軟體安全性在現今軟體開發過程中被視為一個相當重要的課題。而軟體安全性評估之度量標準則普遍以軟體弱點數目作為主要的準則。軟體弱點預測模型作為描述和預測未來的軟體弱點數目扮演著重要的角色，適切的軟體弱點預測模型可以幫助專案管理人員決定軟體的釋出時間及降低軟體內部的可能風險。過去的研究顯示Alhazmi-Malaiya Logistic 模型及Weibull distribution模型分別在描述S型曲線和指數型態的軟體弱點分佈有良好的表現。有鑑於軟體弱點模型多有在短時間內快速躍昇的特性，因而將弱點模型與變動點之概念作結合。
本研究就軟體弱點分佈的常態提出具有單一變動點的Alhazmi-Malaiya Logistic 模型及Weibull distribution模型，並提出變動點之選擇方式。基於Android 3.0與Windows XP sp3作為實驗資料之研究分析結果，增加單一變動點之軟體弱點模型在適合度檢定中的表現皆優於未加變動點之原始模型，且與其他軟體弱點預測模型的比較中，顯示出較優異的預測能力。由此可顯示此研究提出之具有單一變動點的Alhazmi-Malaiya Logistic 模型及Weibull distribution模型可以良好的預測軟體弱點分佈型態。

Software security is a crucial issue in software implementation processes. There is a general agreement in literature that software vulnerability metrics are major measures within software product security assessments. A vulnerability discovery model (VDM) describes and predicts software vulnerability occurrence rates and tendencies. Proper VDMs could help to determine the estimated release date while mitigating risk in delivering software products to market. Software reliability growth models (SRGMs) applied to software vulnerability discovery processes exists. However, there have been an increased number of VDMs proposed with increased software security concerns. Among the various models, the Alhazmi-Malaiya logistic model (AML) within the inflection s-shaped model family and Weibull distribution model (WB) within the exponential family show high performance in vulnerability predictions. In this work, we provide an analysis of enhanced VDMs with a single change-point, based on WB and AML. We utilize the model by making the change-point selection adhere to the vulnerability explosion characteristic of the software security-related defects. Our research focuses on seven experimental models’ performance on fitness of vulnerability data in a vast range of software types. The vulnerability data in this work is collected from the National Vulnerability Database (NVD). With the vulnerability data, the capability for a model to fit is demonstrated via diversified fitness tests and criteria. Comparisons are drawn on the data results utilizing seven various models. Models with a change-point perform relatively well due to software vulnerability data curves having similar characteristics. The data curves with rapid jumps show the Weibull distribution model with single change-point (WBCP) and the Alhazmi-Malaiya logistic model with single change-point (AMLCP) better fitting models. Our results have positive implications for analyzing vulnerability distribution.

[1] E. E. Schultz Jr, D. S. Brown, and T. A. Longstaff, Responding to Computer Security Incidents: Guidelines for Incident Handling, Lawrence Livermore National Lab., CA, 1990.
[2] C. P. Pfleeger, and S. L. Pfleeger, Security in Computing, Prentice Hall Professional Technical Reference, 2002.
[3] O. H. Alhazmi, and Y. K. Malaiya, "Modeling the Vulnerability Discovery Process." Proceedings of 16th International Symposium on Software Reliability Engineering (ISSRE 2005), Nov. 2005.
[4] R. Anderson, "Security in Open Versus Closed Systems—the Dance of Boltzmann, Coase and Moore," Open Source Software Economics, 2002.
[5] O. H. Alhazmi, and Y. K. Malaiya, "Measuring and Enhancing Prediction Capabilities of Vulnerability Discovery Models for Apache and IIS HTTP Servers," Proceedings of 17th International Symposium on Software Reliability Engineering (ISSRE 2006), Nov. 2006.
[6] O. H. Alhazmi,, Y. K. Malaiya, and I. Ray, "Measuring, Analyzing and Predicting Security Vulnerabilities in Software Systems," Computers & Security, Vol. 26, No. 3, pp. 219-228, 2007.
