Determinants of the Ease of Hacking
Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Software security is a problem. Software development mistakes end up as vulnerabilities that can be exploited. The easier a software exploit makes attacking a target, the less skilled people are able to do it. Various prioritisation systems exist to address software security issues. The author of this paper finds that they are either too complex and hard to access, or product specific. This thesis takes a whole new approach to the prioritisation by studying exploit completeness and the factors that relate to it. First an exploit completeness scale is constructed, then the author conducts a study to analyse vulnerability and exploit data with statistical methods. The results show that seven factors influence exploit completeness. Five factors are used to build a linear regression model for completeness prediction. The time needed to collect the data for the factors is measured.
Place, publisher, year, edition, pages
2012. , 85 p.
EES Examensarbete / Master Thesis, XR-EE-ICS 2012:007
Electrical Engineering, Electronic Engineering, Information Engineering
IdentifiersURN: urn:nbn:se:kth:diva-98489OAI: oai:DiVA.org:kth-98489DiVA: diva2:537382
Master of Science - Information and Communication Systems Security
Ekstedt Lövehagen, Mathias, Univ. lektor