Attacks
Contents |
[[Landwehr-Bull-McDermott-Choi-1994] (doi) .]
C.E. Landwehr, A.R. Bull, J.P. McDermott, W.S. Choi
“A taxonomy of computer program security flaws”,
ACM Computing Surveys, vol.26, #3, Sep. 1994, pp. 211-254
ResiliNets Keywords: Taxonomy of Security Flaws
Keywords: error/defect classification, security flaw, taxonomy
Abstract: “An organized record of actual flaws can be useful to computer system designers, programmers, analysts, administrators, and users. This survey provides a taxonomy for computer program security flaws, with an Appendix that documents 50 actual security flaws. These flaws have all been described previously in the open literature, but in widely separated places. For those new to the field of computer security, they provide a good introduction to the characteristics of security flaws and how they can arise. Because these flaws were not randomly selected from a valid statistical sample of such flaws, we make no strong claims concerning the likely distribution of actual security flaws within the taxonomy. However, this method of organizing security flaw data can help those who have custody of more representative samples to organize them and to focus their efforts to remove and, eventually, to prevent the introduction of security flaws. ”
Notes: This paper gives a good overview of computer security flaws.
[Qu-Jayaprakash-Hariri-Raghavendra-2002 .]
G. Qu, J. Rudraraju, R. Modukuri, S. Hariri, and C.S. Raghavendra
“A Framework for Network Vulnerability Analysis”,
Proceedings of the 1st IASTED International Conference on Communications, Internet, Information Technology (CT2002),
St. Thomas, Virgin Islands, USA, 2002 pp. 289--298
ResiliNets Keywords: vulnerability, metrics
Keywords: Network Vulnerability, Vulnerability Index, Vulnerability Metrics
Abstract: "With increasing faults and attacks on the Internet infrastructure, there is an urgent need to develop techniques to analyze network and service vulnerability under organized fault attacks. Network vulnerability refers to the impact of attacks and faults on network and system behaviors. An accurate vulnerability analysis requires a deep understanding of failure modes and effects on each of the network components and the knowledge of how these components are inter-related at each point in time to various applications in a networked system. In this paper we present an agent based network vulnerability analysis framework and show how our framework can be used to analyze and quantify the system vulnerability under a Distributed Denial of Service (DDOS) attack scenario.... "
Notes:
[Hariri-Qu-Dharmagadda-Ramkishore-Raghavendra-2003 (doi) .]
S. Hariri, G. Qu, T. Dharmagadda, R. Modukuri, and C.S. Raghavendra
“Impact Analysis of Faults and Attacks in Large-Scale Networks”,
IEEE Security and Privacy, vol.01, #5, October 2003, pp. 49-54
ResiliNets Keywords: vulnerability, metrics
Keywords:
Abstract: "Monitoring and quantifying component behavior is key to, making networks reliable and robust. The agent-based architecture presented here continuously monitors network vulnerability metrics providing new ways to measure the impact of faults and attacks."
Notes:
[Mirkovic-Reiher-2004 (doi) .]
Jelena Mirkovic, Peter Reiher,
“A taxonomy of DDoS attack and DDoS defense mechanisms”,
SIGCOMM Comput. Commun. Rev., vol. 34, #2, p. 39-53; 2004
Abstract: “Distributed denial-of-service (DDoS) is a rapidly growing problem. The multitude and variety of both the attacks and the defense approaches is overwhelming. This paper presents two taxonomies for classifying attacks and defenses, and thus provides researchers with a better understanding of the problem and the current solution space. The attack classification criteria was selected to highlight commonalities and important features of attack strategies, that define challenges and dictate the design of countermeasures. The defense taxonomy classifies the body of existing DDoS defenses based on their design decisions; it then shows how these decisions dictate the advantages and deficiencies of proposed solutions.”
ResiliNets Keywords: Challenge
Keywords:
Notes:
[[Igure-Williams-2008] (doi) .]
V.M. Igure, R.D. Williams,
“Taxonomies of attacks and vulnerabilities in computer systems”,
Communications Surveys & Tutorials, IEEE, Volume 10, Issue 1, First Quarter 2008 Page(s): 6 - 19
Abstract: “Security assessment of a system is a difficult problem. Most of the current efforts in security assessment involve searching for known vulnerabilities. Finding unknown vulnerabilities still largely remains a subjective process. The process can be improved by understanding the characteristics and nature of known vulnerabilities. The knowledge thus gained can be organized into a suitable taxonomy, which can then be used as a framework for systematically examining new systems for similar but as yet unknown vulnerabilities. There have been many attempts at producing such taxonomies. This article provides a comprehensive survey of the important work done on developing taxonomies of attacks and vulnerabilities in computer systems. This survey covers work done in security related taxonomies from 1974 until 2006. Apart from providing a state-of-the-art survey of taxonomies, we also analyze their effectiveness for use in a security assessment process. Finally, we summarize the important properties of various taxonomies to provide a framework for organizing information about known attacks and vulnerabilities into a taxonomy that would benefit the security assessment process.”
ResiliNets Keywords:
Notes:
