Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type


Publication Date

Showing 1 - 10 of 123 results for the Vulnerability Analysis

Presentation | March 2017 - Presentation Using Malware Analysis to Identify Overlooked Security ... By Nancy R. Mead, Jose A. Morales

This presentation describes initial research conducted by CERT and Carnegie Mellon to determine if malware report databases were amenable to automated processing to identify flaws

Poster | October 2017 - Poster Rapid Expansion of Classification Models to Prioritize Static ... By Lori Flynn

Poster on research to create a method to automatically classify and prioritize alterts

Technical Report | May 2016 - Technical Report Using Honeynets and the Diamond Model for ICS Threat ... By John Kotheimer, Kyle O'Meara, Deana Shick

This report presents an approach to analyzing approximately 16 gigabytes of full packet capture data collected from an industrial control system honeynet—a network of seemingly vulnerable machines designed to lure attackers.

White Paper | April 1997 - White Paper An Analysis of Security Incidents on the Internet By John Howard, George Weaver

In this dissertation, John D. Howard reviews an analysis of security incidents on the Internet from between 1989 and 1995.

Presentation | January 2000 - Presentation The Survivable Network Analysis Method: Assessing ...

This presentation introduces the survivable network analysis method, developed by the Software Engineering Institute's (SEI) CERT/Coordination Center.

Presentation | January 2006 - Presentation Vulnerability Discovery: Bridging the Gap Between Analysis ...

This 2006 CERT presentation provides an overview of the vulnerability discovery field and discusses how it can be used to improve the practice of security engineering.

Presentation | August 2015 - Presentation Systemic Vulnerabilities: An Allegorical Tale of ... By Allen D. Householder

In this talk, we will trace the origin and evolution of a physical-world vulnerability that dates to the late 19th century, and explore whether

Special Report | July 2017 - Special Report Systemic Vulnerabilities in Customer-Premises Equipment ... By Joel Land

This report describes a test framework that the CERT/CC developed to identify systemic and other vulnerabilities in CPE routers.

Presentation | March 2017 - Presentation Building Secure Software for Mission Critical Systems By Mark Sherman

This presentation explores the expanding landscape of vulnerabilities that accompanies the increasing reliance on software and then examines some key steps to help mitigate the increased risk.

Technical Note | January 2005 - Technical Note A Structured Approach to Classifying Security Vulnerabilities By Robert C. Seacord, Allen D. Householder

In this 2005 report, the authors propose a classification scheme that uses attribute-value pairs to provide a multidimensional view of vulnerabilities.