A Framework For Classification Software Security Using Common Vulnerabilities And Exposures

Hassan, Nor Hafeizah (2018) A Framework For Classification Software Security Using Common Vulnerabilities And Exposures. Doctoral thesis, UTeM.

[img] Text (24 Pages)
A Framework For Classification Software Security Using Common Vulnerrabilities And Exposures.pdf - Submitted Version

Download (756kB)
[img] Text (Full Text)
A Framework For Classification Software Security Using Common Vulnerabilities And Exposures.pdf - Submitted Version
Restricted to Registered users only

Download (4MB)

Abstract

The main research aim is to investigate what information is necessary to make a formal vulnerability pattern representation.This is done through the usage of formal Backus-Naur-Form syntax for the execution and presented with newly created vulnerability flow diagram.Some future works were also proposed to further enhance the elements in the secured soft-ware process framework.This thesis focuses on the research and development of the design, formalization and translation of the vulnerability classification pattern through a framework using common vulnerabilities and exposures data.To achieve this aim, the following work was carried out.First step is to create and conceptualized necessary meta-process.Second step is to specify the relationship between the classifiers and vulnerability classification pat-terns. This inclusive of the investigation of vulnerability classification objectives,processes,classifiers and focus domains among prominent framework.Final step is to construct the framework by establishing the formal presentation of the vulnerability classification algo-rithm.The validation process was conducted empirically using statistical method to assess the accuracy and consistency by using the precision and recall rate of the algorithm on five data sets each with 500 samples.The findings show a significant result with precision's error rate or p value is between 0.01 and 0.02 with error rate for recall's error rate is between 0.02 and 0.04.Another validation was conducted to verify the correctness of the classification by using expert opinions,and the results showed that the ambiguity of several cases were subdue. Formal-based classification framework with notation may increase accuracy and vi-sualization compared with hierarchy-tree only,but the conclusion remains tentative because of methodological limitation in the studies.

Item Type: Thesis (Doctoral)
Uncontrolled Keywords: Computer software, Reliability, Computer software, Development, Software Security
Subjects: Q Science > Q Science (General)
Q Science > QA Mathematics > QA76 Computer software
Divisions: Library > Tesis > FTMK
Depositing User: Mohd. Nazir Taib
Date Deposited: 04 Sep 2019 03:33
Last Modified: 03 Feb 2022 10:34
URI: http://eprints.utem.edu.my/id/eprint/23353
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item