Differences

This shows you the differences between two versions of the page.

--- attackereconomics [2017/10/24 15:22] – [References] lallodi
+++ attackereconomics [2021/01/10 21:04] (current) – external edit 127.0.0.1
@@ Line 51: / Line 51: @@
 The paper "[[https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2862299|The Work-Averse Cyber Attacker Model: Theory and Evidence From Two Million Attack Signatures]]" formally defines this attacker model by employing Stokey's Logic of Inaction, whereby an economic actor will decide to //do nothing// until a certain condition is reached.
 ===== References =====
+  * Luca Allodi. Underground Economics for Vulnerability Risk. Usenix ;login: (2018), Vol 43, no. 1. [[https://www.usenix.org/publications/login/spring2018/allodi|Link to publisher]] {{ :papers:allodi_login_2017.pdf |Preprint}}
+  * Jukka Ruohonen, Luca Allodi. A bug bounty perspective on the disclosure of web vulnerabilities. Presented at WEIS 2018, Innsbruck, AT. To appear.
+  * Luca Allodi, Marco Cremonini, Fabio Massacci, Woohyun Shim. The effect of security education and expertise on security assessments: the case of software vulnerabilities. Presented at WEIS 2018, Innsbruck, AT. To appear.
   * Luca Allodi. Economic Factors of Vulnerability Trade and Exploitation: empirical evidence from a prominent Russian cybercrime market. To appear in ACM CCS 2017. [[https://arxiv.org/abs/1708.04866|arXiv]]
   * Luca Allodi, Fabio Massacci, Julian Williams. The Work-Averse Cyber Attacker Model. Evidence from two million attack signatures. Published in WEIS 2017. [[https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2862299|SSRN]]