Zeszyt 49/2018

Kolegium Analiz Ekonomicznych oświadcza, że wersją pierwotną czasopisma jest wersja papierowa.

Romuald Hoffmann

Stochastyczne modele cyklu życia podatności oprogramowania


Stochastic Models of Software Vulnerability Life Cycle

Software Vulnerability Life Cycle (SVLC) illustrates changes in the detection process of software vulnerability during the system exploitation. In the detection process generally two groups of actors can be distinguished: the potential exploiters and the patch developers. In this paper, there was proposed an expansion of SVLC by adding events of an anti-virus signature release and a new exploit execution to the existing general definition of vulnerability life cycle. The presented approach in this article models the extended software vulnerability life cycle as a stochastic process: a continuous time Markov chain. Consequently, there were proposed two stochastic models of the expanded vulnerability life cycle. The models can be used for evaluating the risk of vulnerability exploitation and information system security.

Artykuł: PDF

spis treści zeszytu 49

Copyright © Kolegium Analiz Ekonomicznych Szkoły Głównej Handlowej w Warszawie 2011-2022   ISSN 1232-4671
sie wyburaczylo