Classification of computer attacks using a self organizing map

DeLooze, Lori L.

doi:10.1109/iaw.2004.1437840

Cited by 13 publications

(5 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Howard (1998) provides a results-oriented classification scheme that also identifies four basic categories: corruption of information, disclosure of information, theft of service, and denial of service. Other similar classifications appear in DeLooze (2004) and Kemmerer and Vigna (2002).…”

Section: A Conceptual Model Of the Iscp A Typology Of Security Incidentssupporting

confidence: 55%

Choice and Chance: A Conceptual Model of Paths to Information Security Compromise

Ransbotham

Mitra

2009

Information Systems Research

157

View full text Add to dashboard Cite

N o longer the exclusive domain of technology experts, information security is now a management issue. Through a grounded approach using interviews, observations, and secondary data, we advance a model of the information security compromise process from the perspective of the attacked organization. We distinguish between deliberate and opportunistic paths of compromise through the Internet, labeled choice and chance, and include the role of countermeasures, the Internet presence of the firm, and the attractiveness of the firm for information security compromise. Further, using one year of alert data from intrusion detection devices, we find empirical support for the key contributions of the model. We discuss the implications of the model for the emerging research stream on information security in the information systems literature.

show abstract

Section: A Conceptual Model Of the Iscp A Typology Of Security Incidentssupporting

confidence: 55%

Choice and Chance: A Conceptual Model of Paths to Information Security Compromise

Ransbotham

Mitra

2009

Information Systems Research

157

View full text Add to dashboard Cite

show abstract

“…In the research of the automatic vulnerability categorization, Ref. [27]- [30] used the clustering algorithm to classify vulnerabilities without supervision. These works discussed how to find the hidden mode automatically.…”

Section: Automatic Vulnerability Categorizationmentioning

confidence: 99%

ASVC: An Automatic Security Vulnerability Categorization Framework Based on Novel Features of Vulnerability Data

Wen¹,

Zhang²,

Wu³

et al. 2015

JCM

View full text Add to dashboard Cite

Security vulnerabilities are a main cause of network security. Vulnerability classification gives us a better understanding of the essence of vulnerabilities, which help propose efficient solutions. However, applying Vulnerability Categorization Standard (VCS) to manually categorize vulnerabilities is impracticable since it is time-consuming and subjective. To address this issue, a new framework named Automatic Security Vulnerabilities Categorization Framework (ASVC) is proposed based on Text Mining. To further improve the accuracy, a new rule for extraction of features of Text Mining is proposed. ASVC abstracts the categorization of vulnerabilities into a process of Text Mining, and categorize vulnerabilities automatically according to a VCS. Finally, VCS of Common Weakness Enumeration is applied to three main Vulnerability Databases based on ASVC in a fast way, about 1000 vulnerabilities per hour. The accuracy of the categorization is 86.8%, 8.3% higher than previous works.

show abstract

“…Threat taxonomies (Álvarez & Petrovic, 2003;Chakrabarti & Manimaran, 2002;DeLooze, 2004;Lindqvist & Jonsson, 1997;Simmonds, Sandilands, & van Ekert, 2004;Welch & Lathrop, 2003) are rich and welldeveloped. There is even a rudimentary threat ontology, but it is not available online anymore (Undercoffer et al, 2004).…”

Section: Related Workmentioning

confidence: 99%

An Ontology of Information Security

Herzog

Shahmehri

Duma

2007

International Journal of Information Security and Privacy

154

View full text Add to dashboard Cite

We present a publicly available, OWL-based ontology of information security which models assets, threats, vulnerabilities, countermeasures and their relations. The ontology can be used as a general vocabulary, roadmap, and extensible dictionary of the domain of information security. With its help, users can agree on a common language and definition of terms and relationships. In addition to browsing for information, the ontology is also useful for reasoning about relationships between its entities, for example, threats and countermeasures. The ontology helps answer questions like: Which countermeasures detect or prevent the violation of integrity of data? Which assets are protected by SSH? Which countermeasures thwart buffer overflow attacks? At the moment, the ontology comprises 88 threat classes, 79 asset classes, 133 countermeasure classes and 34 relations between those classes. We provide the means for extending the ontology, and provide examples of the extendibility with the countermeasure classes ‘memory protection’ and ‘source code analysis’. This article describes the content of the ontology as well as its usages, potential for extension, technical implementation and tools for working with it.

show abstract

Classification of computer attacks using a self organizing map

Cited by 13 publications

References 4 publications

Choice and Chance: A Conceptual Model of Paths to Information Security Compromise

Choice and Chance: A Conceptual Model of Paths to Information Security Compromise

ASVC: An Automatic Security Vulnerability Categorization Framework Based on Novel Features of Vulnerability Data

An Ontology of Information Security

Contact Info

Product

Resources

About