[7] E. Rescola, “Is Finding Security Holes a Good Idea?,” IEEE Security and Privacy, Vol. 3, Issue 1, pp.14–19, Feb. 2005.
[8] J. D. Musa, and K. Okumoto, "A Logarithmic Poisson Execution Time Model for Software Reliability Measurement," Proceedings of the 7th international conference on Software engineering, pp. 230–238, Sep. 1984.
[9] H. C. Joh, J. Kim, and Y. K. Malaiya, "Vulnerability Discovery Modeling Using Weibull Distribution," Proceedings of 19th International Symposium on Software Reliability Engineering (ISSRE 2008), pp. 299-300, Nov. 2008.
[10] C. T. Lin and C. Y. Huang, “Enhancing and Measuring the Predictive Capabilities of the Testing-Effort Dependent Software Reliability Models,” Journal of Systems and Software, Vol. 81, Issue 6, pp. 1025-1038, Jun. 2008.
[11] P. K. Kapur, H. Pham, A. Gupta, P. C. Jha, Software Reliability Assessment with OR Applications, Springer, 2011.
[12] O. H. Alhazmi, and Y. K. Malaiya, "Quantitative Vulnerability Assessment of Systems Software," Proceedings of 2005 Annual Reliability and Maintainability Symposium (RAMS'05), Jan. 2005.
[13] M. R. Lyu, Handbook of Software Reliability Engineering, Vol. 222, IEEE computer society press, 1996.
[14] O. H. Alhazmi, and Y. K. Malaiya, "Application of Vulnerability Discovery Models to Major Operating Systems," IEEE Tran. on Reliability, Vol. 57, Issue 1, pp.14-22, Mar. 2008.
[15] F. Massacci, and V. H. Nguyen, "An Empirical Methodology to Evaluate Vulnerability Discovery Models," IEEE Trans. on Software Eng., Vol. 40, Issue 12, pp. 1147-1162, Sep. 2014.
[16] Y. M. Suvorova, M. A. Korotkova, and E. V. Korotkov, "Study of the Paired Change Points in Bacterial Genes," IEEE/ACM Transactions on Computational Biology and Bioinformatics, Vol. 11, No. 5, Dec. 2014.
[17] G. Comert, and A. Bezuglov. "An Online Change-Point-Based Model for Traffic Parameter Prediction," IEEE Transactions on Intelligent Transportation Systems, Vol. 14, Issue 3, pp. 1360-1369, Sep. 2013.
[18] H. Guo, A. Mettas, G. Sarakakis, and P. Niu, "Piecewise NHPP Models with Maximum Likelihood Estimation for Repairable Systems," Proceedings of 2010 Annual Reliability and Maintainability Symposium (RAMS'10), pp. 1-7, Jan.2010.
[19] O. H. Alhazmi,, Y. K. Malaiya, and I. Ray, "Security Vulnerabilities in Software Systems: A Quantitative Perspective," Data and Applications Security XIX, Springer, Berlin Heidelberg, pp. 281-294, Aug 2005.
[20] A. L. Goel, and K. Okumoto, “Time Dependent Error Detection Rate Model for Software Reliability and Other Performance Measure,” IEEE Transactions on Reliability, Vol. R-28, Issue 3, pp206-211, Aug. 1979.
[21] J. D. Musa, A. Iannino, and K. Okumoto, Software Reliability: Measurement, Prediction, Application, McGraw-Hill, 1987.
[22] W. Weibull, "Wide Applicability," Journal of applied mechanics, pp. 293-297 ,Sep. 1951.
[23] S. D. Conte, H. E. Dunsmore, V. Y. Shen, Software Engineering Metrics and Models, Benjamin-Cummings Publishing Co., 1986.
[24] C. Y. Huang and M. R. Lyu, “Estimation and Analysis of Some Generalized Multiple Change-Point Software Reliability Models,”IEEE Trans. on Reliability, Vol. 60, No. 2, pp. 498-514, Jun. 2011.
[25] http://nvd.nist.gov/, [Online; accessed 24 Apr. 2014]
[26] H. C. Joh, and Y. K. Malaiya, "Modeling Skewness in Vulnerability Discovery ," Red, Vol. 30, No. 8, pp. 1445-1459, Dec. 2014 .
