@inproceedings{92883434d4c14a9784dfaccfc1f6d832,
title = "The dark side of vulnerability exploitation: A proposal for a research analysis",
abstract = "Software security research has put much effort in evaluating security as a function of the expected number of vulnerabilities and their criticality. As hackers become more sophisticated and economicallydriven, I argue that exploitation activities are a much more interesting index of risk than the number of vulnerabilities: The economics of the black market can shed light on attacking processes and trends, and can be very useful in better assessing security and re-thinking patching behavior and patches priority.",
author = "L. Allodi and F. Massacci",
year = "2012",
language = "English",
series = "CEUR Workshop Proceedings",
pages = "71--76",
booktitle = "ESSoS-DS 2012 - Proceedings of the Doctoral Symposium of the International Symposium on Engineering Secure Software and Systems 2012",
note = "1st Doctoral Symposium on Engineering Secure Software and Systems 2012, ESSoS-DS 2012 ; Conference date: 15-02-2012 Through 15-02-2012",
}