A Vulnerability Discovery Model (VDM) uses discovery event data with software reliability models for predicting the same. A thorough presentation of VDM techniques is available in.[1] Numerous model implementations are available in the
MCMCBayes open source repository. Several VDM examples include:
Alhazmi-Malaiya: Time based model (Alhazmi-Malaiya Logistic (AML) model)[2]
^Johnston, Reuben (August 31, 2018). A Multivariate Bayesian Approach to Modeling Vulnerability Discovery in the Software Security Lifecycle (PhD). The George Washington University.
^
abO. H. Alhazmi and Y. K. Malaiya, “Quantitative
vulnerability assessment of systems software,” in Proc. Annual Reliability and Maintainability Symposium, January 2005, pp. 615–620.
^E. Rescola, “Is finding security holes a good idea?,” Security and Privacy, pp. 14–19, Jan./Feb. 2005.
^R. J. Anderson, “Security in open versus closed systems—The dance of Boltzmann, Coase and Moore,” in
Open Source Software: Economics, Law and Policy. Toulouse, France, June 20–21, 2002.
^HyunChul Joh, Jinyoo Kim, Yashwant K. Malaiya, "Vulnerability Discovery Modeling Using
Weibull Distribution," issre, pp. 299–300, 2008 19th International Symposium on
Software Reliability Engineering, 2008.
^Anand, Adarsh; Bhatt, Navneet (2016-05-12). "Vulnerability Discovery Modeling and Weighted Criteria Based Ranking". Journal of the Indian Society for Probability and Statistics. 17 (1): 1–10.
doi:
10.1007/s41096-016-0006-4.
ISSN2364-9569.
S2CID111649745.
A Vulnerability Discovery Model (VDM) uses discovery event data with software reliability models for predicting the same. A thorough presentation of VDM techniques is available in.[1] Numerous model implementations are available in the
MCMCBayes open source repository. Several VDM examples include:
Alhazmi-Malaiya: Time based model (Alhazmi-Malaiya Logistic (AML) model)[2]
^Johnston, Reuben (August 31, 2018). A Multivariate Bayesian Approach to Modeling Vulnerability Discovery in the Software Security Lifecycle (PhD). The George Washington University.
^
abO. H. Alhazmi and Y. K. Malaiya, “Quantitative
vulnerability assessment of systems software,” in Proc. Annual Reliability and Maintainability Symposium, January 2005, pp. 615–620.
^E. Rescola, “Is finding security holes a good idea?,” Security and Privacy, pp. 14–19, Jan./Feb. 2005.
^R. J. Anderson, “Security in open versus closed systems—The dance of Boltzmann, Coase and Moore,” in
Open Source Software: Economics, Law and Policy. Toulouse, France, June 20–21, 2002.
^HyunChul Joh, Jinyoo Kim, Yashwant K. Malaiya, "Vulnerability Discovery Modeling Using
Weibull Distribution," issre, pp. 299–300, 2008 19th International Symposium on
Software Reliability Engineering, 2008.
^Anand, Adarsh; Bhatt, Navneet (2016-05-12). "Vulnerability Discovery Modeling and Weighted Criteria Based Ranking". Journal of the Indian Society for Probability and Statistics. 17 (1): 1–10.
doi:
10.1007/s41096-016-0006-4.
ISSN2364-9569.
S2CID111649745.