期刊名称:Journal of Mobile, Embedded and Distributed Systems
印刷版ISSN:2067-4074
出版年度:2013
卷号:5
期号:3
页码:108-117
语种:English
出版社:Journal of Mobile, Embedded and Distributed Systems
摘要:The zero-day vulnerability is a security lack of the computer system that is unknown to software vendor. This kind of vulnerability permits building attack strategies for gaining the access to the resources and data of a computer system. The main issue of the topic is how a computer system can be protected by zero-day vulnerabilities using the actual security procedures and tools for identifying the potential attacks that exploit the vulnerabilities unknown to computer users and software providers. The paper highlights the main features of such kind of vulnerabilities, some exploitation methods and examples of them for Java zero-day vulnerabilities and how protection strategies can be built on intelligence extracted from attack anatomy analysis.