Title :
Quantitative Assessment of Risk Reduction with Cybercrime Black Market Monitoring
Author :
Allodi, Luca ; Woohyun Shim ; Massacci, F.
Author_Institution :
DISI, Univ. of Trento, Trento, Italy
Abstract :
Cybercrime is notoriously maintained and empowered by the underground economy, manifested in black markets. In such markets, attack tools and vulnerability exploits are constantly traded. In this paper, we focus on making a quantitative assessment of the risk of attacks coming from such markets, and investigating the expected reduction in overall attacks against final users if, for example, vulnerabilities traded in the black markets were all to be promptly patched. In order to conduct the analysis, we mainly use the data on (a) vulnerabilities bundled in 90+ attack tools traded in the black markets collected by us; (b) actual records of 9 × 107 attacks collected from Symantec´s Data Sharing Programme WINE. Our results illustrate that black market vulnerabilities are an important source of risk for the population of users; we further show that vulnerability mitigation strategies based on black markets monitoring may outperform traditional strategies based on vulnerability CVSS scores by providing up to 20% more expected reduction in attacks.
Keywords :
computer crime; risk management; stock markets; Symantec data sharing programme; WINE programme; attack tools; black market vulnerabilities; cybercrime black market monitoring; quantitative risk reduction assessment; underground economy; user population; vulnerability CVSS scores; vulnerability exploits; vulnerability mitigation strategies; Browsers; Computer crime; Market research; Monitoring; Servers; Software; black markets; cybercime; exploits; vulnerabilities;
Conference_Titel :
Security and Privacy Workshops (SPW), 2013 IEEE
Conference_Location :
San Francisco, CA
Print_ISBN :
978-1-4799-0458-7
DOI :
10.1109/SPW.2013.16
