Understanding and overcoming cyber security anti-patterns
作者: Klaus Julisch
DOI: 10.1016/J.COMNET.2012.11.023
关键词:
摘要: This article presents an empirical and practice-based analysis of the question, why despite substantial investments, there are still major security weaknesses in today's information systems. Acknowledging that cyber is not a purely technical discipline, takes holistic approach identifies four anti-patterns frequent practice detrimental to goal achieving strong security. The first anti-pattern decisions about frequently based on intuition rather than data rigor; this introduces cognitive biases undermines decision quality. Second, many organizations fail implement foundational controls consequently, easy targets for opportunistic novice attackers. Third, overreliance relatively static threat knowledge products such as virus scanners, while inability learn adapt dynamically opens door advanced threats. Fourth, governance create systemic control gaps vulnerabilities. describes each specific steps can take overcome them.
acm.org
elsevier.com
sci-hub.se 参考文章(17)
Robert L. Davis, Ken Simmons, Planning for Failure Pro SQL Server 2008 Mirroring. pp. 209- 226 ,(2009) , 10.1007/978-1-4302-2424-2_10
Robert Coram, Boyd: The Fighter Pilot Who Changed the Art of War ,(2002)
Timothy N. Newsham, Thomas H. Ptacek, Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection ,(1998)
Jeanne Ross, Peter Weill, IT Governance: How Top Performers Manage IT Decision Rights for Superior Results ,(2004)
Christopher Kruegel, Ralf Hund, Thorsten Holz, Gregoire Jacob, JACKSTRAWS: picking command and control connections from bot traffic usenix security symposium. pp. 29- 29 ,(2011)
Michael P. Collins, Michael K. Reiter, Finding Peer-to-Peer File-Sharing Using Coarse Network Behaviors Computer Security – ESORICS 2006. pp. 1- 17 ,(2006) , 10.1007/11863908_1
Guofei Gu, Wenke Lee, Junjie Zhang, BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic network and distributed system security symposium. ,(2008)
Peter Szor, The Art of Computer Virus Research and Defense ,(2005)
Roberto Perdisci, Guofei Gu, Wenke Lee, Junjie Zhang, BotMiner: clustering analysis of network traffic for protocol- and structure-independent botnet detection usenix security symposium. pp. 139- 154 ,(2008)
Leyla Bilge, Engin Kirda, Christopher Kruegel, Marco Balduzzi, EXPOSURE : Finding malicious domains using passive DNS analysis network and distributed system security symposium. ,(2011)