Fraud detection via regression analysis
Computers and Security
Adversary work factor as a metric for information assurance
Proceedings of the 2000 workshop on New security paradigms
Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
The economics of information security investment
ACM Transactions on Information and System Security (TISSEC)
Why Information Security is Hard-An Economic Perspective
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Software vulnerability analysis
Software vulnerability analysis
Computer security strength and risk: a quantitative approach
Computer security strength and risk: a quantitative approach
Timing the Application of Security Patches for Optimal Uptime
LISA '02 Proceedings of the 16th USENIX conference on System administration
Hi-index | 0.00 |
The 0-delay is a mathematical model to evaluate the average impact of attacks on a billing infrastructure, that is an infrastructure that supports the billing of a set of users for some service. The model describes the search for vulnerabilities as a competition between a set of attackers and one of defenders, that are interested, respectively, in attacking and patching the infrastructure. As implied by its name, the model assumes that both the attack and the patching occur as soon as the vulnerability is discovered. The model assumes that the impact increases with the size of the vulnerability window, the time in between the discovery of the vulnerability by an attacker and by a defender and it relates this size to the numbers of attackers and of defenders. After describing the model, we describe some applications and generalizations.