Understanding Hidden Information Security Threats: The Vulnerability Black Market

H
HICSS
2007
40th Annual Hawaii International Conference on System Sciences (HICSS'07)
Abstract - Understanding Hidden Information Security Threats: The Vulnerability Black Market

	This Article
	PDF RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Jaziar Radianti Articles by Jose J. Gonzalez

40th Annual Hawaii International Conference on System Sciences (HICSS'07)

Understanding Hidden Information Security Threats: The Vulnerability Black Market (PDF)

Big Island, Hawaii

January 03-January 06

ISBN: 0-7695-2755-8

	ASCII Text	x
	Jaziar Radianti, Jose J. Gonzalez, "Understanding Hidden Information Security Threats: The Vulnerability Black Market," Hawaii International Conference on System Sciences, pp. 156c, 40th Annual Hawaii International Conference on System Sciences (HICSS'07), 2007.

	BibTex	x
	@article{ 10.1109/HICSS.2007.583, author = {Jaziar Radianti and Jose J. Gonzalez}, title = {Understanding Hidden Information Security Threats: The Vulnerability Black Market}, journal ={Hawaii International Conference on System Sciences}, volume = {0}, year = {2007}, issn = {1530-1605}, pages = {156c}, doi = {http://doi.ieeecomputersociety.org/10.1109/HICSS.2007.583}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Hawaii International Conference on System Sciences TI - Understanding Hidden Information Security Threats: The Vulnerability Black Market SN - 1530-1605 SP EP A1 - Jaziar Radianti, A1 - Jose J. Gonzalez, PY - 2007 KW - Information Security KW - Software Vulnerability KW - System Dynamics KW - Vulnerability Black Market KW - Integrated Operations. VL - 0 JA - Hawaii International Conference on System Sciences ER -

Jaziar Radianti, Agder University College, Norway

Jose J. Gonzalez, Agder University College, Norway

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/HICSS.2007.583

It has been discovered recently that there is a "black market" for software vulnerabilities. Criminals and terrorists can launch exploits toward organizations before system administrators have had a chance to apply a corrective patch. To counteract this threat, software vendors and security companies have been establishing a legitimate market for software vulnerabilities; they offer rewards for software bugs reported. To explain the basic traits of this phenomenon, we develop a system dynamics model showing the growth of the vulnerability black market. A simple conceptual model is developed and some simulations using the model are implemented to learn whether the attempt to legalize the vulnerability market helps to reduce the vulnerability information circulating in the black market.

Index Terms:

Information Security, Software Vulnerability, System Dynamics, Vulnerability Black Market, Integrated Operations.

Citation:

Jaziar Radianti, Jose J. Gonzalez, "Understanding Hidden Information Security Threats: The Vulnerability Black Market," hicss, pp.156c, 40th Annual Hawaii International Conference on System Sciences (HICSS'07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.