{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T16:13:03Z","timestamp":1774541583333,"version":"3.50.1"},"publisher-location":"Cham","reference-count":61,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319140384","type":"print"},{"value":"9783319140391","type":"electronic"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-14039-1_13","type":"book-chapter","created":{"date-parts":[[2015,4,9]],"date-time":"2015-04-09T10:58:09Z","timestamp":1428577089000},"page":"265-285","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Understanding the Vulnerability Lifecycle for Risk Assessment and Defense Against Sophisticated Cyber Attacks"],"prefix":"10.1007","author":[{"given":"Tudor","family":"Dumitra\u015f","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,4,10]]},"reference":[{"key":"13_CR1","unstructured":"Adobe Systems Incorporated: Security bulletins and advisories.http:\/\/www.adobe.com\/support\/security\/ (2012)"},{"key":"13_CR2","unstructured":"Allodi, L.: Attacker economics for internet-scale vulnerability risk assessment. In: Proceedings of Usenix LEET Workshop (2013)"},{"key":"13_CR3","doi-asserted-by":"crossref","unstructured":"Allodi, L., Massacci, F.: A preliminary analysis of vulnerability scores for attacks in wild. In: CCS BADGERS Workshop. Raleigh, NC (2012)","DOI":"10.1145\/2382416.2382427"},{"key":"13_CR4","doi-asserted-by":"crossref","unstructured":"Anderson, R., Moore, T.: The economics of information security. In: Science, vol.\u00a0314, no.\u00a05799 (2006)","DOI":"10.1126\/science.1130992"},{"key":"13_CR5","doi-asserted-by":"crossref","unstructured":"Arbaugh, W.A., Fithen, W.L., McHugh, J.: Windows of vulnerability: A case study analysis. IEEE Computer33(12) (2000)","DOI":"10.1109\/2.889093"},{"key":"13_CR6","unstructured":"Arora, A., Krishnan, R., Nandkumar, A., Telang, R., Yang, Y.: Impact of vulnerability disclosure and patch availability - an empirical analysis. In: Workshop on the Economics of Information Security (WEIS 2004) (2004)"},{"key":"13_CR7","unstructured":"Beattie, S., Arnold, S., Cowan, C., Wagle, P., Wright, C.: Timing the application of security patches for optimal uptime. In: Large Installation System Administration Conference, pp.\u00a0233\u2013242. Philadelphia, PA (2002). URLhttp:\/\/www.usenix.org\/events\/lisa02\/tech\/beattie.html"},{"key":"13_CR8","doi-asserted-by":"crossref","unstructured":"Bilge, L., Dumitra\u015f, T.: Before we knew it: an empirical study of zero-day attacks in the real world. In: ACM Conference on Computer and Communications Security, pp.\u00a0833\u2013844 (2012)","DOI":"10.1145\/2382196.2382284"},{"key":"13_CR9","doi-asserted-by":"crossref","unstructured":"Bollinger, J.: Economies of disclosure. In: SIGCAS Comput. Soc. (2004)","DOI":"10.1145\/1111635.1111636"},{"key":"13_CR10","doi-asserted-by":"crossref","unstructured":"Bozorgi, M., Saul, L.K., Savage, S., Voelker, G.M.: Beyond heuristics: learning to classify vulnerabilities and predict exploits. In: KDD. Washington, DC (2010)","DOI":"10.1145\/1835804.1835821"},{"key":"13_CR11","unstructured":"Cavusoglu, H.C.H., Raghunathan, S.: Emerging issues in responsible vulnerability disclosure. In: Workshop on Information Technology and Systems (2004)"},{"key":"13_CR12","doi-asserted-by":"crossref","unstructured":"Clark, S., Frei, S., Blaze, M., Smith, J.: Familiarity breeds contempt: The honeymoon effect and the role of legacy code in zero-day vulnerabilities. In: Proceedings of the 26th Annual Computer Security Applications Conference, ACSAC \u201910, pp.