Differences

This shows you the differences between two versions of the page.

--- attackereconomics [2017/10/24 15:11] – [References] lallodi
+++ attackereconomics [2021/01/10 21:04] (current) – external edit 127.0.0.1
@@ Line 51: / Line 51: @@
 The paper "[[https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2862299|The Work-Averse Cyber Attacker Model: Theory and Evidence From Two Million Attack Signatures]]" formally defines this attacker model by employing Stokey's Logic of Inaction, whereby an economic actor will decide to //do nothing// until a certain condition is reached.
 ===== References =====
-  * Luca Allodi, Marco Corradin, Fabio Massacci. Then and Now: On The Maturity of the Cybercrime Markets. The lesson black-hat marketeers learned. IEEE Transactions on Emerging Topics in Computing, 4(1):35–46, Jan 2016. Impact factor: 4.12 (2016 Scopus CiteScore). [[http://www.win.tue.nl/~lallodi/allodi-tetcs-15.pdf|PDF]]
+  * Luca Allodi. Underground Economics for Vulnerability Risk. Usenix ;login: (2018), Vol 43, no. 1. [[https://www.usenix.org/publications/login/spring2018/allodi|Link to publisher]] {{ :papers:allodi_login_2017.pdf |Preprint}}
-  * Luca Allodi. Economic Factors of Vulnerability Trade and Exploitation: empirical evidence from a prominent Russian cybercrime market. To appear in ACM CCS 2017. [[https://arxiv.org/abs/1708.04866|PDF]]
+  * Jukka Ruohonen, Luca Allodi. A bug bounty perspective on the disclosure of web vulnerabilities. Presented at WEIS 2018, Innsbruck, AT. To appear.
+  * Luca Allodi, Marco Cremonini, Fabio Massacci, Woohyun Shim. The effect of security education and expertise on security assessments: the case of software vulnerabilities. Presented at WEIS 2018, Innsbruck, AT. To appear.
+  * Luca Allodi. Economic Factors of Vulnerability Trade and Exploitation: empirical evidence from a prominent Russian cybercrime market. To appear in ACM CCS 2017. [[https://arxiv.org/abs/1708.04866|arXiv]]
+  * Luca Allodi, Fabio Massacci, Julian Williams. The Work-Averse Cyber Attacker Model. Evidence from two million attack signatures. Published in WEIS 2017. [[https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2862299|SSRN]]
   * Luca Allodi, Fabio Massacci. Attack potential in Impact and Complexity. To appear in ARES 2017. [[https://dl.acm.org/citation.cfm?id=3098965|ACM library]]
-  * Luca Allodi, Fabio Massacci, Julian Williams. The Work-Averse Cyber Attacker Model. Evidence from two million attack signatures. Published in WEIS 2017. [[https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2862299|SSRN]]
+  * Luca Allodi, Marco Corradin, Fabio Massacci. Then and Now: On The Maturity of the Cybercrime Markets. The lesson black-hat marketeers learned. IEEE Transactions on Emerging Topics in Computing, 4(1):35–46, Jan 2016. [[http://www.win.tue.nl/~lallodi/allodi-tetcs-15.pdf|PDF]]
-  * Luca Allodi. The Heavy Tails of Vulnerability Exploitation In the Proceedings of ESSoS 2015. To be published by Springer by March 2015. [[http://www.win.tue.nl/~lallodi/allodi-essos-15.pdf|PDF]]
+  * Luca Allodi. The Heavy Tails of Vulnerability Exploitation In the Proceedings of ESSoS 2015. [[http://www.win.tue.nl/~lallodi/allodi-essos-15.pdf|PDF]]
   * Luca Allodi. Attacker economics for Internet-scale vulnerability risk assessment (Extended Abstract) Research proposal, in Proceedings of Usenix LEET 2013. [[http://www.win.tue.nl/~lallodi/leet-13.pdf|PDF]]
   * Luca Allodi, Vadim Kotov, Fabio Massacci. MalwareLab: Experimentation with Cybercrime Attack Tools. In Proceedings of Usenix CSET 2013. [[http://www.win.tue.nl/~lallodi/cset-13.pdf|PDF]]
   * Luca Allodi, Woohyun Shim, Fabio Massacci. Quantitative assessment of risk reduction with cybercrime black market monitoring. Proceedings of IEEE S&P 2013 International Workshop on Cyber Crime. [[http://www.win.tue.nl/~lallodi/allodi-13-iwcc.pdf|PDF]]
   * Woohyun Shim, Luca Allodi, Fabio Massacci. Crime Pays If You Are Just an Average Hacker. Proceedings of IEEE/ASE 2012 Cyber Security Conference. [[http://www.win.tue.nl/~lallodi/shim-12-cybersecurity.pdf|PDF]]