检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:危胜军[1] 何涛 胡昌振[1] 单纯[1] WEI Sheng-jun;HE Tao;HU Chang-zhen;SHAN Chun(School of Software,Bejing Institute of Technology,Beijing 100081,China)
出 处:《北京理工大学学报》2018年第5期525-530,共6页Transactions of Beijing Institute of Technology
基 金:国家自然科学基金资助项目(U1636115)
摘 要:针对软件安全漏洞预测,提出了一种基于组件依赖图的预测方法.基于组件依赖图综合定义了软件代码的复杂性、耦合性以及内聚性指标,同时采用这3类指标建立了机器学习模型对一个组件的漏洞进行预测.以开源软件Mozilla Firefox为实验对象,设计并实现爬虫工具,收集了针对从Mozilla Firefox 1.0到Mozilla Firefox 43的所有版本的公开漏洞.基于这些漏洞数据对预测模型进行训练和测试,结果表明所提出的方法能够有效用于漏洞预测.Aiming at the prediction of vulnerability,a vulnerability prediction method based on the component dependency graph was proposed.Firstly,the complexity,coupling and cohesion metrics of a software component were defined based on the component dependency graph.Then these metrics were used to establish a machine learning model to predict vulnerabilities in a component.Finally,a crawler tool was designed and implemented to collect all public security vulnerabilities in Mozilla Firefox from version 1.0 to version 43.Based on these data,the prediction model was trained and tested.The results show that the proposed metrics are also effective in vulnerability prediction.
分 类 号:TP311.5[自动化与计算机技术—计算机软件与理论]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.171