Classifying common security vulnerabilities by software type

Onyeka Ezenwoye, Yi Liu, William Patten

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Scopus citations

Abstract

The National Vulnerability Database does not identify a type for the software that is impacted by a specified weakness. To gain some insight into the security vulnerability landscape, we classify by software type a total of 51,110 vulnerability entries from 2015 to 2019. The software types are operating system, browser, middleware, utility, web application, framework, and server. This classification shows the pattern of prevalence of software weaknesses and the persistence of weaknesses as they pertain to each software type.

Original languageEnglish (US)
Title of host publicationSEKE 2020 - Proceedings of the 32nd International Conference on Software Engineering and Knowledge Engineering
PublisherKnowledge Systems Institute Graduate School
Pages61-64
Number of pages4
ISBN (Electronic)1891706500
DOIs
StatePublished - 2020
Event32nd International Conference on Software Engineering and Knowledge Engineering, SEKE 2020 - Pittsburgh, Virtual, United States
Duration: Jul 9 2020Jul 19 2020

Publication series

NameProceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE
VolumePartF162440
ISSN (Print)2325-9000
ISSN (Electronic)2325-9086

Conference

Conference32nd International Conference on Software Engineering and Knowledge Engineering, SEKE 2020
Country/TerritoryUnited States
CityPittsburgh, Virtual
Period7/9/207/19/20

Keywords

  • Security
  • Software
  • Taxonomy
  • Vulnerability
  • Weakness

ASJC Scopus subject areas

  • Software

Fingerprint

Dive into the research topics of 'Classifying common security vulnerabilities by software type'. Together they form a unique fingerprint.

Cite this