[27] D. S. Moore, Chi-square Tests, Defense Technical Information Center, 1976.
[28] T. Pyzdek, and P. A. Keller, The Six Sigma Handbook, Vol. 486, McGraw-Hill, 2003.
[29] H. Akaike, “Information Theory and an Extension of the Maximum Likelihood Principle,” Selected Papers of Hirotugu Akaike. Springer Series in Statistics, pp. 199-213, 1998.
[30] H. Pham, Recent Studies in Software Reliability Engineering, Springer London, 2003.
[31] T. ÖZTEKIN, “Comparison of Parameter Estimation Methods for the Three-parameter Generalized Pareto Distribution,” Turkish Journal of Agriculture and Forestry, Vol.29 No.6, pp. 419-428, 2005.
[32] S. Inoue, S. Hayashida, and S. Yamada, "Toward Practical Software Reliability Assessment with Change-Point Based on Hazard Rate Models," Proceedings of the 2013 IEEE 37th Annual Computer Software and Applications Conference, pp. 268-273, Jul. 2013.
[33] M. Xie, Q. P. Hu, Y. P. Wu, and S. H. Ng, “A Study of the Modeling and Analysis of Software Fault‐detection and Fault‐correction Processes,” Quality and Reliability Engineering International Vol.23, Issue.4, pp. 459-470, 2007.
[34] P. Rook, Software Reliability Handbook, Elsevier Science, 1990.
[35] N. F. Schneidewind, “Finding the Optimal Parameters for a Software Reliability Model,” Innovations in Systems and Software Engineering, Vol. 3, pp. 319-332, 2007.
[36] K. Shibata, K. Rinsaka, T. Dohi, “PISRAT: Proportional Intensity-Based Software Reliability Assessment Tool,” prdc, Proceedings of the 13th Pacific Rim International Symposium on Dependable Computing (PRDC 2007), pp. 43-52, Melbourne, Victoria, Australia, Dec. 2007.
[37] R.J. Hyndman, and A.B. Koehler, “Another Look at Measures of Forecast Accuracy,” International Journal of Forecasting, Vol. 22, No. 4, pp.679-688, 2006.
[38] H. Akaike, “A New Look at the Statistical Model Identification,” IEEE Transactions on Automatic Control, Vol.19 Issue.6, pp.716-723, 1974.
[39] A. Satorra, P. M. Bentler, "A Scaled Difference Chi-square Test Statistic for Moment Structure Analysis," Psychometrika, Vol. 66, No.4, pp.507-514, Dec. 2001.
[40] Greenwood, P.E., Nikulin, M.S, A Guide to Chi-squared Testing, Wiley, 1996.
[41] M. R. Lyu, Handbook of Software Reliability Engineering, McGraw Hill, 1996.
[42] E. A. Evans, and S. Nalampang, “Forecasting Price Trends in the US Avocado (Persea americana S. Avocado (Mill.) Market Mill,” Journal of Food Distribution Research, Vol.40 No.2, pp.38, 2009.
[43] W.J. Conover, Practical Nonparametric Statistics, John Wiley and Sons, 1980.
[44] T. D. Cook, D. T. Campbell, and A. Day. Quasi-experimentation: Design & analysis issues for field settings, Boston, Houghton Mifflin, 1979.
[45] D. T. Campbell, J. C. Stanley, Experimental and Quasi-experimental Designs for Research, Boston, Houghton Mifflin, 1963.
[46] Greenwood, P.E., Nikulin, M.S, A Guide to Chi-squared Testing, Wiley, 1996.
[47] M. R. Lyu, Handbook of Software Reliability Engineering, McGraw Hill, 1996.
[48] E. A. Evans, and S. Nalampang, “Forecasting Price Trends in the US Avocado (Persea americana S. Avocado (Mill.) Market Mill,” Journal of Food Distribution Research, Vol.40 No.2, pp.38, 2009.
[49] H. Akaike, “Information Theory and an Extension of the Maximum Likelihood Principle,” Selected Papers of Hirotugu Akaike. Springer Series in Statistics, pp. 199-213, 1998.