International Journal of Computer Science and Security (IJCSS)
Classification of software security vulnerability no doubt facilitates the understanding of security related information and accelerates vulnerability analysis. The lack of proper classification not only hinders its understanding but also renders the strategy of developing mitigation mechanism for clustered vulnerabilities. Now software developers and researchers are agreed on the fact that requirement and design phase of the software are the phases where security incorporation yields maximum benefits. In this paper the authors have attempted to design a classifier that can identify and classify design level vulnerabilities.