Trust and risk assessment model of popular software based on known vulnerabilities
Abstract
Full Text:
PDFReferences
S. Zhang, X. Ou, and D. Caragea, "Predicting Cyber Risks through National Vulnerability Database," emph{Information Security Journal: A Global Perspective}, vol.24, 2015, pp. 194-206, DOI: 10.1080/19393555.2015.1111961
S. Zhang, D. Caragea, and X. Ou, "An Emperical Study on Using the National Vulnerability Database to Predict Software Vulnerabilities," emph{LNCS 6860}, 2011, pp. 217-231, DOI: 10.1007/978-3-642-23088-2_15
K. Ingols, M. Chu, R. Lippmann, S. Webster, S. Boyer, "Modeling modern network attacks and countermeasures using attack graphs," emph{Annual Computer Security Conference}, ACSAC, 2009, DOI: 10.1109/ACSAC.2009.21
M. McQueen, T. McQueen, W. Boyer, M. Chaffin, "Empirical estimates and observations of 0day vulnerabilities," emph{42nd Hawaii International Conference on System Sciences}, 2009, pp. 1-12
A. Ozment, Vulnerability Discovery & Software Security, emph{PhD thesis}, University of Cambridge, 2007
A. Felkner, "Review and analysis of sources of information about vulnerabilities," emph{Przegląd telekomunikacyjny i wiadomości telekomunikacyjne}, vol. 8-9/2016, 2016, pp. 929-933, DOI: 10.15199/59.2016.8-9.37
Symantec http://www.symantec.com/security_response/landing/vulnerabilities.jsp - access date: 02.05.2017
Common Vulnerabilities and Exposures (CVE) http://www.cve.mitre.org/ access date: 02.05.2017
Dragonsoft vulnerability database http://vdb.dragonsoft.com/ - access date: 02.05.2016, currently not accessible
National Vulnerability Database http://nvd.nist.gov/ access date: 02.05.2017
SecurityFocus http://www.securityfocus.com/vulnerabilities/ - access date: 02.05.2017
Security Tracker http://www.securitytracker.com/ - access date: 02.05.2017
US-CERT vulnerability notes database http://www.kb.cert.org/vuls/ - access date: 02.05.2017
The Computer Incident Response Center Luxembourg http://cve.circl.lu/ - access date: 02.05.2017
CVEdetails http://www.cvedetails.com/ - access date: 02.05.2017
Fulldisclosure http://seclists.org/fulldisclosure/ - access date: 02.05.2017
Exploit-db http://www.exploit-db.com/ - access date: 02.05.2017
Intelligent Exploit http://www.intelligentexploit.com/ - access date: 02.05.2016, currently not accessible
Metasploit (Rapid7) https://www.rapid7.com/db/ - access date: 02.05.2017
Sans http://isc.sans.edu/diary/ - access date:02.05.2017
Vulnerability-lab http://www.vulnerability-lab.com - access date:02.05.2017
Vulners.com https://vulners.com/ - access date:02.05.2017
Vfeed https://github.com/toolswatch/vFeed - access date:02.05.2017
CPE dcitionary: https://cpe.mitre.org/ - access date:02.05.2017
Refbacks
- There are currently no refbacks.
International Journal of Electronics and Telecommunications
is a periodical of Electronics and Telecommunications Committee
of Polish Academy of Sciences
eISSN: 2300-1933