Analysis of Zero-Day Vulnerabilities in Java

摘要

The zero-day vulnerability is a security lack of the computer system that is unknown to software vendor. This kind of vulnerability permits building attack strategies for gaining the access to the resources and data of a computer system. The main issue of the topic is how a computer system can be protected by zero-day vulnerabilities using the actual security procedures and tools for identifying the potential attacks that exploit the vulnerabilities unknown to computer users and software providers. The paper highlights the main features of such kind of vulnerabilities, some exploitation methods and examples of them for Java zero-day vulnerabilities and how protection strategies can be built on intelligence extracted from attack anatomy analysis.