SwePub
Sök i SwePub databas

  Utökad sökning

Träfflista för sökning "onr:"swepub:oai:DiVA.org:fhs-5011" "

Sökning: onr:"swepub:oai:DiVA.org:fhs-5011"

  • Resultat 1-1 av 1
Sortera/gruppera träfflistan
   
NumreringReferensOmslagsbildHitta
1.
  • Sigholm, Johan, et al. (författare)
  • Determining the Utility of Cyber Vulnerability Implantation : The Heartbleed Bug as a Cyber Operation
  • 2014
  • Ingår i: Military Communications Conference (MILCOM), 2014 IEEE. - : IEEE conference proceedings. ; , s. 110-116
  • Konferensbidrag (refereegranskat)abstract
    • Flaws in computer software or hardware that are as yet unknown to the public, known as zero-day vulnerabilities, are an increasingly sought-after resource by actors conducting cyber operations. While the objective pursued is commonly defensive, as in protecting own systems and networks, cyber operations may also involve exploiting identified vulnerabilities for intelligence collection or to produce military effects. The weapon zing and stockpiling of such vulnerabilities by various actors, or even the intentional implantation into cyberspace infrastructure, is a trend that currently resembles an arms race. An open question is how to measure the utility that access to these exploitable vulnerabilities provides for military purposes, and how to contrast and compare this to the possible adverse societal consequences that withholding disclosure of them may result in, such as loss of privacy or impeded freedom of the press. This paper presents a case study focusing on the Heart bleed bug, used as a tool in an offensive cyber operation. We introduce a model to estimate the adoption rate of an implanted flaw in Open SSL, derived by fitting collected real-world data. Our calculations show that reaching a global adoption of at least 50 % would take approximately three years from the time of release, given that the vulnerability remains undiscovered, while surpassing 75 % adoption would take an estimated four years. The paper concludes that while exploiting zero-day vulnerabilities may indeed be of significant military utility, such operations take time. They may also incur non-negligible risks of collateral damage and other societal costs.
  •  
Skapa referenser, mejla, bekava och länka
  • Resultat 1-1 av 1
Typ av publikation
konferensbidrag (1)
Typ av innehåll
refereegranskat (1)
Författare/redaktör
Sigholm, Johan (1)
Larsson, Emil (1)
Lärosäte
Försvarshögskolan (1)
Språk
Engelska (1)
Forskningsämne (UKÄ/SCB)
Teknik (1)
År

Kungliga biblioteket hanterar dina personuppgifter i enlighet med EU:s dataskyddsförordning (2018), GDPR. Läs mer om hur det funkar här.
Så här hanterar KB dina uppgifter vid användning av denna tjänst.

 
pil uppåt Stäng

Kopiera och spara länken för att återkomma till aktuell vy