• Seminars & Events
  • Latest
  • Archive
  • RSS Feed


19 January 2012

Prof Fabio Massacci

Location: Meeting Room 1, Ground Floor, JLB
Time: 3pm - 4:45pm
Speaker(s): Prof Fabio Massacci

We often find papers suggesting this or that Vulnerability Discovery Model (VDM), from thermodynamics to logistics, deriving more or less stretched economics conclusions. In this work I will report an empirical study on the popular browsers Firefox, Google Chrome and Internet Explorer covering several years and several versions. I will describe our discovery and concepts such as the notion of after-life vulnerability (around a third or vulnerability are discovered after the version goes out of support) and the validation of the old Milk-or-Wine study. We have analyzed the impact of vulnerability data sets based on different definitions of vulnerability to the VDM's performance. The result shows that some VMDs do not simply fit the data (no matter how computed), while for others there is both positive and negative evidence. The only (positive) conclusion of this study is that using "confirmed" vulnerabilities yields more stable result. BIO: Fabio Massacci received a M.Eng. in 1993 and Ph.D. in Computer Science and Engineering at University of Rome La Sapienza in 1998. He visited Cambridge University in 1996-97 and was visiting researcher at IRIT Toulouse in 2000. He joined  the University of Siena as Assistant Professor in 1999, and in 2001 he went to Trento where he is now full professor. His research interests are in security requirements engineering and verification and load-time security for mobile and embedded systems (Security-by-Contract). His current h-index is X (Google Scholar) and Y

Save to your Calendar

Contact: mailto:h.c.sharp@open.ac.uk