The Zero-day attack: Deployment and evolution

  • Xavier Riofrío Universidad de Cuenca
  • Fabian Astudillo-Salinas Universidad de Cuenca
  • Luis Tello-Oquendo Universidad Nacional de Chimborazo
  • Jorge Merchan-Lima Universidad de Cuenca
Keywords: Zero-day, impact, attack, vulnerability, deployment

Abstract

In cybersecurity and computer science, the term “zero-day” is commonly related to troubles, threats, and hazards due to the lack of knowledge, experience, or misunderstanding. A zero-day attack is generally considered a new vulnerability with no defense; thus, the possible attack will have a highrisk probability, and a critical impact.  Unfortunately, only a few surveys on the topic are available that would help understand these threats, which are not enough to construct new solutions to detect, prevent, and mitigate them. In this paper, it is conducted a review of the zero-day attack, how to understand its real impact, and a few different accessible solutions nowadays. This study introduces a useful reference that provides researchers with knowledge to understand the current problem concerning zero- days attacks; hence they could develop solutions for facing them.

DOI

Downloads

Download data is not yet available.

Author Biography

Luis Tello-Oquendo, Universidad Nacional de Chimborazo
Luis Tello-Oquendo received the B.E. degree (1st class honors) in electronic and computer engineering from Escuela Superior Politécnica de Chimborazo (ESPOCH), Ecuador, in 2010; the M.Sc. degree (1st class honors) in telecommunication technologies, systems, and networks from Universitat Politécnica de Valencia (UPV), Spain, in 2013; and the Ph.D. degree (Cum Laude) in telecommunications engineering from UPV, Spain, in 2018. In 2011, he was a Lecturer with the Facultad de Ingeniería Electrónica, ESPOCH. From 2016 to 2017, he was a Visiting Research Scholar with the Broadband Wireless Networking Laboratory, Georgia Institute of Technology, Atlanta, GA, USA. From 2014 to 2018, he was a Graduate Research Assistant with the Broadband Internetworking Research Group, ITACA Institute, UPV. His research interests include mobile and wireless communication networks, random access protocols, machine-type communications, wireless software-defined networks, LTE-A and beyond cellular systems, Internet of Things, and machine learning. He is a member of the IEEE and ACM. He was the recipient of the Best Academic Record Award from Escuela Técnica Superior de Ingenieros de Telecomunicación, UPV, in 2013, and the IEEE ComSoc Award for attending the IEEE ComSoc Summer School, The University of New Mexico, Albuquerque, NM, USA, in 2017.

References

E. Chien, and L. O’Murchu, “Zero-day vulnerability: What it is, and how it works” [Online]. Available: https://us.norton.com/internetsecurity-emerging-threats-how-do-zero-day-vulnerabilities-work-30sectech.html [Accessed: Nov.25, 2020].

S. Akshaya and G. Padmavathi. “A Study on Zero-Day Attacks,” In Proceedings of International Conference on Sustainable Computing in Science (SUSCOM), pp. 2170–2177, 2019.

A. Ye, Z. Guo, and Y. Ju, “Zero-Day Vulnerability Risk Assessment and Attack Path Analysis Using Security Metric,” International Conference on Artificial Intelligence and Security, 11635(2016), pp. 266–278, 2019.

P. Szor. “The art of computer virus research and defense”. Pearson Education, 2005.

L. Bilge, and T. Dumitras, “Investigating zero-day attacks,” the magazine of USENIX & SAGE, 2013.

MITRE. “Common Vulnerabilities and Exposures - CVE: The Standard for Information Security Vulnerability Names”, 2019.

L. Ablon, and A. Bogart, “Zero Days, Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits,” Rand corporation, 2017.

National Institute of Standards and Technology. “NVD – CVE-2010-2568” [Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2010-2568 , [Accessed: Nov.25, 2020].

National Institute of Standards and Technology. “NVD - CVE-2020-5902”[Online]. Available: https://nvd.nist.gov/vuln/detail/CVE-2010-5902 [Accessed: Nov.25, 2020].

F5 Networks. “Article: K52145254: TMUI RCE vulnerability CVE-2020- 5902”[Online]. Available: https://support.f5.com/csp/article/K52145254 [Accessed: Nov.25, 2020].

SHODAN Search engine. “BIG-IP affected Software”, 2020.

X. Sun, J. Dai, P. Liu, A. Singhal and J. Yen, “Towards probabilistic identification of zero-day attack paths,” IEEE Conference on Communications and Network Security, CNS 2016, pp. 64–72, 2017.

L. Ablon, M. Libicki, and A. Abler “Markets for Cyber- crime Tools and Stolen Data: Hackers’ Bazaar,” Rand Corporation, 2014.

T. Walshe and A. Simpson, “An Empirical Study of Bug Bounty Programs,” In IBF 2020 - Proceedings of the 2020 IEEE 2nd International Workshop on Intelligent Bug Fixing, 2020.

