How to systematically classify computer security intrusions
作者: U. Lindqvist , E. Jonsson
DOI: 10.1109/SECPRI.1997.601330
关键词: Information privacy 、 Dimension (data warehouse) 、 Data mining 、 Field (computer science) 、 Data integrity 、 Intrusion detection system 、 Taxonomy (general) 、 Computer science 、 Computer security 、 Scheme (programming language)
摘要: This paper presents a classification of intrusions with respect to the technique as well result. The taxonomy is intended be step on road an established for use in incident reporting, statistics, warning bulletins, intrusion detection systems etc. Unlike previous schemes, it takes viewpoint system owner and should therefore suitable wider community than that developers vendors only. It based data from realistic experiment, fact supports practical applicability scheme. also discusses general aspects classification, introduces concept called dimension. After having made broad survey work field, we decided base our techniques scheme proposed by Neumann Parker (1989) further refine relevant parts their Our results derived traditional three computer security: confidentiality, availability integrity.
uta.edu
chalmers.se
computer.org
sci-hub.se 参考文章(16)
Catherine Meadows, R Wright, P Neumann, A representation of protocol attacks for risk assessment. Network Threats. pp. 1- 10 ,(1996)
Eugene H. Spafford, Daniel Farmer, The COPS Security Checker System USENIX Summer. pp. 165- 170 ,(1990)
Sandeep Kumar, Classification and detection of computer intrusions Purdue University. ,(1996)
Peter G. Neumann, Computer-Related Risks ,(1994)
Tomas Olovsson, Erland Jonsson, Sarah Brocklehurst, Bev Littlewood, Towards operational measures of computer security: Experimentation and modelling Predictably Secure Computing Systems. pp. 555- 569 ,(1995) , 10.1007/978-3-642-79789-7_31
Boris Beizer, Software Testing Techniques ,(1983)
Catherine Meadows, An outline of a taxonomy of computer security research and development new security paradigms workshop. pp. 33- 35 ,(1993) , 10.1145/283751.283770
Roger M. Needham, Denial of service: an example Communications of The ACM. ,vol. 37, pp. 42- 46 ,(1994) , 10.1145/188280.188294
Carole B. Hogan, Protection imperfect: the security of some computing environments Operating Systems Review. ,vol. 22, pp. 7- 27 ,(1988) , 10.1145/47671.47672
J.H. Saltzer, M.D. Schroeder, The protection of information in computer systems Proceedings of the IEEE. ,vol. 63, pp. 1278- 1308 ,(1975) , 10.1109/PROC.1975.9939