The Resource Zero Days, Thousands of Nights : the Life and Times of Zero-Day Vulnerabilities and Their Exploits, Lillian Ablon, Andy Bogart

Zero Days, Thousands of Nights : the Life and Times of Zero-Day Vulnerabilities and Their Exploits, Lillian Ablon, Andy Bogart

Label
Zero Days, Thousands of Nights : the Life and Times of Zero-Day Vulnerabilities and Their Exploits
Title
Zero Days, Thousands of Nights : the Life and Times of Zero-Day Vulnerabilities and Their Exploits
Statement of responsibility
Lillian Ablon, Andy Bogart
Title variation
Life and Times of Zero-Day Vulnerabilities and Their Exploits
Creator
Contributor
Author
Issuing body
Subject
Language
eng
Summary
Zero-day vulnerabilities--software vulnerabilities for which no patch or fix has been publicly released-- and their exploits are useful in cyber operations--whether by criminals, militaries, or governments--as well as in defensive and academic settings. This report provides findings from real-world zero-day vulnerability and exploit data that could augment conventional proxy examples and expert opinion, complement current efforts to create a framework for deciding whether to disclose or retain a cache of zero-day vulnerabilities and exploits, inform ongoing policy debates regarding stockpiling and vulnerability disclosure, and add extra context for those examining the implications and resulting liability of attacks and data breaches for U.S. consumers, companies, insurers, and for the civil justice system broadly. The authors provide insights about the zero-day vulnerability research and exploit development industry; give information on what proportion of zero-day vulnerabilities are alive (undisclosed), dead (known), or somewhere in between; and establish some baseline metrics regarding the average lifespan of zero-day vulnerabilities, the likelihood of another party discovering a vulnerability within a given time period, and the time and costs involved in developing an exploit for a zero-day vulnerability"--Publisher's description
Member of
Cataloging source
DOS
Dewey number
005.84
Illustrations
illustrations
Index
no index present
LC call number
QA76.76.C68
LC item number
A25 2017eb online
Literary form
non fiction
Nature of contents
  • dictionaries
  • bibliography
Series statement
Research report
Series volume
RR-1751-RC
Label
Zero Days, Thousands of Nights : the Life and Times of Zero-Day Vulnerabilities and Their Exploits, Lillian Ablon, Andy Bogart
Publication
Copyright
Note
"March 15, 2017"--Table of contents page
Bibliography note
Includes bibliographical references (pages 109-114)
http://library.link/vocab/branchCode
  • net
Carrier category
online resource
Carrier category code
cr
Carrier MARC source
rdacarrier
Content category
text
Content type code
txt
Content type MARC source
rdacontent
Contents
  • There Are Many Considerations That Stakeholders Want Addressed
  • Research Questions and the Purpose of This Research
  • Intended Audience for This Research
  • Breaking Down the Zero-Day Space
  • Data for This Research
  • Methodology of Research and Data Collection
  • Organization of This Report
  • 2.
  • More Discussion of Zero-Day Vulnerabilities:
  • Nature of Zero-Day Vulnerabilities
  • Preface
  • Exploit Development Basics and Considerations
  • Exploit Development Cycle
  • People in the Zero-Day Vulnerability Space
  • Business Models
  • 3.
  • Analysis of the Data:
  • 1.
  • Life Status: Is the Vulnerability Really a Zero-Day? Is It Alive (Publicly Unknown) or Dead (Known to Others)?
  • 2.
  • Longevity: How Long Will the Vulnerability Remain Undiscovered and Undisclosed to the Public?
  • Figures and Tables
  • 3.
  • Collision Rate: What Is the Likelihood That Others Will Discover and Disclose the Vulnerability?
  • 4.
  • Cost: What Is the Cost to Develop an Exploit for the Vulnerability?
  • 4.
  • Conclusions and Implications
  • APPENDIXES
  • References
  • Summary
  • Acknowledgments
  • 1.
  • Introduction:
  • Little Is Known About the Extent, Use, Benefit, or Harm of Zero-Day Exploits
  • Should the U.S. Government Disclose Zero-Day Vulnerabilities?
Control code
ocn976431100
Extent
1 online resource (xvii, 114 pages)
Form of item
online
Isbn
9780833097781
Media category
computer
Media MARC source
rdamedia
Media type code
c
Other physical details
color illustrations
http://library.link/vocab/recordID
.b36815846
Specific material designation
remote
System control number
  • (OCoLC)976431100
  • pebc083309761X

Library Locations

    • Deakin University Library - Geelong Waurn Ponds CampusBorrow it
      75 Pigdons Road, Waurn Ponds, Victoria, 3216, AU
      -38.195656 144.304955
Processing Feedback ...