Work place: Department of Mathematics and Statistics, University of South Florida, Florida, USA
E-mail: ctsokos@usf.edu
Website:
Research Interests: Computational Science and Engineering, Computational Engineering, Computational Mathematics, Mathematics of Computing, Mathematics
Biography
Chris P. Tsokos is a Distinguished University Professor of Mathematics and Statistics and Director of the Urban Scholars Outreach Program at the University of South Florida. He received his Ph.D. in Statistics and Probability from the University of Connecticut and was recognized with the Distinguished Alumni Award along with the recognition of the State of Connecticut General Assembly Award for outstanding public and philanthropic service to our country. Dr. Tsokos received his B.S. in Engineering Sciences/Mathematics and his M.A. in Mathematics from the University of Rhode Island. Professor Tsokos has also served on the faculties at Virginia Polytechnic Institute and State University and the University of Rhode Island. He is a renowned scholar is Statistics who has authored and coauthored over 350 articles, many text books and other publications
By Pubudu K. Hitigala Kaluarachchilage Champike Attanayake Sasith Rajasooriya Chris P. Tsokos
DOI: https://doi.org/10.5815/ijcnis.2020.02.01, Pub. Date: 8 Apr. 2020
Operating system (OS) security is a key component of computer security. Assessing and improving OSs strength to resist against vulnerabilities and attacks is a mandatory requirement given the rate of new vulnerabilities discovered and attacks occur. Frequency and the number of different kinds of vulnerabilities found in an OS can be considered an index of its information security level. In the present study we assess five mostly used OSs, Microsoft Windows (windows 7, windows 8 and windows 10), Apple’s Mac and Linux for their discovered vulnerabilities and the risk associated in each. Each discovered and reported vulnerability has an Exploitability score assigned in CVSS [27] of the national vulnerability data base. We compare the risk from vulnerabilities in each of the five Operating Systems. The Risk Indexes used are developed based on the Markov model to evaluate the risk of each vulnerability [11, 21, 22]. Statistical methodology and underlying mathematical approach is described. The analysis includes all the reported vulnerabilities in the National Vulnerability Database [19] up to October 30, 2018. Initially, parametric procedures are conducted and measured. There are however violations of some assumptions observed. Therefore, authors recognized the need for non-parametric approaches. 6838 vulnerabilities recorded were considered in the analysis.
According to the risk associated with all the vulnerabilities considered, it was found that there is a statistically significant difference among average risk level for some operating systems. This indicates that according to our method some operating systems have been more risk vulnerable than others given the assumptions and limitations. Relevant Test results revealing a statistically significant difference in the Risk levels of different OSs are presented.
Subscribe to receive issue release notifications and newsletters from MECS Press journals