Author Login Editor-in-Chief Peer Review Editor Work Office Work

Computer Engineering ›› 2010, Vol. 36 ›› Issue (1): 184-186,. doi: 10.3969/j.issn.1000-3428.2010.01.063

• Security Technology • Previous Articles     Next Articles

Research on Classification Attributes of Software Vulnerability

HUANG Ming1,2, ZENG Qing-kai1,2   

  1. (1. State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing 210093;
    2. Department of Computer Science and Technology, Nanjing University, Nanjing 210093)
  • Received:1900-01-01 Revised:1900-01-01 Online:2010-01-05 Published:2010-01-05

软件脆弱性分类属性研究

黄 明1,2,曾庆凯1,2   

  1. (1. 南京大学计算机软件新技术国家重点实验室,南京 210093;2. 南京大学计算机科学与技术系,南京 210093)

Abstract: Aiming at the problems of selecting classification attributes in software vulnerability classification, this paper presents some concepts about software vulnerability, and discusses the basic principles of selecting the objects and the attributes. By comparing and summarizing five typical taxonomies, a new thought of classifying software vulnerabilities is presented. The problems in current researches are analyzed, and corresponding improvements and developing trends are given.

Key words: software vulnerability, classification attribute, taxonomy, security

摘要: 针对软件脆弱性分类中分类属性的选择问题,给出软件脆弱性的基本概念,讨论分类研究的目标及属性选取的基本原则。通过对5种典型分类属性的比较和总结,归纳分类属性的类别,提出一个新的分类思路。根据目前分类研究中存在的问题,给出相应的改进措施及未来的发展方向。

关键词: 软件脆弱性, 分类属性, 分类法, 安全

CLC Number: