Code-Red: a case study on the spread and victims of an internet worm
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Firewalls and Internet Security: Repelling the Wily Hacker
Firewalls and Internet Security: Repelling the Wily Hacker
Timing the Application of Security Patches for Optimal Uptime
LISA '02 Proceedings of the 16th USENIX conference on System administration
Proceedings of the 2003 ACM workshop on Rapid malcode
Access for sale: a new class of worm
Proceedings of the 2003 ACM workshop on Rapid malcode
Resilient infrastructure for network security
Complexity - Special issue: Resilient and adaptive defense of computing networks
Shield: vulnerability-driven network filters for preventing known vulnerability exploits
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Provable Cryptographic Security and its Applications to Mobile Wireless Computing
Wireless Personal Communications: An International Journal
Defending a P2P Digital Preservation System
IEEE Transactions on Dependable and Secure Computing
Detecting past and present intrusions through vulnerability-specific predicates
Proceedings of the twentieth ACM symposium on Operating systems principles
Countering Network Worms Through Automatic Patch Generation
IEEE Security and Privacy
Analyzing persistent state interactions to improve state management
SIGMETRICS '06/Performance '06 Proceedings of the joint international conference on Measurement and modeling of computer systems
Information Systems Frontiers
Reducing downtime due to system maintenance and upgrades
LISA '05 Proceedings of the 19th conference on Large Installation System Administration Conference - Volume 19
OPUS: online patches and updates for security
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Cryptographic strength of ssl/tls servers: current and recent practices
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Flight data recorder: monitoring persistent-state interactions to improve systems management
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
HotDep'07 Proceedings of the 3rd workshop on on Hot Topics in System Dependability
Secure isolation of untrusted legacy applications
LISA'07 Proceedings of the 21st conference on Large Installation System Administration Conference
International Journal of Wireless and Mobile Computing
Reboots are for hardware: challenges and solutions to updating an operating system on the fly
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Secure or insure?: a game-theoretic analysis of information security games
Proceedings of the 17th international conference on World Wide Web
Security and insurance management in networks with heterogeneous agents
Proceedings of the 9th ACM conference on Electronic commerce
High-Speed Matching of Vulnerability Signatures
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
ASSURE: automatic software self-healing using rescue points
Proceedings of the 14th international conference on Architectural support for programming languages and operating systems
Efficient online validation with delta execution
Proceedings of the 14th international conference on Architectural support for programming languages and operating systems
When private keys are public: results from the 2008 Debian OpenSSL vulnerability
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Dynamic updates for web and cloud applications
APLWACA '10 Proceedings of the 2010 Workshop on Analysis and Programming Languages for Web Applications and Cloud Applications
Beyond heuristics: learning to classify vulnerabilities and predict exploits
Proceedings of the 16th ACM SIGKDD international conference on Knowledge discovery and data mining
Automated atomicity-violation fixing
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
Axis: automatically fixing atomicity violations through solving control constraints
Proceedings of the 34th International Conference on Software Engineering
Back to the future: fault-tolerant live update with time-traveling state transfer
LISA'13 Proceedings of the 27th international conference on Large Installation System Administration
Hi-index | 0.00 |
We report on an observational study of user response following the OpenSSL remote buffer overflows of July 2002 and the worm that exploited it in September 2002. Immediately after the publication of the bug and its subsequent fix we identified a set of vulnerable servers. In the weeks that followed we regularly probed each server to determine whether its administrator had applied one of the relevant fixes. We report two primary results. First, we find that administrators are generally very slow to apply the fixes. Two weeks after the bug announcement, more than two thirds of the servers were still vulnerable. Second, we identify several weak predictors of user response and find that the pattern differs in the period following the release of the bug and that following the release of the worm.