DocumentCode
1416335
Title
Windows of vulnerability: a case study analysis
Author
Arbaugh, William A. ; Fithen, William L. ; McHugh, John
Author_Institution
Dept. of Comput. Sci., Maryland Univ., College Park, MD, USA
Volume
33
Issue
12
fYear
2000
fDate
12/1/2000 12:00:00 AM
Firstpage
52
Lastpage
59
Abstract
The authors propose a life cycle model for system vulnerabilities, then apply it to three case studies to reveal how systems often remain vulnerable long after security fixes are available. For each case, we provide background information about the vulnerability, such as how attackers exploited it and which systems were affected. We then tie the case to the life-cycle model by identifying the dates for each state within the model. Finally, we use a histogram of reported intrusions to show the life of the vulnerability, and we conclude with an analysis specific to the particular vulnerability.
Keywords
fault tolerant computing; security of data; attackers; case studies; case study analysis; histogram; life cycle model; reported intrusions; security fixes; system vulnerabilities; Acceleration; Automation; Communication system security; Computer aided software engineering; Computer errors; Computer security; Information analysis; Information security; Information technology; Organisms;
fLanguage
English
Journal_Title
Computer
Publisher
ieee
ISSN
0018-9162
Type
jour
DOI
10.1109/2.889093
Filename
889093
Link To Document