Measuring Software Security Using Improved CWE Base Scores

Thumbnail Image

Files

paper16.pdf (601.19 KB)

Links to Files

http://ceur-ws.org/Vol-3052/paper16.pdf

Permanent Link

http://hdl.handle.net/11603/24068

Collections

UMBC Information Systems Department
UMBC Faculty Collection
UMBC Student Collection

Author/Creator

Author/Creator ORCID

https://orcid.org/0000-0002-2208-0801

Date

2021-11

Type of Work

conference papers and proceedings
Text

Department

Program

Citation of Original Publication

"Nourin, Sabrina Mamtaz, George Karabatis and Foteini Cheirdari Argiropoulos. Measuring Software Security Using Improved CWE Base Scores. Proceedings of the CIKM 2021 Workshops, Gold Coast, Queensland, Australia, November 1-5, 2021. http://ceur-ws.org/Vol-3052/paper16.pdf."

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
Attribution 4.0 International (CC BY 4.0)

Subjects

Abstract

Increasing the security of a software system by decreasing the number of its vulnerabilities has been a major objective of any organization. Therefore, it is important to identify a measure that indicates the security level of the software system. This paper presents a scoring method to measure the security posture of a software system. This novel scoring method for Common Weakness Enumeration (CWE)s considers semantic information in order to increase the accuracy of the score and provides a better outlook of the security posture of a software system using full automation.