Reaction to New Security Threat Class
Yuval Elovici, Lior Rokach
TL;DR
This paper analyzes how quickly the scientific and professional communities respond to new security threat classes by examining patents, publications, and products, revealing a typical delay of one to two years before effective countermeasures emerge.
Contribution
It provides a long-term analysis of community reactions to new threat classes, highlighting delays in patenting and product development for cybersecurity threats.
Findings
Patents typically appear one year after threat identification.
Industry products lag patents by over two years.
A 2-3 year window exists before effective products are available.
Abstract
Each new identified security threat class triggers new research and development efforts by the scientific and professional communities. In this study, we investigate the rate at which the scientific and professional communities react to new identified threat classes as it is reflected in the number of patents, scientific articles and professional publications over a long period of time. The following threat classes were studied: Phishing; SQL Injection; BotNet; Distributed Denial of Service; and Advanced Persistent Threat. Our findings suggest that in most cases it takes a year for the scientific community and more than two years for industry to react to a new threat class with patents. Since new products follow patents, it is reasonable to expect that there will be a window of approximately two to three years in which no effective product is available to cope with the new threat class.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSpam and Phishing Detection · Advanced Malware Detection Techniques · Network Security and Intrusion Detection