\u00a0251\u2013260. ACM, New York, NY, USA (2010).. URLhttp:\/\/doi.acm.org\/10.1145\/1920261.1920299","DOI":"10.1145\/1920261.1920299"},{"key":"13_CR13","unstructured":"CrySyS Lab: sKyWIper (a.k.a. Flame a.k.a. Flamer): A complex malware for targeted attacks. Tech. rep., Budapest University of Technology and Economics (2012). URLhttp:\/\/www.crysys.hu\/skywiper\/skywiper.pdf"},{"key":"13_CR14","unstructured":"CVE: A dictionary of publicly known information security vulnerabilities and exposures.http:\/\/cve.mitre.org\/ (2012)"},{"key":"13_CR15","doi-asserted-by":"crossref","unstructured":"Dumitra\u015f, T., Shou, D.: Toward a standard benchmark for computer security research: The Worldwide Intelligence Network Environment (WINE). In: EuroSys BADGERS Workshop. Salzburg, Austria (2011)","DOI":"10.1145\/1978672.1978683"},{"key":"13_CR16","unstructured":"Falliere, N., O\u2019Murchu, L., Chien, E.: W32.Stuxnet dossier. Symantec Whitepaper (2011). URLhttp:\/\/www.symantec.com\/content\/en\/us\/enterprise\/media\/security_response\/whitepapers\/w32_stuxnet_dossier.pdf"},{"key":"13_CR17","unstructured":"Finifter, M., Akhawe, D., Wagner, D.: An empirical study of vulnerability rewards programs. In: Proceedings of the ACM Conference on Computer and Communications Security. Washington, DC (2013)"},{"key":"13_CR18","unstructured":"FireEye: The Dual Use Exploit: CVE-2013-3906 Used in Both Targeted Attacks and Crimeware Campaigns.http:\/\/bit.ly\/R3XQQ4 (2013)"},{"key":"13_CR19","unstructured":"Frei, S.: Security econometrics: The dynamics of (in)security. Ph.D. thesis, ETH Z\u00fcrich (2009)"},{"key":"13_CR20","unstructured":"Frei, S.: End-Point Security Failures, Insight gained from Secunia PSI scans. Predict Workshop (2011)"},{"key":"13_CR21","unstructured":"Google Inc: Pwnium: rewards for exploits (2012).http:\/\/blog.chromium.org\/2012\/02\/pwnium-rewards-for-exploits.html"},{"key":"13_CR22","unstructured":"Greenberg, A.: Shopping for zero-days: A price list for hackers\u2019 secret software exploits. Forbes (2012).http:\/\/www.forbes.com\/sites\/andygreenberg\/2012\/03\/23\/shopping-for-zero-days-an-price-list-for-hackers-secret-software-exploits\/"},{"key":"13_CR23","unstructured":"Krebs, B.: Crimeware author funds exploit buying spree.http:\/\/bit.ly\/1mYwlUY (2013)"},{"key":"13_CR24","doi-asserted-by":"crossref","unstructured":"Kumar, A., Paxson, V., Weaver, N.: Exploiting underlying structure for detailed reconstruction of an internet-scale event. In: Internet Measurment Conference, pp.\u00a0351\u2013364 (2005)","DOI":"10.1145\/1330107.1330150"},{"key":"13_CR25","unstructured":"Lelli, A.: The Trojan.Hydraq incident: Analysis of the Aurora 0-day exploit.http:\/\/www.symantec.com\/connect\/blogs\/trojanhydraq-incident-analysis-aurora-0-day-exploit (2010)"},{"key":"13_CR26","unstructured":"McQueen, M.A., McQueen, T.A., Boyer, W.F., Chaffin, M.R.: Empirical estimates and observations of 0day vulnerabilities. In: Hawaii International Conference on System Sciences (2009)"},{"key":"13_CR27","unstructured":"Microsoft: Microsoft security bulletins.http:\/\/technet.microsoft.com\/en-us\/security\/bulletin (2012)"},{"key":"13_CR28","unstructured":"Microsoft Corp.: A history of Windows.http:\/\/bit.ly\/RKDHIm"},{"key":"13_CR29","unstructured":"Miller, C.: The legitimate vulnerability market: Inside the