This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Windows of Vulnerability: A Case Study Analysis
December 2000 (vol. 33 no. 12)
pp. 52-59

The authors propose a life-cycle model for system vulnerabilities, applying to three case studies to show how systems remain vulnerable long after security fixes are available. Complex information and communication systems give rise to design, implementation, and management errors, leading to a vulnerability in an information technology product that can allow security policy violations.

Using their vulnerability life-cycle model, the authors present a case study analysis of specific computer vulnerabilities. For each case, the authors provide background information about the vulnerability, such as how attackers exploited it and which systems were affected. They tie the case to the life-cycle model by identifying the dates for each state within the model. Finally, they use a histogram of reported intrusions to show the life of the vulnerability and conclude with an analysis specific to the particular vulnerability.

Citation:
William A. Arbaugh, William L. Fithen, John McHugh, "Windows of Vulnerability: A Case Study Analysis," Computer, vol. 33, no. 12, pp. 52-59, Dec. 2000, doi:10.1109/2.889093
Usage of this product signifies your acceptance of the Terms of Use.