Empirical Estimates and Observations of 0Day Vulnerabilities
Description:
We define a 0Day vulnerability to be any vulnerability, in deployed software, that has been discovered by at least one person but has not yet been publicly announced or patched. These 0Day vulnerabilities are of particular interest when assessing the risk to a system from exploit of vulnerabilities which are not generally known to the public or, most importantly, to the owners of the system. Using the 0Day definition given above, we analyzed the 0Day lifespans of 491 vulnerabilities and conserv…
more
Date:
January 1, 2009
Creator:
McQueen, Miles A.; McQueen, Trevor A.; Boyer, Wayne F. & Chaffin, May R.
Partner:
UNT Libraries Government Documents Department