%0 Journal Article %J Security Privacy, IEEE %D 2004 %T Susceptibility matrix: a new aid to software auditing %A Jiwnani,K. %A Zelkowitz, Marvin V %K approach; %K auditing; %K data; %K matrix; %K of %K program %K Security %K software %K susceptibility %K taxonomy-based %K testing; %K vulnerabilities; %X Testing for security is lengthy, complex, and costly, so focusing test efforts in areas that have the greatest number of security vulnerabilities is essential. This article describes a taxonomy-based approach that gives an insight into the distribution of vulnerabilities in a system. %B Security Privacy, IEEE %V 2 %P 16 - 21 %8 2004/04//mar %@ 1540-7993 %G eng %N 2 %R 10.1109/MSECP.2004.1281240