The Benefits of Vulnerability Discovery and Bug Bounty Programs: Case Studies of Chromium and Firefox-Reference-Cited by-同舟云学术

The Benefits of Vulnerability Discovery and Bug Bounty Programs: Case Studies of Chromium and Firefox

Published:2023-04-30 Issue: Volume: Page:
ISSN:
Container-title:Proceedings of the ACM Web Conference 2023
language:
Short-container-title:

Author:

Atefi Soodeh¹^ORCID,Sivagnanam Amutheezan²^ORCID,Ayman Afiya²^ORCID,Grossklags Jens³^ORCID,Laszka Aron²^ORCID

Affiliation:

1. University of Houston, USA

2. Pennsylvania State University, USA

3. Technical University of Munich, Germany

Funder

National Science Foundation

Publisher

ACM

Link

https://dl.acm.org/doi/pdf/10.1145/3543507.3583352

Reference37 articles.

1. Omer Akgul , Taha Eghtesad , Amit Elazari , Omprakash Gnawali , Jens Grossklags , Michelle Mazurek , Daniel Votipka , and Aron Laszka . 2023 . Bug hunters’ perspectives on the challenges and benefits of the bug bounty ecosystem . In 32nd USENIX Security Symposium (USENIX Security). https://doi.org/10 .48550/arXiv.2301.04781 10.48550/arXiv.2301.04781 Omer Akgul, Taha Eghtesad, Amit Elazari, Omprakash Gnawali, Jens Grossklags, Michelle Mazurek, Daniel Votipka, and Aron Laszka. 2023. Bug hunters’ perspectives on the challenges and benefits of the bug bounty ecosystem. In 32nd USENIX Security Symposium (USENIX Security). https://doi.org/10.48550/arXiv.2301.04781

2. Nikolaos Alexopoulos , Andrew Meneely , Dorian Arnouts , and Max Mühlhäuser . 2021 . Who are vulnerability reporters? A large-scale empirical study on FLOSS . In 15th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM). Article 25 , 12 pages. https://doi.org/10.1145/3475716.3475783 10.1145/3475716.3475783 Nikolaos Alexopoulos, Andrew Meneely, Dorian Arnouts, and Max Mühlhäuser. 2021. Who are vulnerability reporters? A large-scale empirical study on FLOSS. In 15th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM). Article 25, 12 pages. https://doi.org/10.1145/3475716.3475783

3. Noura Alomar , Primal Wijesekera , Edward Qiu , and Serge Egelman . 2020 . “ You’ve got your nice list of bugs, now what?” Vulnerability discovery and management processes in the wild . In 16th USENIX Conference on Usable Privacy and Security (SOUPS). 319–339 . https://www.usenix.org/conference/soups2020/presentation/alomar Noura Alomar, Primal Wijesekera, Edward Qiu, and Serge Egelman. 2020. “You’ve got your nice list of bugs, now what?” Vulnerability discovery and management processes in the wild. In 16th USENIX Conference on Usable Privacy and Security (SOUPS). 319–339. https://www.usenix.org/conference/soups2020/presentation/alomar

4. Soodeh Atefi , Amutheezan Sivagnanam , Afiya Ayman , Jens Grossklags , and Aron Laszka . 2023 . Dataset: The benefits of vulnerability discovery and bug bounty programs. (February 2023). https://doi.org/10.6084/m9.figshare.22056617 10.6084/m9.figshare.22056617 Soodeh Atefi, Amutheezan Sivagnanam, Afiya Ayman, Jens Grossklags, and Aron Laszka. 2023. Dataset: The benefits of vulnerability discovery and bug bounty programs. (February 2023). https://doi.org/10.6084/m9.figshare.22056617

5. Moving Targets

Cited by 3 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. A Survey of Bug Bounty Programs in Strengthening Cybersecurity and Privacy in the Blockchain Industry;Blockchains;2024-07-08

2. Bug-Bounty, ¿el futuro del Pentesting?;Ciencia e Ingeniería Neogranadina;2024-06-30

3. The impact of regulatory mechanisms on vulnerability disclosure behavior during crowdsourcing cybersecurity testing;Mathematical Biosciences and Engineering;2023