Familiarity Breeds Contempt: The Honeymoon Effect and The Role of Legacy Code in Zero-Day Vulnerabilities


.

Familiarity Breeds Contempt: The Honeymoon Effect and The Role of Legacy Code in Zero-Day Vulnerabilities

Authors
Sandy Clark, Stefan Frei, Matt Blaze, Jonathan Smith


Summary
Our analysis of software vulnerability data, including up to a decade of data for several versions of the most popular operating systems, server applications and user applications (both open and closed source), shows that properties extrinsic to the software play a much greater role in the rate of vulnerability discovery than do intrinsic properties such as software quality. This leads to the observation that (at least in the first phase of a product's existence), software vulnerabilities have different properties than software defects.


Published
December 6, 2010, ACSAC 2010


Downloads

  1. Familiarity_Breeds_Contempt_(2010).pdf

Exteral Links

  1. Computer Security Applications Conference 2010

About

HOME | TOOLS | BUG BOUNTY | TOP 10 | PUBLICATIONS IP Address: 54.156.82.247
Date Time: 2017-11-20 23:07:57
Recent Papers
Recent Press Coverage
© 2000-2017 Stefan Frei
techzoom.net