Conference ProceedingsOPEN ACCESS

Poster: Towards automated quantitative analysis and forecasting of vulnerability discoveries in Debian GNU/Linux

Proceedings of the ACM Conference on Computer and Communications Security (2019) 2677-2679
DOI: 10.1145/3319535.3363285
1Citations
Citations of this article
24Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Quantitative analysis and forecasting of software vulnerability discoveries is important for patching cost and time estimation, and as input to security metrics and risk assessment methodologies. However, as of now, quantitative studies (a) require considerable manual effort, (b) make use of noisy datasets, and (c) are especially challenging to reproduce. In this poster abstract we describe our ongoing work towards quantitative analysis of vulnerabilities in Debian GNU/Linux packages. We focus on the challenges of making the process as automated and reproducible as possible, while collecting good-quality data necessary for the analysis. We then state a number of interesting hypotheses that can be investigated, and present preliminary results.

Author supplied keywords

Cite

CITATION STYLE

APA

Alexopoulos, N., Egert, R., Grube, T., & Mühlhäuser, M. (2019). Poster: Towards automated quantitative analysis and forecasting of vulnerability discoveries in Debian GNU/Linux. In Proceedings of the ACM Conference on Computer and Communications Security (pp. 2677–2679). Association for Computing Machinery. https://doi.org/10.1145/3319535.3363285

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free