| Modeling Vulnerability Discovery Process in Major Cryptocurrencies |
|
Joh, HyunChul
(School of Smart Industry, Kyungil University)
Lee, JooYoung (School of K-Culture Entertainment, Kyungil University) |
| 1 | X. Wang, R. Ma, B. Li, D. Tian, and X. Wang, "E-WBM: An effort-based vulnerability discovery model," IEEE Access, vol. 7, pp. 44276-44292, 2019. DOI |
| 2 | S. Nakamoto, "Bitcoin: A peer-to-peer electronic cash system," Decentralized Business Review, 2008. |
| 3 | P. Daian, Analysis of the DAO Exploit, 2016 https://hackingdistributed.com/2016/06/18/analysis-of-the-dao-exploit/. |
| 4 | S. Palladino, The Paritywallet Hack Explained, 2017. https://blog.openzeppelin.com/on-the-parity-wallet-multisig-hack-405a8c12e8f7/. |
| 5 | J. Mattke, C. Maier, and L. Reis, "Is cryptocurrency money? Three empirical studies analyzing medium of exchange, store of value and unit of account," in Proceedings of the 2020 on Computers and People Research Conference, New York, NY, 2022. pp. 26-35. |
| 6 | A. M. Bailey, B. Rettler, and C. Warmke, "Philosophy, politics, and economics of cryptocurrency I: Money without state," Philosophy Compass, vol. 16, no. 11, 2021. |
| 7 | S. S. Kushwaha, S. Joshi, D. Singh, M. Kaur, and H. N. Lee, "Systematic review of security vulnerabilities in ethereum blockchain smart contract, " IEEE Access, vol. 10, pp. 6605-6621, 2022. DOI |
| 8 | S. S. Kushwaha, S. Joshi, D. Singh, M. Kaur, and H. - N. Lee, "Systematic review of security vulnerabilities in ethereum blockchain smart contract," IEEE Access, vol. 10, pp. 6605-6621, 2022. DOI |
| 9 | D. Vujicic, D. Jagodic, and S. Randic, "Blockchain technology, bitcoin, and Ethereum: A brief overview, " in proceedings of the 17th International Symposium Infoteh-Jahorina (Infoteh), pp. 1-6, 2018. |
| 10 | A. Stango, N. R. Prasad, and D. M. Kyriazanos, "A threat analysis methodology for security evaluation and enhancement planning, " in proceedings of the 3rd International Conference on Emerging Security Information, Systems and Technologies, Washington, DC, pp. 262-267, 2009. |
| 11 | S. Frei, T. Duebendorfer, G. Ollmann, and M. May, "Understanding the web browser threat: Examination of vulnerable online web browser populations and the insecurity iceberg," ETH Zurich Tech Report Nr, vol. 288, 2008. |
| 12 | D. Chaum, "Blind signatures for untraceable payments," D. Chaum, R. L. Rivest, and A. T. Sherman (eds.), Advances in cryptology proceedings of crypto 82, Plenum, New York, NY: Springer-Verlag,pp.199-203, 1982. |
| 13 | V. Buterin,"A next-generation smart contract and decentralized application platform," White Paper, vol. 3, no. 37, 2014. |
| 14 | L. Poinsignon, BGP Leaks and Cryptocurrencies, 2018. https://blog.cloudflare.com/bgp-leaks-and-crypto-currencies/. |
| 15 | FIRST.Org, Common Vulnerability Scoring System Version 3.1 User Guide, While Paper, 2022. https://www.first.org/cvss/v3.1/user-guide. |
| 16 | S. Quamara and A. K. Singh. "A systematic survey on security concerns in cryptocurrencies: State-of-the-art and perspectives," Computers & Security, vol. 113, 2022. |
| 17 | P. Xia, H. Wang, B. Zhang, R. Ji, B. Gao, and L. Wu, et al., "Characterizing cryptocurrency exchange scams," Computers & Security, vol. 98, 2020. |
| 18 | O. H. Alhazmi, and Y. K. Malaiya, "Application of vulnerability discovery models to major operating systems," IEEE Transactions on Reliability, vol. 57, no. 1, pp. 14-22, 2008. DOI |
| 19 | A. Christopher, K. Deniswara, and B. L. Handoko, "Forecasting cryptocurrency volatility using GARCH and ARCH model," in Proceedings of the 6th International Conference on E-Commerce, E-Business and EGovernment, New York, NY, pp. 121-128, 2022. |