X. Riofrío, F. Salinas Herrera and D. Galindo, “A Design for a Secure Malware Laboratory,” In Advances in Intelligent Systems and Computing, volume 1099, pp. 273–286, 2019.

L. Bilge and T. Dumitras, “Before we knew it: An empirical study of zero-day attacks in the real world,” In Proceedings of the ACM Conference on Computer and Communications Security, 2012.

L. Glanz, S. Schmidt, S. Wollny and B. Hermann, “A vulnerability’s lifetime: Enhancing version information in CVE databases,” In ACM International Conference Proceeding Series, volume 21-22-Octo, 2015.

International Organization for Standardization. “ISO/IEC 27001:2013”. Information technology — Security techniques — Information security management systems — Requirements, 2013.

R. Tang, Z. Yang, Z. Li, W. Meng, H. Wang, Q. Li, Y. Sun, D. Pei, T. Wei, Y. Xu and Y. Liu, “ZeroWall: Detecting Zero-Day Web Attacks through Encoder-Decoder Recurrent Neural Networks,” IEEE INFOCOM 2020 - IEEE Conference on Computer Communications, pp. 2479–2488, 2020.

A. Lobato, M. Lopez, I. Sanz, A. Cardenas, O. Duarte, and G. Pujolle, “An Adaptive Real-Time Architecture for Zero-Day Threat Detection,” IEEE International Conference on Communications, 2018-May:1–6, 2018.

M. Keramati, “An attack graph based procedure for risk estimation of zero-day attacks,” In 2016 8th International Symposium on Telecom- munications (IST), pp. 723–728. IEEE, sep 2016.

V. Sharma, J. Kim, S. Kwon, I. You, K. Lee and K. Yim, “A framework for mitigating zero-day attacks in IoT,” eprint arXiv:1804.05549, pp. 1–4, 2018.

F. Abri, S. Siami-Namini, M. Adl Khanghah, F. Mirza-Soltani and A. Siami-Namin, “The Performance of Machine and Deep LearningClassifiers in Detecting Zero-Day Vulnerabilitie,” In Proceedings - 2019 IEEE International Conference on Big Data, Big Data 2019, 2019.

A. Jamdagni, Z. Tan, X. He, P. Nanda and R.Ping Liu, “RePIDS: A multi tier Real-time Payload-based Intrusion Detection System,” Computer Networks, 2013.

L. Cavallaro, A. Lanzi, L. Mayer and M. Monga, “LISABETH: Automated content-based signature generator for zero-day polymorphic worms,” In Proceedings - International Conference on Software Engineering, 2008.

I. Kim, D. Kim, B. Kim, Y. Choi, S. Yoon, J. Oh and J. Jongsoo “A case study of unknown attack detection against zero-day worm in the honeynet environment,” In International Conference on Advanced Communication Technology, ICACT, 2009.

H. Tran, E. Campos-Nanez, P. Fomin and J, Wasek, “Cyber resilience recovery model to combat zero-day malware attacks,” Computers and Security, 2016.

V. Sharma, K. Lee, S. Kwon, J. Kim, H. Park, K. Yim and S. Young Lee, “A Consensus Framework for Reliability and Mitigation of Zero-Day Attacks in IoT,” Security and Communication Networks, 2017.

M. Conti, T. Dargahi, and A. Dehghantanha. “Cyber threat intelligence: Challenges and opportunities”. In Advances in Information Security. Springer, 2018.

A. Fagioli, “Zero-day recovery: the key to mitigating the ransomware threat,” Computer Fraud and Security, 2019.

K. Kim, M. Erza-Aminanto and H. Chandra, “Summary and further challenges,” In Network Intrusion Detection using Deep Learning, Springer, pp. 69–70, 2018.

Published
2021-01-01
How to Cite
[1]
X. Riofrío, F. Astudillo-Salinas, L. Tello-Oquendo, and J. Merchan-Lima, “The Zero-day attack: Deployment and evolution”, LAJC, vol. 8, no. 1, pp. 38-53, Jan. 2021.
Issue
Vol 8 No 1 (2021)
Section
Research Articles for the Regular Issue

Licencia Creative Commons

This article is published by LAJC under a Creative Commons Attribution-Non-Commercial-Share-Alike 4.0 International License. This means that non-exclusive copyright is transferred to the National Polytechnic School. The Author (s) give their consent to the Editorial Committee to publish the article in the issue that best suits the interests of this Journal. Find out more in our Copyright Notice.

Disclaimer

LAJC in no event shall be liable for any direct, indirect, incidental, punitive, or consequential copyright infringement claims related to articles that have been submitted for evaluation, or published in any issue of this journal. Find out more in our Disclaimer Notice.

Most read articles by the same author(s)