Issue No.02 - March-April (2004 vol.2)
Kanta Jiwnani , University of Maryland
Marvin Zelkowitz , University of Maryland
Testing for security is lengthy, complex, and costly, so focusing test efforts in areas that have the greatest number of security vulnerabilities is essential. This article describes a taxonomy-based approach that gives an insight into the distribution of vulnerabilities in a system.
Kanta Jiwnani, Marvin Zelkowitz, "Susceptibility Matrix: A New Aid to Software Auditing", IEEE Security & Privacy, vol.2, no. 2, pp. 16-21, March-April 2004, doi:10.1109/MSECP.2004.1281240