Empirical relation between coupling and attackability in software systems: A case study on DOS

PLAS 2006 - Proceedings of the 2006 Programming Languages and Analysis for Security Workshop

Volumn 2006, Issue , 2006, Pages 57-64

  Liu, Michael Yanguo ^a   Traore, Issa ^a  

^a UNIVERSITY OF VICTORIA   (Canada)

Author keywords

Attackability; Denial of Service; Security Engineering; Software Metrics; Software Quality

Indexed keywords

COMPUTER SOFTWARE; CORRELATION METHODS; REGRESSION ANALYSIS; SECURITY OF DATA;

ATTACKABILITY; DENIAL OF SERVICE; SECURITY ENGINEERING; SOFTWARE METRICS; SOFTWARE QUALITY;

COMPUTER PROGRAMMING LANGUAGES;

EID: 33745963755     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (15)

1. S. Brocklehurst, B. Littlewood, T. Olovsson, E. Johsson, On Measurement of Operational Security, Proceedings of the 9th Annual Conference on Computer Assurance, 1994.
2. A. Chou, J. Yang, B. Chelf, S. Hallen, D. Engler, An empirical study of operating systems errors, ACM Symposium on Operating Systems Principles, Oct. 2001, pp. 73-88.
3. E. N. Fenton, M. Meil, A Critique of Software Defect Prediction Models, IEEE Transaction on Software Engineering, VOL, 25, No. 3, May/June, 1999.
4. J. Gray, A census of tandem system availability between 1985 and 1990, IEEE Transactions on Software Engineering, vol. 39, no. 4, Oct. 1990.
5. M. Howard, J. Pincus. J. M. Wing, Measuring Relative Attack Surfaces, Proceeding of Workshop on Advanced Developments in Software and System Security, 2003.
6. B. Littlewood, S. Brocklehurst, E. N. Fenton, P. Mellor, S. Page, D. Wright, Towards Operational Measures of Computer Security, Journal of Computer Security 2.2/3 (1993) p. 211-229.
7. I. Lee, R. Iyer, Faults, Symptoms, And Software Fault Tolerance In The Tandem GUARDIAN Operating System, Proceedings of the International Symposium on Fault-Tolerant Computing, 1993.
8. M. Y. Liu, I. Troare, UML-based Security Measures of Software Products. International Workshop on Methodologies for Pervasive and Embedded Software (MOMPES'04), 4th International Conference on Application of Concurrency to System Design (ACSD-04), Hamilton, Ontario, Canada, June 2004.
9. R. Ortalo, Y. Deswarte, M. Kaaniche, Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security. IEEE Transactions on Software Engineering 25,5 (1999) p.633-650.
10. M. Sullivan, R. Chillarge, Software Defects And Their Impact On System 118 Availability, Proceedings of the International Symposium on Fault-Tolerant Computing, June 1991.
11. J. Voas, A. Ghosh, G. McGraw, F. Charron, K. Miller, Defining an Adaptive Software Security Metric from a Dynamic Software Failure Tolerance Measure, Proceedings of the 11th Annual Conference on Computer Assurance, 1996.
12. M. Andrews, J. A. Whittaker, How to Break Web Software, Addison-Wekley, 2005.
13. http://www.javaperformancetuning.com/tools/jprobe/
14. http://tomcat.apache.org/
15. http://www.eviews.com/eviews4/