【 摘 要 】

Software security research has put much effort in evaluating security as a function of the expected number of vulnerabilities and their criticality. As hackers become more sophisticated and economically- driven, I argue that exploitation activities are a much more interesting index of risk than the number of vulnerabilities: the economics of the black market can shed light on attacking processes and trends, and can be very useful in better assessing security and re-thinking patching behavior and patches priority.

【 预 览 】

附件列表

Files	Size	Format	View
The dark side of vulnerability exploitation: a proposal for a research analysis. ?	207KB	PDF	download