Issue No. 02 - March-April (2004 vol. 2)
Kanta Jiwnani , University of Maryland
Marvin Zelkowitz , University of Maryland
Testing for security is lengthy, complex, and costly, so focusing test efforts in areas that have the greatest number of security vulnerabilities is essential. This article describes a taxonomy-based approach that gives an insight into the distribution of vulnerabilities in a system.
M. Zelkowitz and K. Jiwnani, "Susceptibility Matrix: A New Aid to Software Auditing," in IEEE Security & Privacy, vol. 2, no. , pp. 16-21, 2004.