TY - JOUR
T1 - A Multivocal Study on Zero-Day Attacks Integrating Best Practices Into a Security Maturity Model
AU - Bakri, Eman
AU - Mahmood, Sajjad
AU - Alshayeb, Mohammad
AU - Niazi, Mahmood
N1 - Publisher Copyright:
© King Fahd University of Petroleum & Minerals 2025.
PY - 2025
Y1 - 2025
N2 - Security is an essential attribute of quality software. Detecting and mitigating different types of attacks are essential for producing high-quality software. Organizations spend large amounts of money purchasing intrusion detection systems, antivirus software, and antispyware software. However, these solutions are insufficient, and organizations continue to face security risks due to an ever-growing list of security vulnerabilities. One such security vulnerability is a zero-day attack. A zero-day attack refers to the threat of an unknown security vulnerability in software that either the application developers are unaware of or for which no security patch has been released. Zero-day attacks are complex to analyze due to the lack of data until such attacks are discovered. Despite the significance of zero-day attacks, relatively little empirical research has been conducted to gain a deeper understanding of these attacks. Currently, no model exists to assess the maturity of managing zero-day attacks in an organization. This study aims to develop a zero-day attack maturity model that enables organizations to assess their current capabilities in responding to zero-day attacks and identify areas for improvement, based on defined knowledge areas and maturity levels. A multivocal literature review approach was used to identify best practices for managing zero-day attacks. A zero-day attack maturity model was designed and structured into knowledge areas and maturity levels. Next, case studies were conducted to validate the maturity model. The study outcomes include the maturity model, which outlines best practices for managing zero-day attacks, and the interactive web tool that operationalizes the model. We believe that the study outcomes will increase awareness of such attacks, help assess organizations’ levels of maturity in dealing with zero-day vulnerabilities, and serve as a baseline for further research in this area, supporting industries and developers.
AB - Security is an essential attribute of quality software. Detecting and mitigating different types of attacks are essential for producing high-quality software. Organizations spend large amounts of money purchasing intrusion detection systems, antivirus software, and antispyware software. However, these solutions are insufficient, and organizations continue to face security risks due to an ever-growing list of security vulnerabilities. One such security vulnerability is a zero-day attack. A zero-day attack refers to the threat of an unknown security vulnerability in software that either the application developers are unaware of or for which no security patch has been released. Zero-day attacks are complex to analyze due to the lack of data until such attacks are discovered. Despite the significance of zero-day attacks, relatively little empirical research has been conducted to gain a deeper understanding of these attacks. Currently, no model exists to assess the maturity of managing zero-day attacks in an organization. This study aims to develop a zero-day attack maturity model that enables organizations to assess their current capabilities in responding to zero-day attacks and identify areas for improvement, based on defined knowledge areas and maturity levels. A multivocal literature review approach was used to identify best practices for managing zero-day attacks. A zero-day attack maturity model was designed and structured into knowledge areas and maturity levels. Next, case studies were conducted to validate the maturity model. The study outcomes include the maturity model, which outlines best practices for managing zero-day attacks, and the interactive web tool that operationalizes the model. We believe that the study outcomes will increase awareness of such attacks, help assess organizations’ levels of maturity in dealing with zero-day vulnerabilities, and serve as a baseline for further research in this area, supporting industries and developers.
KW - Best practices
KW - Maturity model
KW - Software security
KW - Zero-day attacks
UR - https://www.scopus.com/pages/publications/105024581438
U2 - 10.1007/s13369-025-10935-y
DO - 10.1007/s13369-025-10935-y
M3 - Review article
AN - SCOPUS:105024581438
SN - 2193-567X
JO - Arabian Journal for Science and Engineering
JF - Arabian Journal for Science and Engineering
ER -