• DocumentCode
    1416335
  • Title

    Windows of vulnerability: a case study analysis

  • Author

    Arbaugh, William A. ; Fithen, William L. ; McHugh, John

  • Author_Institution
    Dept. of Comput. Sci., Maryland Univ., College Park, MD, USA
  • Volume
    33
  • Issue
    12
  • fYear
    2000
  • fDate
    12/1/2000 12:00:00 AM
  • Firstpage
    52
  • Lastpage
    59
  • Abstract
    The authors propose a life cycle model for system vulnerabilities, then apply it to three case studies to reveal how systems often remain vulnerable long after security fixes are available. For each case, we provide background information about the vulnerability, such as how attackers exploited it and which systems were affected. We then tie the case to the life-cycle model by identifying the dates for each state within the model. Finally, we use a histogram of reported intrusions to show the life of the vulnerability, and we conclude with an analysis specific to the particular vulnerability.
  • Keywords
    fault tolerant computing; security of data; attackers; case studies; case study analysis; histogram; life cycle model; reported intrusions; security fixes; system vulnerabilities; Acceleration; Automation; Communication system security; Computer aided software engineering; Computer errors; Computer security; Information analysis; Information security; Information technology; Organisms;
  • fLanguage
    English
  • Journal_Title
    Computer
  • Publisher
    ieee
  • ISSN
    0018-9162
  • Type

    jour

  • DOI
    10.1109/2.889093
  • Filename
    889093