| 20 | L. Lys, A. Micoulet, and M. Potop-Butucaru, "Atomic swapping bitcoins and ethers," in Proceedings of the 38th Symposium on Reliable Distributed Systems, 2019. pp. 372-3722. |
| 21 | F. Fang, C. Ventre, M. Basios, L. Kanthan, D. Martinez-Rego, F. Wu, and L. Li, "Cryptocurrency trading: A comprehensive survey," Financial Innovation, vol. 8, no. 13, 2022. |
| 22 | H. Chen, M. Pendleton, L. Njilla, and S. Xu, "A survey on ethereum systems security: Vulnerabilities, attacks, and defenses," ACM Computing Surveys, vol. 53, no. 3, pp. 1-43, 2020. |
| 23 | I. Stoepker, R. Gundlach, and S. Kapodistria, "Robustness analysis of bitcoin confirmation times," ACM SIGMETRICS Performance Evaluation Review, vol. 48, no. 4, 2021, pp. 20-23. DOI |
| 24 | A. P. Motamed and B. Bahrak, "Quantitative analysis of cryptocurrencies transaction graph," Applied Network Science, vol. 4, no. 131, 2019. |
| 25 | S. Erfani and M. Ahmadi, "Bitcoin security reference model: An implementation platform," in Proceedings of the 2019 International Symposium on Signals, Circuits and Systems, 2019. pp. 1-5. |
| 26 | H. Joh and Y. K. Malaiya, "Modeling skewness in vulnerability discovery," Quality and Reliability Engineering International, vol. 30, no. 8, pp. 1445-1459, 2014. DOI |
| 27 | O. H. Alhazmi and Y. K. Malaiya, "Quantitative vulnerability assessment of systems software," Proc. Ann. IEEE Reliability and Maintainability Symposium, pp. 615-662, 2005. |
| 28 | I. Mkpong-Ruffin, D. Umphress, J. Hamilton, and J. Gilbert, "Quantitative software security risk assessment model," in Proceedings of the 2007 ACM Workshop on Quality of Protection, New York, NY, 2007. pp. 31-33. |
| 29 | S. H. Houmb, V. N. Franqueira, and E. A. Engum, "Quantifying security risk level from cvss estimates of frequency and impact," Journal of Systems and Software, vol. 83, no. 9, pp. 1622-1634, 2010. DOI |
| 30 | F. Massacci and V. H. Nguyen, "An empirical methodology to evaluate vulnerability discovery models," IEEE Transactions on Software Engineering, vol. 40, no. 12, pp. 1147-1162, 2014. DOI |
| 31 | S. G. Eick, T. L. Graves, A. F. Karr, J. Marron, and A. Mockus, "Does code decay? assessing the evidence from change management data," IEEE Transactions on Software Engineering, vol. 27, no. 1, pp. 1-12, 2001. DOI |
| 32 | Y. Hu, S. Wang, G. H. Tu, L. Xiao, T. Xie, and X. Lei, et al., "Security threats from bitcoin wallet smartphone applications: Vulnerabilities, attacks, and countermeasures," in Proceedings of the Eleventh ACM Conference on Data and Application Security and Privacy (CODASPY '21), New York, NY, 2021. pp. 89-100. |
| 33 | X. Li, L. Wang, Y. Xin, Y. Yang, Q. Tang, and Y. Chen, "Automated software vulnerability detection based on hybrid neural network, " Applied Sciences, vol. 11, no. 7, 2021. |
| 34 | O. H. Alhazmi and Y. K. Malaiya, "Prediction capabilities of vulnerability discovery models," in RAMS '06: Proceedings of the RAMS '06. Annual Reliability and Maintainability Symposium, Washington, DC, 2006. pp. 86-91. |
| 35 | H. Joh, "Extended linear vulnerability discovery process," Journal of Multimedia Information System, vol. 4, no. 2, pp. 57-64, 2017. DOI |
| 36 | H. Hanif, M. H. N. Nasir, M. F. S. Razak, A. Firdaus, and N. B. Anuard, "The rise of software vulnerability: Taxonomy of software vulnerabilities detection and machine learning approaches," Journal of Network and Computer Applications, vol. 179, 2021. |
| 37 | H. Joh and Y. K. Malaiya, "Periodicity in software vulnerability discovery, patching and exploitation," International Journal of Information Security, vol. 16, no. 6, pp. 673-690, 2017. DOI |
 |
Korea Institute of Science and Technology Information
Gwahangno, Yuseong-gu, Daejeon, 305-806, Korea TEL : +82-42-869-1752
Copyright (c) 2009 KISTI. All Rights Reserved. For more information mail to
webmaster
