Towards a taxonomy for security threats on the web ecosystem
作者: Carlo Silva , Ricardo Batista , Ruy Queiroz , Vinicius Garcia , Jose Silva
DOI: 10.1109/NOMS.2016.7502862
关键词:
摘要: The aim of this paper is to present a taxonomy for security threats on the Web ecosystem. We proposes classification model based 21 vectors divided into 8 distinct threats, making use levels abstraction and criteria discrimination which consider propagation similarity in vulnerabilities. also propose estimate risk factor impacts assets, considering data breaches, human aspects service reliability. In addition, we validate taxonomic proposed through catalogues attacks facing public. Thus, it was possible observe its applicability most appear before
sci-hub.se 参考文章(12)
Lech Janczewski, Koteswara Ivaturi, A Taxonomy for Social Engineering attacks ,(2011)
R. P. Abbott, Security Analysis and Enhancements of Computer Operating Systems National Bureau of Standards. ,(1976) , 10.6028/NBS.IR.76-1041
Matt Bishop, A Taxonomy of UNIX System and Network Vulnerabilities ,(1997)
Philipp Brune, Jinying Yu, No security by obscurity - why two factor authentication should be based on an open design international conference on security and cryptography. pp. 418- 421 ,(2011)
K. Tsipenyuk, B. Chess, G. McGraw, Seven pernicious kingdoms: a taxonomy of software security errors ieee symposium on security and privacy. ,vol. 3, pp. 81- 84 ,(2005) , 10.1109/MSP.2005.159
Katharina Krombholz, Heidelinde Hobel, Markus Huber, Edgar Weippl, None, Social engineering attacks on the knowledge worker Proceedings of the 6th International Conference on Security of Information and Networks - SIN '13. pp. 28- 35 ,(2013) , 10.1145/2523514.2523596
Jim Hendler, Tim Berners-Lee, From the Semantic Web to social machines Artificial Intelligence. ,vol. 174, pp. 156- 161 ,(2010) , 10.1016/J.ARTINT.2009.11.010
Debi Ashenden, Information Security management: A human challenge? Information Security Technical Report. ,vol. 13, pp. 195- 201 ,(2008) , 10.1016/J.ISTR.2008.10.006
Carl E. Landwehr, Alan R. Bull, John P. McDermott, William S. Choi, A taxonomy of computer program security flaws ACM Computing Surveys. ,vol. 26, pp. 211- 254 ,(1994) , 10.1145/185403.185412
Simon Hansman, Ray Hunt, A taxonomy of network and computer attacks Computers & Security. ,vol. 24, pp. 31- 43 ,(2005) , 10.1016/J.COSE.2004.06.011