Abstract
Development platforms have an important role in software's development and production. Prior work has shown that a system's attack surface measurement serves as a reliable proxy for security of similar software systems. A key challenge in attack surface measurement method is the estimation of the damage potential ratio. In our approach, it is applied Common Vulnerability Scoring System (CVSS) as a reliable metrics than the prior work. We show that, the attack surface of .NET platform is less than J2EE. Since only part of development environment is applied, so measuring the actual attack surface is depended on usage.
Full Text 
Sign-in/Register to access full text options
Sign-in/Register to access full text options 
Published version (
Free)
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