secretive world of 0-day exploit sales. In: Workshop on the Economics of Information Security. Pittsburgh, PA (2007)"},{"key":"13_CR30","unstructured":"National Institute of Standards and Technology: Engineering statistics handbook.http:\/\/www.itl.nist.gov\/div898\/handbook\/index.htm"},{"key":"13_CR31","doi-asserted-by":"crossref","unstructured":"Nayak, K., Marino, D., Efstathopoulos, P., Dumitra\u015f, T.: Some vulnerabilities are different than others: Studying vulnerabilities and attack surfaces in the wild. In: Proceedings of the 17th International Symposium on Research in Attacks, Intrusions and Defenses. Gothenburg, Sweeden (2014)","DOI":"10.1007\/978-3-319-11379-1_21"},{"key":"13_CR32","unstructured":"National Vulnerability Database.http:\/\/nvd.nist.gov\/"},{"key":"13_CR33","unstructured":"O\u2019Gorman, G., McDonald, G.: The Elderwood project. Symantec Whitepaper (2012)"},{"key":"13_CR34","unstructured":"OSVDB: The open source vulnerability database.http:\/\/www.osvdb.org\/ (2012)"},{"key":"13_CR35","unstructured":"Ozment, A., Schechter, S.E.: Milk or wine: does software security improve with age? In: 15th conference on USENIX Security Symposium (2006)"},{"key":"13_CR36","unstructured":"Papalexakis, E.E., Dumitras, T., Chau, D.H.P., Prakash, B.A., Faloutsos, C.: Spatio-temporal mining of software adoption & penetration. In: IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM). Niagara Falls, CA (2103)"},{"key":"13_CR37","unstructured":"Porras, P., Saidi, H., Yegneswaran, V.: An anlysis of conficker\u2019s logic and rendezvous points.http:\/\/mtc.sri.com\/Conficker\/ (2009)"},{"key":"13_CR38","unstructured":"Qualys, Inc.: The laws of vulnerabilities 2.0.http:\/\/www.qualys.com\/docs\/Laws_2.0.pdf (2009)"},{"key":"13_CR39","doi-asserted-by":"crossref","unstructured":"Quinn, S., Scarfone, K., Barrett, M., Johnson, C.: Guide to adopting and using the security content automation protocol (SCAP) version 1.0. NIST Special Publication 800-117 (2010)","DOI":"10.6028\/NIST.SP.800-117"},{"key":"13_CR40","unstructured":"Ransbotham, S.: An empirical analysis of exploitation attempts based on vulnerabilities in open source software (2010)"},{"key":"13_CR41","doi-asserted-by":"crossref","unstructured":"Rescorla, E.: Is finding security holes a good idea? In: IEEE Security and Privacy (2005)","DOI":"10.1109\/MSP.2005.17"},{"key":"13_CR42","unstructured":"Rivner, U.: Anatomy of an attack (2011).http:\/\/blogs.rsa.com\/rivner\/anatomy-of-an-attack\/ Retrieved on 19 April 2012"},{"key":"13_CR43","unstructured":"SANS Institute: Top cyber security risks - zero-day vulnerability trends.http:\/\/www.sans.org\/top-cyber-security-risks\/zero-day.php (2009)"},{"key":"13_CR44","unstructured":"Schneier, B.: Cryptogram september 2000 - full disclosure and the window of exposure.http:\/\/www.schneier.com\/crypto-gram-0009.html (2000)"},{"key":"13_CR45","doi-asserted-by":"crossref","unstructured":"Schneier, B.: Locks and full disclosure. In: IEEE Security and Privacy (2003)","DOI":"10.1109\/MSECP.2003.1193220"},{"key":"13_CR46","doi-asserted-by":"crossref","unstructured":"Schneier, B.: The nonsecurity of secrecy. In: Commun. ACM (2004)","DOI":"10.1145\/1022594.1022629"},{"key":"13_CR47","doi-asserted-by":"crossref","unstructured":"Shahzad, M., Shafiq, M.Z., Liu, A.X.: A large scale exploratory analysis of software vulnerability life cycles. In: Proceedings of the 2012 International Conference on Software Engineering (2012)","DOI":"10.1109\/ICSE.2012.6227141"},{"key":"13_CR48","doi-asserted-by":"crossref","unstructured":"Shin, Y., Meneely, A., Williams, L., Osborne, J.A.: Evaluating complexity, code churn, and developer activity metrics as indicators of software vulnerabilities. IEEE Trans. Software Eng.37(6), 772\u2013787 (2011)","DOI":"10.1109\/TSE.2010.81"},{"key":"13_CR49","unstructured":"Staniford, S., Paxson, V., Weaver, N.: How to 0wn the Internet in your spare time. In: USENIX Security Symposium, pp.