Taxonomies of attacks and vulnerabilities in computer systems

Igure V.; Williams R.

首页> 外文期刊>Communications surveys & tutorials >Taxonomies of attacks and vulnerabilities in computer systems

【24h】

Taxonomies of attacks and vulnerabilities in computer systems

机译：计算机系统中攻击和漏洞的分类法

获取原文

获取原文并翻译 | 示例

获取外文期刊封面封底 >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

Security assessment of a system is a difficult problem. Most of the current efforts in security assessment involve searching for known vulnerabilities. Finding unknown vulnerabilities still largely remains a subjective process. The process can be improved by understanding the characteristics and nature of known vulnerabilities. The knowledge thus gained can be organized into a suitable taxonomy, which can then be used as a framework for systematically examining new systems for similar but as yet unknown vulnerabilities. There have been many attempts at producing such taxonomies. This article provides a comprehensive survey of the important work done on developing taxonomies of attacks and vulnerabilities in computer systems. This survey covers work done in security related taxonomies from 1974 until 2006. Apart from providing a state-of-the-art survey of taxonomies, we also analyze their effectiveness for use in a security assessment process. Finally, we summarize the important properties of various taxonomies to provide a framework for organizing information about known attacks and vulnerabilities into a taxonomy that would benefit the security assessment process.

机译：系统的安全评估是一个难题。当前在安全评估中的大多数工作都涉及搜索已知漏洞。查找未知漏洞仍然很大程度上仍然是一个主观过程。通过了解已知漏洞的特征和性质，可以改进该过程。这样获得的知识可以组织成适当的分类法，然后用作系统地检查新系统的相似但尚未发现的漏洞的框架。已经进行了许多尝试来产生这种分类法。本文对在开发计算机系统中的攻击和漏洞分类法方面所做的重要工作进行了全面调查。该调查涵盖了从1974年到2006年在安全相关分类法中所做的工作。除了提供最新的分类法调查之外，我们还分析了它们在安全评估过程中的有效性。最后，我们总结了各种分类法的重要属性，以提供一个框架，用于将有关已知攻击和漏洞的信息组织到分类法中，这将有益于安全评估过程。

著录项

来源
《Communications surveys & tutorials》 |2008年第1期|p.6-19|共14页
作者
Igure V.; Williams R.;
展开▼
作者单位

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类无线电电子学、电信技术;
关键词
telecommunication security; computer system attacks; computer system vulnerabilities; information organization; security assessment; taxonomies;

机译：电信安全;计算机系统攻击;计算机系统漏洞;信息组织;安全评估;分类法;

相似文献

外文文献
中文文献
专利

1. An Attack Vector Taxonomy for Mobile Telephony Security Vulnerabilities [J] . Lanoue Matthew, Bollmann Chad A., Michael James Bret, Computer . 2021,第4期

机译：移动电话安全漏洞的攻击传染媒介分类
2. Vulnerability of impulse attack-free four random phase mask cryptosystems to chosen-plaintext attack [J] . Li Tuo, Shi Yishi Journal of optics . 2016,第3期

机译：无脉冲攻击的四个随机相位掩码密码系统对纯文本攻击的脆弱性
3. A taxonomy framework based on ITU-TX-805 security architecture for quantitative determination of computer network vulnerabilities [J] . Shahriyar Mohammadi, Mohammad Hussein Sherkat, Mona Jamporazmey Security and communication networks . 2013,第7期

机译：基于ITU-TX-805安全架构的分类框架，用于定量确定计算机网络漏洞
4. Embedded systems security: Threats, vulnerabilities, and attack taxonomy [C] . Papp Dorottya, Zhendong Ma, Buttyan Levente Annual Conference on Privacy, Security and Trust . 2015

机译：嵌入式系统安全性：威胁，漏洞和攻击分类
5. Evaluation of security vulnerabilities of popular computer and server operating systems under cyber attacks [D] . Baez, Rodolfo, Jr. 2015

机译：评估网络攻击下流行的计算机和服务器操作系统的安全漏洞
6. Correction to ‘Migration in the Anthropocene: how collective navigation environmental system and taxonomy shape the vulnerability of migratory species’ [O] . Molly Hardesty-Moore, Stefanie Deinet, Robin Freeman, 2018

机译：对人类世间的迁徙：集体航行环境系统和分类学如何塑造迁徙物种的脆弱性的更正
7. A Taxonomy of Logic Attack Vulnerabilities in Component-based e-Commerce System [O] . Faisal Nabi, Jianming Yong, Xiaohui Tao 2019

机译：基于组件的电子商务系统中逻辑攻击漏洞的分类

Taxonomies of attacks and vulnerabilities in computer systems

摘要

著录项

相似文献

相关主题

期刊订阅