TY - GEN
T1 - Quantitative assessment of risk reduction with cybercrime black market monitoring
AU - Allodi, L.
AU - Shim, W.
AU - Massacci, F.
PY - 2013
Y1 - 2013
N2 - Cybercrime is notoriously maintained and empowered by the underground economy,manifested in black markets. In such markets, attack tools and vulnerability exploitsare constantly traded. In this paper, we focus on making a quantitative assessment of the riskof attacks coming from such markets, and investigating the expected reduction in overall attacks against final users if, for example, vulnerabilities traded in the black marketswere all to be promptly patched. In order to conduct the analysis, we mainly use the data on (a) vulnerabilities bundled in 90+ attack tools traded in the black markets collected by us;(b) actual records of 9x10^7 attacks collected fromSymantec's Data Sharing Programme WINE.Our results illustrate that black market vulnerabilities are an important source of risk for thepopulation of users; we further show that vulnerability mitigation strategies based on black marketsmonitoring may outperform traditional strategies based on vulnerability CVSS scores byproviding up to 20% more expected reduction in attacks. © 2013 IEEE.
AB - Cybercrime is notoriously maintained and empowered by the underground economy,manifested in black markets. In such markets, attack tools and vulnerability exploitsare constantly traded. In this paper, we focus on making a quantitative assessment of the riskof attacks coming from such markets, and investigating the expected reduction in overall attacks against final users if, for example, vulnerabilities traded in the black marketswere all to be promptly patched. In order to conduct the analysis, we mainly use the data on (a) vulnerabilities bundled in 90+ attack tools traded in the black markets collected by us;(b) actual records of 9x10^7 attacks collected fromSymantec's Data Sharing Programme WINE.Our results illustrate that black market vulnerabilities are an important source of risk for thepopulation of users; we further show that vulnerability mitigation strategies based on black marketsmonitoring may outperform traditional strategies based on vulnerability CVSS scores byproviding up to 20% more expected reduction in attacks. © 2013 IEEE.
UR - https://www.scopus.com/pages/publications/84882775407
UR - https://www.scopus.com/pages/publications/84882775407#tab=citedBy
U2 - 10.1109/SPW.2013.16
DO - 10.1109/SPW.2013.16
M3 - Conference contribution
SN - 9780769550176
T3 - Proceedings - IEEE CS Security and Privacy Workshops, SPW 2013
SP - 165
EP - 172
BT - Proceedings - IEEE CS Security and Privacy Workshops, SPW 2013
T2 - 2nd IEEE Security and Privacy Workshops, SPW 2013
Y2 - 23 May 2013 through 24 May 2013
ER -