Hacking Is Not Random: A Case-Control Study of Webserver-Compromise Risk

Vasek, Marie; Wadleigh, John; Moore, Tyler

doi:10.1109/tdsc.2015.2427847

Cited by 22 publications

(20 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These findings confirm previous work at the level of domain names [51]. The authors have concluded that i) running popular CMS platforms (WordPress and Joomla) and ii) running up-to-date versions of WordPress increases the odds of a domain in getting compromised.…”

Section: Dead End: Direct Relation Between Security Indicators and Abusesupporting

confidence: 87%

“…Next, we mark a provider as a shared hosting provider if we observe at least one IP address that hosts more than 10 domains. We adopt the same threshold used in other studies [45,51]. Using an elbow plot of domain density per IP address, we confirmed a sharp increase in density beyond a threshold of 10 to 15 domains per IP address.…”

Section: Datasupporting

confidence: 65%

“…Content Management Systems (CMSes) have been amongst the most exploited software stacks for many years [39,46,51]. Depending on the administration rights in the shared hosting environment, CMSes can be updated either by the webmaster or the shared hosting provider herself.…”

Section: Software Patching Practicesmentioning

confidence: 99%

See 2 more Smart Citations

Herding Vulnerable Cats

Tajalizadehkhoob

Goethem

Korczyński

et al. 2017

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

Self Cite

View full text Add to dashboard Cite

Hosting providers play a key role in fighting web compromise, but their ability to prevent abuse is constrained by the security practices of their own customers. Shared hosting, offers a unique perspective since customers operate under restricted privileges and providers retain more control over configurations. We present the first empirical analysis of the distribution of web security features and software patching practices in shared hosting providers, the influence of providers on these security practices, and their impact on web compromise rates. We construct provider-level features on the global market for shared hosting-containing 1,259 providersby gathering indicators from 442,684 domains. Exploratory factor analysis of 15 indicators identifies four main latent factors that capture security efforts: content security, webmaster security, web infrastructure security and web application security. We confirm, via a fixed-effect regression model, that providers exert significant influence over the latter two factors, which are both related to the software stack in their hosting environment. Finally, by means of GLM regression analysis of these factors on phishing and malware abuse, we show that the four security and software patching factors explain between 10% and 19% of the variance in abuse at providers, after controlling for size. For web-application security for instance, we found that when a provider moves from the bottom 10% to the best-performing 10%, it would experience 4 times fewer phishing incidents. We show that providers have influence over patch levels-even higher in the stack, where CMSes can run as client-side software-and that this influence is tied to a substantial reduction in abuse levels. CCS CONCEPTS • Security and privacy → Vulnerability management; Systems security; Human and societal aspects of security and privacy; Economics of security and privacy; Web protocol security;

show abstract

Section: Dead End: Direct Relation Between Security Indicators and Abusesupporting

confidence: 87%

Section: Datasupporting

confidence: 65%

See 1 more Smart Citation

Herding Vulnerable Cats

Tajalizadehkhoob

Goethem

Korczyński

et al. 2017

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

Self Cite

View full text Add to dashboard Cite

show abstract

“…To perform this task, the process distinguishes two phases: feature learning, and monitoring. Finally, authors in [31] computed a web-server's risk factors when cybercriminals use Apache, Nginx, or Microsoft IIS, among others. They also included the effect of running the most popular WCMS platforms with up-to-date versions on those web-servers, finding that recent versions were more compromised than less-popular WCMS platforms or outdated versions.…”

Section: Related Workmentioning

confidence: 99%

A Comparative Study of Web Content Management Systems

et al. 2018

View full text Add to dashboard Cite

Web Content Management Systems (WCMS) play an increasingly important role in the Internet's evolution. They are software platforms that facilitate the implementation of a web site or an e-commerce and are gaining popularity due to its flexibility and ease of use. In this work, we explain from a tutorial perspective how to manage WCMS and what can be achieved by using them. With this aim, we select the most popular open-source WCMS; namely, Joomla!, WordPress, and Drupal. Then, we implement three websites that are equal in terms of requirements, visual aspect, and functionality, one for each WCMS. Through a qualitative comparative analysis, we show the advantages and drawbacks of each solution, and the complexity associated. On the other hand, security concerns can arise if WCMS are not appropriately used. Due to the key position that they occupy in today's Internet, we perform a basic security analysis of the three implement websites in the second part of this work. Specifically, we explain vulnerabilities, security enhancements, which errors should not be done, and which WCMS is initially safer.

show abstract

“…Chapter 6: Research design and method 56 _______________________________________________________________________________________________________________________________________________ publications by security researchers (e.g.,Walden, 2009Walden, , 2010Vasek et al 2016) and in industry reports of threats and breaches such as the Verizon 2016 Data BreachFor each of the ten vulnerabilities in the small sample, we manually examined the content of each CVE record, seeking insights to help specify variables and measures in step 7 and to inform the automated data collection of the full sample in step 8. There…”

mentioning

confidence: 99%

An investigation of software vulnerabilities in open source software projects using data from publicly-available online sources.

Murshed¹

View full text Add to dashboard Cite

Software vulnerabilities is an active area of research, but little is known about how publicly-observable properties of open source software projects and developer communities relate to the time taken to discover and fix vulnerabilities in the projects' software. This thesis examines that relationship using data harvested from online sources about a sample of 60 open source content management system (CMS) projects and 1268vulnerabilities affecting the software produced by those projects. Combining project release histories with metrics from two online databases provided reliable proxy dates for vulnerability introduction and fix, but not discovery. Higher commit density (a proxy for project activity) was associated with shorter time of exposure. The lifecycle model, data collection workflow, and software scripts will enable researchers to replicate and extend this analysis, and the evidence-based recommendations provided here will enable improvements to the coverage, quality, access, and integration of online sources for project and vulnerability metrics. ______________________________________________________________________ iiAn investigation of software vulnerabilities in open source software projects using data from publicly-available sources

show abstract

Hacking Is Not Random: A Case-Control Study of Webserver-Compromise Risk

Cited by 22 publications

References 17 publications

Herding Vulnerable Cats

Herding Vulnerable Cats

A Comparative Study of Web Content Management Systems

An investigation of software vulnerabilities in open source software projects using data from publicly-available online sources.

Contact Info

Product

Resources

About