Stochastic Models of Software Vulnerability Life Cycle
Additional contact information
Romuald Hoffmann: Wojskowa Akademia Techniczna w Warszawie, Wydział Cybernetyki
Collegium of Economic Analysis Annals, 2018, issue 49, 273-286
Software Vulnerability Life Cycle (SVLC) illustrates changes in the detection process of software vulnerability during the system exploitation. In the detection process generally two groups of actors can be distinguished: the potential exploiters and the patch developers. In this paper, there was proposed an expansion of SVLC by adding events of an anti-virus signature release and a new exploit execution to the existing general definition of vulnerability life cycle. The presented approach in this article models the extended software vulnerability life cycle as a stochastic process: a continuous time Markov chain. Consequently, there were proposed two stochastic models of the expanded vulnerability life cycle. The models can be used for evaluating the risk of vulnerability exploitation and information system security.
Keywords: software vulnerability life cycle; SVLC; expanded software vulnerability life cycle; stochastic model; homogeneous Markov process; Markov Chain; Continuous Time Markov Chain; CTMC; system dynamics (search for similar items in EconPapers)
References: View complete reference list from CitEc
Citations Track citations by RSS feed
Downloads: (external link)
http://rocznikikae.sgh.waw.pl/p/roczniki_kae_z49_20.pdf Full text (application/pdf)
This item may be available elsewhere in EconPapers: Search for items with the same title.
Export reference: BibTeX
RIS (EndNote, ProCite, RefMan)
Persistent link: https://EconPapers.repec.org/RePEc:sgh:annals:i:49:y:2018:p:273-286
Access Statistics for this article
Collegium of Economic Analysis Annals is currently edited by Joanna Plebaniak, Beata Czarnacka-Chrobot
More articles in Collegium of Economic Analysis Annals from Warsaw School of Economics, Collegium of Economic Analysis Contact information at EDIRC.
Bibliographic data for series maintained by Michał Bernardelli ().