\u00a0149\u2013167 (2002)"},{"key":"13_CR50","unstructured":"Symantec Attack Signatures.http:\/\/www.symantec.com\/security_response\/attacksignatures\/"},{"key":"13_CR51","unstructured":"Symantec Corporation: Symantec global Internet security threat report, volume 13.http:\/\/eval.symantec.com\/mktginfo\/enterprise\/white_papers\/b-whitepaper_internet_security_threat_report_xiii_04-2008.en-us.pdf (2008)"},{"key":"13_CR52","unstructured":"Symantec Corporation: Symantec global Internet security threat report, volume 14.http:\/\/eval.symantec.com\/mktginfo\/enterprise\/white_papers\/b-whitepaper_internet_security_threat_report_xv_04-2010.en-us.pdf (2009)"},{"key":"13_CR53","unstructured":"Symantec Corporation: Symantec global Internet security threat report, volume 15.http:\/\/msisac.cisecurity.org\/resources\/reports\/documents\/SymantecInternetSecurityThreatReport2010.pdf (2010)"},{"key":"13_CR54","unstructured":"Symantec Corporation: Symantec Internet security threat report, volume 16 (2011)"},{"key":"13_CR55","unstructured":"Symantec Corporation: W32.Duqu: The precursor to the next Stuxnet. Symantec Whitepaper (2011). URLhttp:\/\/www.symantec.com\/content\/en\/us\/enterprise\/media\/security_response\/whitepapers\/w32_duqu_the_precursor_to_the_next_stuxnet_research.pdf"},{"key":"13_CR56","unstructured":"Symantec Corporation: Symantec Internet security threat report, volume 17.http:\/\/www.symantec.com\/threatreport\/ (2012)"},{"key":"13_CR57","unstructured":"Symantec Corporation: Symantec threat explorer.http:\/\/www.symantec.com\/security_response\/threatexplorer\/azlisting.jsp (2012)"},{"key":"13_CR58","unstructured":"Symantec.cloud: February 2011 intelligence report.http:\/\/www.messagelabs.com\/mlireport\/MLI_2011_02_February_FINAL-en.PDF (2011)"},{"key":"13_CR59","unstructured":"TechRepublic: Five super-secret features in Windows 7.http:\/\/tek.io\/g3rBrB"},{"key":"13_CR60","unstructured":"Wikipedia: Source lines of code.http:\/\/bit.ly\/5LkKx"},{"key":"13_CR61","doi-asserted-by":"crossref","unstructured":"Zimmermann, T., Nagappan, N., Williams, L.A.: Searching for a needle in a haystack: Predicting security vulnerabilities for windows vista. In: ICST, pp.\u00a0421\u2013428 (2010)","DOI":"10.1109\/ICST.2010.32"}],"container-title":["Advances in Information Security","Cyber Warfare"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-14039-1_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,1,24]],"date-time":"2023-01-24T11:26:42Z","timestamp":1674559602000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-14039-1_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319140384","9783319140391"],"references-count":61,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-14039-1_13","relation":{},"ISSN":["1568-2633"],"issn-type":[{"value":"1568-2633","type":"print"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"10 April 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}