Expert Assessment on the Probability of Successful Remote Code Execution Attacks

Hannes Holm; Teodor Sommestad; Ulrik Franke; Mathias Ekstedt

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Expert Assessment on the Probability of Successful Remote Code Execution Attacks

In Proceedings of the 8th International Workshop on Security in Information Systems - Volume 0ICEIS, 49-58, 2011 , Beijing, China

Authors: Hannes Holm ; Teodor Sommestad ; Ulrik Franke and Mathias Ekstedt

Affiliation: The Royal Institute of Technology, Sweden

Keyword(s): .

Abstract: This paper describes a study on how cyber security experts assess the importance of three variables related to the probability of successful remote code execution attacks – presence of: (i) non-executable memory, (ii) access and (iii) exploits for High or Medium vulnerabilities as defined by the Common Vulnerability Scoring System. The rest of the relevant variables were fixed by the environment of a cyber defense exercise where the respondents participated. The questionnaire was fully completed by fifteen experts. These experts perceived access as the most important variable and availability of exploits for High vulnerabilities as more important than Medium vulnerabilities. Non-executable memory was not seen as significant, however, presumably due to lack of address space layout randomization and canaries in the network architecture of the cyber defense exercise scenario.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 18.118.2.15

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Holm, H.; Sommestad, T.; Franke, U. and Ekstedt, M. (2011). Expert Assessment on the Probability of Successful Remote Code Execution Attacks. In Proceedings of the 8th International Workshop on Security in Information Systems (ICEIS 2011) - WOSIS; ISBN 978-989-8425-61-4, SciTePress, pages 49-58. DOI: 10.5220/0003578700490058

@conference{wosis11,
author={Hannes Holm. and Teodor Sommestad. and Ulrik Franke. and Mathias Ekstedt.},
title={Expert Assessment on the Probability of Successful Remote Code Execution Attacks},
booktitle={Proceedings of the 8th International Workshop on Security in Information Systems (ICEIS 2011) - WOSIS},
year={2011},
pages={49-58},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003578700490058},
isbn={978-989-8425-61-4},
}

TY - CONF

JO - Proceedings of the 8th International Workshop on Security in Information Systems (ICEIS 2011) - WOSIS
TI - Expert Assessment on the Probability of Successful Remote Code Execution Attacks
SN - 978-989-8425-61-4
AU - Holm, H.
AU - Sommestad, T.
AU - Franke, U.
AU - Ekstedt, M.
PY - 2011
SP - 49
EP - 58
DO - 10.5220/0003578700490058
PB - SciTePress