Modeling the Delivery of Security Advisories and CVEs
| dc.contributor.author | Ruohonen J | |
| dc.contributor.author | Hyrynsalmi S | |
| dc.contributor.author | Leppanen V | |
| dc.contributor.organization | fi=ohjelmistotekniikka|en=Software Engineering| | |
| dc.contributor.organization-code | 1.2.246.10.2458963.20.71310837563 | |
| dc.contributor.organization-code | 2610302 | |
| dc.converis.publication-id | 26884177 | |
| dc.converis.url | https://research.utu.fi/converis/portal/Publication/26884177 | |
| dc.date.accessioned | 2022-10-28T13:24:25Z | |
| dc.date.available | 2022-10-28T13:24:25Z | |
| dc.description.abstract | This empirical paper models three structural factors that are hypothesized to affect the turnaround times between the publication of security advisories and Common Vulnerabilities and Exposures (CVEs). The three structural factors are: (i) software product age at the time of advisory release; (ii) severity of vulnerabilities coordinated; and (iii) amounts of CVEs referenced in advisories. Although all three factors are observed to provide only limited information for statistically predicting the turnaround times in a dataset comprised of Microsoft, openSUSE, and Ubuntu operating system products, the paper outlines new research directions for better understanding the current problems related to vulnerability coordination. | |
| dc.format.pagerange | 537 | |
| dc.format.pagerange | 555 | |
| dc.identifier.eissn | 2406-1018 | |
| dc.identifier.jour-issn | 1820-0214 | |
| dc.identifier.olddbid | 181863 | |
| dc.identifier.oldhandle | 10024/164957 | |
| dc.identifier.uri | https://www.utupub.fi/handle/11111/38923 | |
| dc.identifier.urn | URN:NBN:fi-fe2021042717245 | |
| dc.language.iso | en | |
| dc.okm.affiliatedauthor | Ruohonen, Jukka | |
| dc.okm.affiliatedauthor | Hyrynsalmi, Sami | |
| dc.okm.affiliatedauthor | Leppänen, Ville | |
| dc.okm.discipline | 113 Computer and information sciences | en_GB |
| dc.okm.discipline | 113 Tietojenkäsittely ja informaatiotieteet | fi_FI |
| dc.okm.internationalcopublication | not an international co-publication | |
| dc.okm.internationality | International publication | |
| dc.okm.type | A1 ScientificArticle | |
| dc.publisher | COMSIS CONSORTIUM | |
| dc.publisher.country | Serbia | en_GB |
| dc.publisher.country | Serbia | fi_FI |
| dc.publisher.country-code | RS | |
| dc.relation.doi | 10.2298/CSIS161010010R | |
| dc.relation.ispartofjournal | Computer Science and Information Systems | |
| dc.relation.issue | 2 | |
| dc.relation.volume | 14 | |
| dc.source.identifier | https://www.utupub.fi/handle/10024/164957 | |
| dc.title | Modeling the Delivery of Security Advisories and CVEs | |
| dc.year.issued | 2017 |
Tiedostot
1 - 1 / 1
Ladataan...
- Name:
- 1820-02141700010R.pdf
- Size:
- 702.18 KB
- Format:
- Adobe Portable Document Format
- Description:
- Publisher's version