Title :
Eliciting Information on the Vulnerability Black Market from Interviews
Author :
Radianti, Jaziar
Author_Institution :
Dept. of ICT, Univ. of Agder, Grimstad, Norway
Abstract :
Threats to computing prompted by software vulnerabilities are abundant and costly for those affected. Adding to this problem is the emerging vulnerability black markets (VBMs), since they become places to trade malware and exploits. VBMs are discussed based on information derived from interviews with security researchers. The effort is enriched by further examination of documents surrounding the disclosure of four selected vulnerabilities cases. The result suggests that the VBMs is bifurcated into two distinct parts; the skilled-hacker and the script-kiddie VBMs with a possible link between them, where the latter become places to sell malware or exploit kits after the zero day vulnerability have circulated through several hands and might have decreasing value.
Keywords :
invasive software; software reliability; exploit kits; malware; script kiddie VBM; skilled hacker; software vulnerabilities; vulnerability black market; Computer hacking; Electronic mail; Interviews; Law; Malware; Black Market; Interview; Software Vulnerability;
Conference_Titel :
Emerging Security Information Systems and Technologies (SECURWARE), 2010 Fourth International Conference on
Conference_Location :
Venice
Print_ISBN :
978-1-4244-7517-9
Electronic_ISBN :
978-0-7695-4095-5
DOI :
10.1109/SECURWARE.2010.33
