Familiarity breeds contempt: the honeymoon effect and the role of legacy code in zero-day vulnerabilities

@inproceedings{Clark2010FamiliarityBC,
  title={Familiarity breeds contempt: the honeymoon effect and the role of legacy code in zero-day vulnerabilities},
  author={S. Clark and S. Frei and Matt Blaze and J. Smith},
  booktitle={ACSAC '10},
  year={2010}
}
  • S. Clark, S. Frei, +1 author J. Smith
  • Published in ACSAC '10 2010
  • Computer Science
  • Work on security vulnerabilities in software has primarily focused on three points in the software life-cycle: (1) finding and removing software defects, (2) patching or hardening software after vulnerabilities have been discovered, and (3) measuring the rate of vulnerability exploitation. This paper examines an earlier period in the software vulnerability life-cycle, starting from the release date of a version through to the disclosure of the fourth vulnerability, with a particular focus on… CONTINUE READING
    51 Citations
    Moving Targets: Security and Rapid-Release in Firefox
    • 15
    • PDF
    Large Scale Characterization of Software Vulnerability Life Cycles
    • 3
    • PDF
    A large scale exploratory analysis of software vulnerability life cycles
    • 136
    • PDF
    Vulnerability Scrying Method for Software Vulnerability Discovery Prediction Without a Vulnerability Database
    • 44
    The Tip of the Iceberg