Title :
Vulnerability Black Markets: Empirical Evidence and Scenario Simulation
Author :
Radianti, Jaziar ; Rich, E. ; Gonzalez, Jose J.
Author_Institution :
Univ. of Agder, Grimstad
Abstract :
This paper discusses the manifest characteristics of online vulnerability black markets (VBM), insider actors, interactions and mechanisms, obtained from masked observation. Because VBM transactions are hidden from general view, we trace their precursors as secondary evidence of their development and activity. More general attributes of VBMs and the exploits they discuss are identified. Finally, we introduce a simulation model that captures how vulnerability discoveries may be placed in a dual legal-black market context. We perform simulations and find that if legal markets expose vulnerabilities that go unresolved, the security and quality of software may suffer more than in the absence of a legal market. Thus the problem scope expands beyond vulnerability trading to one that requires active participation and reaction by software vendors.
Keywords :
safety-critical software; security of data; software quality; empirical evidence; legal market; masked observation; online vulnerability black market; scenario simulation; software quality; software security; software vendor; Business; Computer hacking; Computer security; Context modeling; Information security; Internet; Law; Legal factors; Software performance; Software quality;
Conference_Titel :
System Sciences, 2009. HICSS '09. 42nd Hawaii International Conference on
Conference_Location :
Big Island, HI
Print_ISBN :
978-0-7695-3450-3
DOI :
10.1109/HICSS.2009.504
