Software Risk Assessment for Windows Operating Systems with respect to CVSS
HyunChul Joh
Additional contact information
HyunChul Joh: Department of Computer Engineering, Kyungil University, Gyeongsan City, Gyeongbuk 38428, South Korea
European Journal of Engineering and Technology Research, 2019, vol. 4, issue 11, 41-45
Abstract:
CVSS is recognized as a de facto standard for categorizing and measuring software vulnerabilities in both how easy for exploitation for the given security bug and how much impact on a system having the vulnerability in a sense of the three security factors. Meanwhile, since the early 2000s, quantitative risk assessments of software systems had been able to be examined thanks to the accumulated enough datasets for a scientific investigation. However, there are still a lot of research attempts not to be taken in a quantitative examination of software risk assessments. In this paper, we are quantitatively analyzing CVSS scores in vulnerabilities from the three most recent Windows products, namely, Windows 7, Windows 8.1 and Windows 10. The result shows that AML vulnerability discovery model represents Windows vulnerability discovery trend reasonably. Furthermore, we found explicitly that, most of the time, security bugs are compromised with no authentication required systems. This result is corresponding with the output from the previous research based on Web browsers.
Keywords: Software Security Vulnerability; Windows OSes; CVSS; Quantitative Software Risk Assessment. (search for similar items in EconPapers)
Date: 2019
References: Add references at CitEc
Citations:
Downloads: (external link)
https://eu-opensci.org/index.php/ejeng/article/view/61610 Abstract page (text/html)
https://eu-opensci.org/index.php/ejeng/article/download/61610/12275 Full text (application/pdf)
Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.
Export reference: BibTeX
RIS (EndNote, ProCite, RefMan)
HTML/Text
Persistent link: https://EconPapers.repec.org/RePEc:epw:ejeng0:v:4:y:2019:i:11:id:61610
DOI: 10.24018/ejeng.2019.4.11.1610
Access Statistics for this article
More articles in European Journal of Engineering and Technology Research from European Open Science
Bibliographic data for series maintained by Support ().