从《软件学报》下载全文 | |