Cyber Attacks on Financial Critical Infrastructures
作者: Mirco Marchetti , Michele Colajanni , Michele Messori , Leonardo Aniello , Ymir Vigfusson
DOI: 10.1007/978-3-642-20420-3_3
关键词:
摘要: This chapter focuses on attack strategies that can be (and have been) used against financial IT infrastructures. The first section presents an overview and a classification of the different kinds frauds attacks carried out institutions their We then restrict our focus by analyzing in detail five scenarios, selected among ones presented previous section. These scenarios are: Man Middle its variant, Browser), distributed denial service (DDoS), portscan, session hijacking, malware-based Internet banking customers. been because nature: all them involve multiple, geographically institutions. Hence detection will benefit greatly from deployment new technologies best practices for information sharing cooperative event processing. For each scenario we present theoretical description as well implementation details consequences past real
springer.com
core.ac.uk
springerlink.com参考文章(7)
Farnam Jahanian, Danny McPherson, Evan Cooke, The Zombie roundup: understanding, detecting, and disrupting botnets conference on steps to reducing unwanted traffic on internet. pp. 6- 6 ,(2005)
Yngve Espelid, Lars–Helge Netland, Andr’e N. Klingsheim, Kjell J. Hole, Robbing Banks with Their Own Software—an Exploit Against Norwegian Online Banks information security conference. pp. 63- 77 ,(2008) , 10.1007/978-0-387-09699-5_5
Stuart Staniford, James A. Hoagland, Joseph M. McAlerney, Practical automated detection of stealthy portscans Journal of Computer Security. ,vol. 10, pp. 105- 136 ,(2002) , 10.3233/JCS-2002-101-205
Leonardo Aniello, Giorgia Lodi, Roberto Baldoni, Inter-domain stealthy port scan detection through complex event processing Proceedings of the 13th European Workshop on Dependable Computing. pp. 67- 72 ,(2011) , 10.1145/1978582.1978597
D. Moore, V. Paxson, S. Savage, C. Shannon, S. Staniford, N. Weaver, Inside the Slammer worm ieee symposium on security and privacy. ,vol. 1, pp. 33- 39 ,(2003) , 10.1109/MSECP.2003.1219056
Zvi Gutterman, Dahlia Malkhi, Hold Your Sessions: An Attack on Java Session-Id Generation Lecture Notes in Computer Science. pp. 44- 57 ,(2005) , 10.1007/978-3-540-30574-3_5
Sanjeev Kumar, Smurf-based Distributed Denial of Service (DDoS) Attack Amplification in Internet international conference on internet monitoring and protection. pp. 25- 25 ,(2007) , 10.1109/ICIMP.2007.42