Studying software vulnerabilities

Robin A. Gandhi, Harvey Siy, Yan Wu

Research output: Chapter in Book/Report/Conference proceedingChapter

  • 8 Citations

Abstract

There have been several research efforts to enumerate and categorize software weaknesses that lead to vulnerabilities. To consolidate these efforts, the Common Weakness Enumeration (CWE) is a community-developed dictionary of software weakness types and their relationships. Yet, using the CWE to study and prevent vulnerabilities in specific software projects is difficult. This article presents a novel approach for using the CWE to organize and integrate the vulnerability information recorded in large project repositories.

LanguageEnglish (US)
Title of host publicationCrossTalk
Pages16-20
Number of pages5
Volume23
Edition9-10
StatePublished - 2010

Fingerprint

Glossaries

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction

Cite this

Gandhi, R. A., Siy, H., & Wu, Y. (2010). Studying software vulnerabilities. In CrossTalk (9-10 ed., Vol. 23, pp. 16-20)

Studying software vulnerabilities. / Gandhi, Robin A.; Siy, Harvey; Wu, Yan.

CrossTalk. Vol. 23 9-10. ed. 2010. p. 16-20.

Research output: Chapter in Book/Report/Conference proceedingChapter

Gandhi, RA, Siy, H & Wu, Y 2010, Studying software vulnerabilities. in CrossTalk. 9-10 edn, vol. 23, pp. 16-20.
Gandhi RA, Siy H, Wu Y. Studying software vulnerabilities. In CrossTalk. 9-10 ed. Vol. 23. 2010. p. 16-20
Gandhi, Robin A. ; Siy, Harvey ; Wu, Yan. / Studying software vulnerabilities. CrossTalk. Vol. 23 9-10. ed. 2010. pp. 16-20
@inbook{e7872506ba044bb0978bc09a75f51551,
title = "Studying software vulnerabilities",
abstract = "There have been several research efforts to enumerate and categorize software weaknesses that lead to vulnerabilities. To consolidate these efforts, the Common Weakness Enumeration (CWE) is a community-developed dictionary of software weakness types and their relationships. Yet, using the CWE to study and prevent vulnerabilities in specific software projects is difficult. This article presents a novel approach for using the CWE to organize and integrate the vulnerability information recorded in large project repositories.",
author = "Gandhi, {Robin A.} and Harvey Siy and Yan Wu",
year = "2010",
language = "English (US)",
volume = "23",
pages = "16--20",
booktitle = "CrossTalk",
edition = "9-10",

}

TY - CHAP

T1 - Studying software vulnerabilities

AU - Gandhi, Robin A.

AU - Siy, Harvey

AU - Wu, Yan

PY - 2010

Y1 - 2010

N2 - There have been several research efforts to enumerate and categorize software weaknesses that lead to vulnerabilities. To consolidate these efforts, the Common Weakness Enumeration (CWE) is a community-developed dictionary of software weakness types and their relationships. Yet, using the CWE to study and prevent vulnerabilities in specific software projects is difficult. This article presents a novel approach for using the CWE to organize and integrate the vulnerability information recorded in large project repositories.

AB - There have been several research efforts to enumerate and categorize software weaknesses that lead to vulnerabilities. To consolidate these efforts, the Common Weakness Enumeration (CWE) is a community-developed dictionary of software weakness types and their relationships. Yet, using the CWE to study and prevent vulnerabilities in specific software projects is difficult. This article presents a novel approach for using the CWE to organize and integrate the vulnerability information recorded in large project repositories.

UR - http://www.scopus.com/inward/record.url?scp=77956769752&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=77956769752&partnerID=8YFLogxK

M3 - Chapter

VL - 23

SP - 16

EP - 20

BT - CrossTalk

ER -