Vulnerability Prediction Models (VPMs) are used to predict vulnerability-prone modules and now many software security metrics have been proposed. In this paper, we predict vulnerability-prone components. Based on software network graph we define component cohesion and coupling metrics which are used as security metrics to build the VPM. To validate the prediction performance, we conduct an empirical study on Firefox 3.6. We compare the results with other works’, it shows that our model has a good performance in the accuracy, precision, and recall, and indicate that the proposed metrics are also effective in vulnerability prediction.
CITATION STYLE
Wei, S., Du, X., Hu, C., & Shan, C. (2017). Predicting vulnerable software components using software network graph. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10581 LNCS, pp. 280–290). Springer Verlag. https://doi.org/10.1007/978-3-319-69471-9_21
Mendeley helps you to discover research relevant for your work.