Vulnerability Discovery Model
Vulnerability Discovery Model (VDM) is used to estimate future vulnerability discovery process/trend. There are several VDMs:
- Alhazmi-Malaiya: Time based model (Alhazmi-Malaiya Logistic (AML) model)[1]
- Alhazmi-Malaiya: Effort based model[1]
- Rescorla: Quadratic Model and Exponential Model [2]
- Anderson: Thermodynamic Model[3]
- Kim: Weibull Model[4]
- Linear Model
- Hump-Shaped Model[5]
- Independent and Dependent Model[6]
- Vulnerability Discovery Modeling using Bayesian model averaging[7]
See also
- Attack (computing)
- Computer security
- Information security
- IT risk
- Threat (computer)
- Vulnerability (computing)
References
- ^ a b O. H. Alhazmi and Y. K. Malaiya, “Quantitative vulnerability assessment of systems software,” in Proc. Annual Reliability and Maintainability Symposium, January 2005, pp. 615–620.
- ^ E. Rescola, “Is finding security holes a good idea?,” Security and Privacy, pp. 14–19, Jan./Feb. 2005.
- ^ R. J. Anderson, “Security in open versus closed systems—The dance of Boltzmann, Coase and Moore,” in Open Source Software: Economics, Law and Policy. Toulouse, France: , June 20–21, 2002.
- ^ HyunChul Joh, Jinyoo Kim, Yashwant K. Malaiya, "Vulnerability Discovery Modeling Using Weibull Distribution," issre, pp. 299–300, 2008 19th International Symposium on Software Reliability Engineering, 2008.
- ^ Anand, Adarsh; Bhatt, Navneet (2016-05-12). "Vulnerability Discovery Modeling and Weighted Criteria Based Ranking". Journal of the Indian Society for Probability and Statistics. 17 (1): 1–10. doi:10.1007/s41096-016-0006-4. ISSN 2364-9569.
- ^ "VDM" (PDF).
{{cite web}}: Cite has empty unknown parameter:|dead-url=(help) - ^ Johnston; et al. (March 2019). "Bayesian-model averaging using MCMCBayes for web-browser vulnerability discovery". Reliability Engineering & System Safety. 183: 341–359. doi:10.1016/j.ress.2018.11.030.
{{cite journal}}: Explicit use of et al. in:|author=(help)