Toward a Theory of Vulnerability Disclosure Policy: A Hacker’s Game

dc.creatorCanaan, Taylor J.
dc.date.accessioned2020-12-08T16:24:46Z
dc.date.available2020-12-08T16:24:46Z
dc.date.issued2020-08-06
dc.descriptionBy first understanding the behavioral consequences of policy changes in cyberspace, we are better able to defend and understand the increasingly connected world in which we live. One of the greatest drivers of human progress in the last couple of decades is the ability to access technology and the internet, but how we enforce cybersecurity is a pressing problem. Cybersecurity requires an interdisciplinary approach to solve the many problems in fields such as fintech, cyber crime, human rights violations, e-commerce, etc. How individual freedoms can be preserved while human progress can be advanced within cyberspace is the focus of the research within this initiative.en_US
dc.description.abstractA game between software vendors, heterogeneous software users, and a hacker is introduced in which software vendors attempt to protect software users by releasing updates, i.e. disclosing a vulnerability, and the hacker is attempting to exploit vulnerabilities in the software package to attack the software users. The software users must determine whether the protection offered by the update outweighs the cost of installing the update. Following the model is a description of why the disclosure of vulnerabilities can only be an optimal policy when the cost to the hacker of searching for a Zero-Day vulnerability is small. The model is also extended to discuss Microsoft’s new “extended support” disclosure policy.en_US
dc.description.departmentSalem Centeren_US
dc.identifier.urihttps://hdl.handle.net/2152/83848
dc.identifier.urihttp://dx.doi.org/10.26153/tsw/10843
dc.language.isoengen_US
dc.relation.ispartofSalem Centeren_US
dc.rights.restrictionOpenen_US
dc.subjectCybersecurity Policy Programen_US
dc.subjectPaperen_US
dc.titleToward a Theory of Vulnerability Disclosure Policy: A Hacker’s Gameen_US
dc.typeArticleen_US

Access full-text files

Original bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
AHackersGameGameSec.pdf
Size:
2.67 KB
Format:
Adobe Portable Document Format
Description:

License bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.64 KB
Format:
Item-specific license agreed upon to submission
Description:

Collections