Sciweavers

HICSS
2009
IEEE

Empirical Estimates and Observations of 0Day Vulnerabilities

14 years 6 months ago
Empirical Estimates and Observations of 0Day Vulnerabilities
We define a 0Day vulnerability to be any vulnerability, in deployed software, that has been discovered by at least one person but has not yet been publicly announced or patched. These 0Day vulnerabilities are of particular interest when assessing the risk to a system from exploit of vulnerabilities which are not generally known to the public or, most importantly, to the owners of the system. Using the 0Day definition given above, we analyzed the 0Day lifespans of 491 vulnerabilities and conservatively estimated that in the worst year there were on average 2500 0Day vulnerabilities in existence on any given day. Then using a small but intriguing set of 15 0Day vulnerability lifespans representing the time from actual discovery to public disclosure, we made a more aggressive estimate. In this case, we estimated that in the worst year there were, on average, 4500 0Day vulnerabilities in existence on any given day.
Miles A. McQueen, Trevor A. McQueen, Wayne F. Boye
Added 19 May 2010
Updated 19 May 2010
Type Conference
Year 2009
Where HICSS
Authors Miles A. McQueen, Trevor A. McQueen, Wayne F. Boyer, May R. Chaffin
Comments (0)