Abstract
Prediction of vulnerability discovery rates can be used to assess security risks and to determine the resources needed to develop patches quickly to handle vulnerabilities discovered. An examination of the vulnerability data suggests a seasonal behavior that has not been modeled by the recently proposed vulnerability discovery models. This seasonality has not been identified or examined so far. This study examines whether vulnerability discovery rates for Windows NT, IIS Server and the Internet Explorer exhibit a significant annual seasonal pattern. Actual data has been analyzed using seasonal index and auto correlation function approaches to identify seasonality and to evaluate its statistical significance. The results for the three software systems show that there is indeed a significant annual seasonal pattern.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
