A taxonomy of network and computer attacks

Hansman, Simon Luke; Hunt, Ray

doi:10.1016/j.cose.2004.06.011

Cited by 333 publications

(209 citation statements)

References 3 publications

Supporting

Mentioning

188

Contrasting

Unclassified

Order By: Relevance

“…A useful categorization for the purpose of this paper is the five criteria proposed by [8]. These criteria constitute a holistic and usable view of possible results from a WA attack.…”

Section: Results Of the Attackmentioning

confidence: 99%

“…That is, the vulnerability can be known to the public at large. This is contingent to the taxonomy of Hansman and Hunt [8]. Vorobiev and Han [13], and Sidharth and Liu [12] propose that vulnerabilities can be found through querying the WA implementation of Universal Description, Discovery and Integration (UDDI) or Web Service Description Language (WSDL).…”

Section: Vulnerabilities and Exploitsmentioning

confidence: 99%

“…Hansman and Hunt [8] present a taxonomy for categorizing network and computer attacks in general that is influenced by Howard's taxonomy [9]. This well established taxonomy is constructed along a set of dimensions, which in combination gives a holistic view of the variables of interest for cyber attacks in general.…”

Section: Classifying Current Approachesmentioning

confidence: 99%

See 2 more Smart Citations

A Metamodel for Web Application Injection Attacks and Countermeasures

Holm¹,

Ekstedt²

2012

Lecture Notes in Business Information Processing

View full text Add to dashboard Cite

Abstract. Web application injection attacks such as cross site scripting and SQL injection are common and problematic for enterprises. In order to defend against them, practitioners with large heterogeneous system architectures and limited resources struggle to understand the effectiveness of different countermeasures under various conditions. This paper presents an enterprise architecture metamodel that can be used by enterprise decision makers when deciding between different countermeasures for web application injection attacks. The scope of the model is to provide low-effort guidance on an abstraction level of use for an enterprise decision maker. This metamodel is based on a literature review and revised according to the judgment by six domain experts identified through peer-review.

show abstract

“…A useful categorization for the purpose of this paper is the five criteria proposed by [8]. These criteria constitute a holistic and usable view of possible results from a WA attack.…”

Section: Results Of the Attackmentioning

confidence: 99%

Section: Vulnerabilities and Exploitsmentioning

confidence: 99%

See 1 more Smart Citation

A Metamodel for Web Application Injection Attacks and Countermeasures

Holm¹,

Ekstedt²

2012

Lecture Notes in Business Information Processing

View full text Add to dashboard Cite

show abstract

“…Data aggregation is also used to enhance bandwidth utilization [10,11]. But, this type of work treat all alerts equally without considering their criticalities, probably causing adverse impact on the system security.…”

Section: Related Workmentioning

confidence: 99%

Risk-driven aggregation and transmission prioritization of cyber alerts over mobile networks

Çam¹,

Mouallem²

2014

2014 International Conference on Computing, Networking and Communications (ICNC)

View full text Add to dashboard Cite

Abstract-Alert Aggregation in mobile networks plays an important role in mitigating the adverse impact of alert generation by reducing the amount of communication and security data to be transmitted. However, it is not guaranteed that the bandwidth necessary to transmit all aggregated alerts is always available, which usually result in the transmission of a portion of the alerts, while others are discarded or queued. The transmission of insufficient alert information hinders making correct decisions about attacks, leading to compromising network security. In order to maximize the benefits of data aggregation while minimizing the impact of partial alerts, this paper presents a risk-driven real-time transmission prioritization technique for implementing lossy and lossless aggregation of cyber alerts. Lossy alert aggregation and transmission are managed adaptively by allowing the prioritization and transmission of aggregated alerts according to the risk assessment of such alerts. This paper also presents a risk-driven utilization model that further adapts the aggregation and prioritization in response to dynamic network conditions. The performance results of the proposed techniques are obtained by running simulations on data collected from a mobile network. Simulation results for the aggregation of raw alerts have shown an average reduction of 51% in data storage space and bandwidth usage.

show abstract

“…In this section, we describe attacks from some of the different categories proposed in [74] and discuss how they can be detected with PeriodAnalyzer . Our examples are taken from an open access list of real-world SCADA attacks signatures used in the Quickdraw Intrusion Detection System 2 .…”

Section: Dealing With Real-world Attack Scenariosmentioning

confidence: 99%

Anomaly detection in SCADA systems : a network based approach

Barbosa¹

View full text Add to dashboard Cite

A taxonomy of network and computer attacks

Cited by 333 publications

References 3 publications

A Metamodel for Web Application Injection Attacks and Countermeasures

A Metamodel for Web Application Injection Attacks and Countermeasures

Risk-driven aggregation and transmission prioritization of cyber alerts over mobile networks

Anomaly detection in SCADA systems : a network based approach

Contact Info

Product

Resources

About