{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:53:01Z","timestamp":1750308781520,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":35,"publisher":"ACM","license":[{"start":{"date-parts":[[2010,12,6]],"date-time":"2010-12-06T00:00:00Z","timestamp":1291593600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N00014-07-1-907N00014-09-1-0770"],"award-info":[{"award-number":["N00014-07-1-907N00014-09-1-0770"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000144","name":"Division of Computer and Network Systems","doi-asserted-by":"publisher","award":["CCD-0810947CNS-0905434"],"award-info":[{"award-number":["CCD-0810947CNS-0905434"]}],"id":[{"id":"10.13039\/100000144","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CCD-0810947CNS-0905434"],"award-info":[{"award-number":["CCD-0810947CNS-0905434"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2010,12,6]]},"DOI":"10.1145\/1920261.1920299","type":"proceedings-article","created":{"date-parts":[[2010,12,20]],"date-time":"2010-12-20T16:13:47Z","timestamp":1292861627000},"page":"251-260","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":33,"title":["Familiarity breeds contempt"],"prefix":"10.1145","author":[{"given":"Sandy","family":"Clark","sequence":"first","affiliation":[{"name":"University of Pennsylvania"}]},{"given":"Stefan","family":"Frei","sequence":"additional","affiliation":[{"name":"Secunia"}]},{"given":"Matt","family":"Blaze","sequence":"additional","affiliation":[{"name":"University of Pennsylvania"}]},{"given":"Jonathan","family":"Smith","sequence":"additional","affiliation":[{"name":"University of Pennsylvania"}]}],"member":"320","published-online":{"date-parts":[[2010,12,6]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISSRE.2005.30"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/2.889093"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1646353.1646374"},{"key":"e_1_3_2_1_4_1","unstructured":"BlackDuck. Koders.com. http:\/\/corp.koders.com\/about\/ April 2010.  BlackDuck. Koders.com. http:\/\/corp.koders.com\/about\/ April 2010."},{"volume-title":"20th Anniversary Edition. Addison-Wesley Professional","year":"1995","author":"Brooks Frederick P.","key":"e_1_3_2_1_5_1"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/502034.502042"},{"volume-title":"In Proceedings of the 18th Cambridge International Security Protocols Workshop - pending publication. Springer","year":"2010","author":"Clark Sandy","key":"e_1_3_2_1_7_1"},{"key":"e_1_3_2_1_8_1","first-page":"105","volume-title":"In Proceedings of the 15th USENIX Security Symposium","author":"Cox Benjamin","year":"2006"},{"key":"e_1_3_2_1_9_1","unstructured":"CVE. Common vulnerabilities and exposures 2008.  CVE. Common vulnerabilities and exposures 2008."},{"key":"e_1_3_2_1_10_1","unstructured":"Dr Dobbs Journal. Open Source Study Reveals High Level of Code Reuse. http:\/\/www.drdobbs.com\/open-source\/216401796 March 2009.  Dr Dobbs Journal. Open Source Study Reveals High Level of Code Reuse. http:\/\/www.drdobbs.com\/open-source\/216401796 March 2009."},{"volume-title":"ETH Zurich","year":"1819","author":"Frei Stefan","key":"e_1_3_2_1_11_1"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/TR.1979.5220566"},{"volume-title":"Microsoft Press","year":"2006","author":"Howard Michael","key":"e_1_3_2_1_13_1"},{"key":"e_1_3_2_1_14_1","unstructured":"IBM Internet Security Systems - X-Force. X-Force Advisory. http:\/\/www.iss.net.  IBM Internet Security Systems - X-Force. X-Force Advisory. http:\/\/www.iss.net."},{"key":"e_1_3_2_1_15_1","unstructured":"iDefense. Vulnerability Contributor Program. http:\/\/labs.idefense.com\/vcp.  iDefense. Vulnerability Contributor Program. http:\/\/labs.idefense.com\/vcp."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/13487689.13487690"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/32.588541"},{"volume-title":"NATO","year":"1968","author":"McIlroy M. C.","key":"e_1_3_2_1_18_1"},{"key":"e_1_3_2_1_19_1","unstructured":"Microsoft. Internet explorer architecture. http:\/\/msdn.microsoft.com\/en-us\/library\/aa741312(VS. 85).aspx 2010.  Microsoft. Internet explorer architecture. http:\/\/msdn.microsoft.com\/en-us\/library\/aa741312(VS. 85).aspx 2010."},{"key":"e_1_3_2_1_20_1","unstructured":"Microsoft Corporation. Microsoft security development lifecycle. http:\/\/www.microsoft.com\/security\/sdl\/benefits\/measurable.aspx September 2008.  Microsoft Corporation. Microsoft security development lifecycle. http:\/\/www.microsoft.com\/security\/sdl\/benefits\/measurable.aspx September 2008."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1975.6312856"},{"volume-title":"Application. McGraw-Hill","year":"1987","author":"Musa John D.","key":"e_1_3_2_1_22_1"},{"key":"e_1_3_2_1_23_1","unstructured":"NIST. National Vulnerability Database 2008.  NIST. National Vulnerability Database 2008."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1314257.1314261"},{"volume-title":"USENIX-SS'06: Proceedings of the 15th conference on USENIX Security Symposium","year":"2006","author":"Ozment Andy","key":"e_1_3_2_1_25_1"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1002\/j.1538-7305.1983.tb03467.x"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1982.235728"},{"volume-title":"Workshop on the Economics of Information Security (WEIS)","year":"2010","author":"Ransbotham Sam","key":"e_1_3_2_1_28_1"},{"key":"e_1_3_2_1_29_1","unstructured":"Secunia. http:\/\/www.secunia.com. Vulnerability Intelligence Provider.  Secunia. http:\/\/www.secunia.com. Vulnerability Intelligence Provider."},{"key":"e_1_3_2_1_30_1","unstructured":"Security Focus. Vulnerabilities Database 2008.  Security Focus. Vulnerabilities Database 2008."},{"key":"e_1_3_2_1_31_1","unstructured":"SecurityTracker. http:\/\/www.SecurityTracker.com. SecurityTracker.  SecurityTracker. http:\/\/www.SecurityTracker.com. SecurityTracker."},{"key":"e_1_3_2_1_32_1","unstructured":"TippingPoint. Zero day initiative (zdi). http:\/\/www.zerodayinitiative.com\/.  TippingPoint. Zero day initiative (zdi). http:\/\/www.zerodayinitiative.com\/."},{"key":"e_1_3_2_1_33_1","unstructured":"US-CERT. Vulnerability statistics. http:\/\/www.cert.org\/stats\/vulnerability\\_remediation.html.  US-CERT. Vulnerability statistics. http:\/\/www.cert.org\/stats\/vulnerability\\_remediation.html."},{"key":"e_1_3_2_1_34_1","unstructured":"Vupen. Vupen security. http:\/\/www.vupen.com.  Vupen. Vupen security. http:\/\/www.vupen.com."},{"key":"e_1_3_2_1_35_1","unstructured":"Chester Wisniewski. Windows 7 vulnerable to 8 out of 10 viruses 2009. http:\/\/www.sophos.com\/blogs\/chetw\/g\/2009\/11\/03\/windows-7-vulnerable-8-10-viruses\/.  Chester Wisniewski. Windows 7 vulnerable to 8 out of 10 viruses 2009. http:\/\/www.sophos.com\/blogs\/chetw\/g\/2009\/11\/03\/windows-7-vulnerable-8-10-viruses\/."}],"event":{"name":"ACSAC '10: 2010 Annual Computer Security Applications Conference","sponsor":["ACSA Applied Computing Security Assoc"],"location":"Austin Texas USA","acronym":"ACSAC '10"},"container-title":["Proceedings of the 26th Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1920261.1920299","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1920261.1920299","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T20:22:43Z","timestamp":1750278163000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1920261.1920299"}},"subtitle":["the honeymoon effect and the role of legacy code in zero-day vulnerabilities"],"short-title":[],"issued":{"date-parts":[[2010,12,6]]},"references-count":35,"alternative-id":["10.1145\/1920261.1920299","10.1145\/1920261"],"URL":"https:\/\/doi.org\/10.1145\/1920261.1920299","relation":{},"subject":[],"published":{"date-parts":[[2010,12,6]]},"assertion":[{"value":"2010-12-06","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}