Visible to the public Vulnerability Prediction Based on Weighted Software Network for Secure Software Building

Submitted by grigby1 on Tue, 11/12/2019 - 4:25pm
TitleVulnerability Prediction Based on Weighted Software Network for Secure Software Building
Publication TypeConference Paper
Year of Publication2018
AuthorsWei, Shengjun, Zhong, Hao, Shan, Chun, Ye, Lin, Du, Xiaojiang, Guizani, Mohsen
Conference Name2018 IEEE Global Communications Conference (GLOBECOM)
ISBN Number978-1-5386-4727-1
KeywordsComplexity theory, Metrics, prediction model, Predictive models, predictive security metrics, program testing, pubcrawl, public security vulnerabilities, secure communications software, secure software building, security, security of data, software metrics, Software Security Metrics, software security testing, software system, Software systems, vulnerability prediction models, vulnerable classes, vulnerable software modules, weighted software network
Abstract

To build a secure communications software, Vulnerability Prediction Models (VPMs) are used to predict vulnerable software modules in the software system before software security testing. At present many software security metrics have been proposed to design a VPM. In this paper, we predict vulnerable classes in a software system by establishing the system's weighted software network. The metrics are obtained from the nodes' attributes in the weighted software network. We design and implement a crawler tool to collect all public security vulnerabilities in Mozilla Firefox. Based on these data, the prediction model is trained and tested. The results show that the VPM based on weighted software network has a good performance in accuracy, precision, and recall. Compared to other studies, it shows that the performance of prediction has been improved greatly in Pr and Re.
URLhttps://ieeexplore.ieee.org/document/8647583
DOI10.1109/GLOCOM.2018.8647583
Citation Keywei_vulnerability_2018
Groups: