Our (in)Secure Web: Understanding Update Behavior of Websites and Its Impact on Security
- Software updates take an essential role in keeping IT environments secure. If service providers delay or do not install updates, it can cause unwanted security implications for their environments. This paper conducts a large-scale measurement study of the update behavior of websites and their utilized software stacks. Across 18 months, we analyze over 5.6M websites and 246 distinct client- and server-side software distributions. We found that almost all analyzed sites use outdated software. To understand the possible security implications of outdated software, we analyze the potential vulnerabilities that affect the utilized software. We show that software components are getting older and more vulnerable because they are not updated. We find that 95 % of the analyzed websites use at least one product for which a vulnerability existed.
Author: | Nurullah Demir, Tobias Urban, Kevin Wittek, Norberg Pohlmann |
---|---|
URL: | https://norbert-pohlmann.com/wp-content/uploads/2021/02/424-Our-inSecure-Web-Understanding-Update-Behavior-of-Websites-and-Its-Impact-on-Security-Prof.-Norbert-Pohlmann.pdf |
Parent Title (German): | Passive and Aktive Measurement : 22nd International Conference, PAM, Virtual Event, March 29 - April 2, 2021, Proceedings |
Document Type: | Article |
Language: | English |
Date of Publication (online): | 2024/01/16 |
Year of first Publication: | 2021 |
Publishing Institution: | Westfälische Hochschule Gelsenkirchen Bocholt Recklinghausen |
Release Date: | 2024/02/23 |
Pagenumber: | 17 |
Licence (German): | Es gilt das Urheberrechtsgesetz |