A Survey on Taxonomies of Attacks and Vulnerabilities in Computer Systems (original) (raw)
Related papers
A Review on Taxonomies of Attacks and Vulnerability in Computer and Network System
— In order to gain trusted system detection and remediation of vulnerability is crucial. In computer network to solve the problem of security vulnerability, study of vulnerability is essential to know cause of vulnerability. By considering the characteristics and behavior of known vulnerabilities we can improve the security evaluation procedure. The information about known vulnerability can be used to design an appropriate taxonomy that can be further used in investigating new system and also for identifying unidentified vulnerabilities. Several attempts have been made for producing such taxonomies. This paper offers a detailed review of significant work has been done in development of taxonomies of attacks and vulnerability present in the system. Also this paper examines the efficiency of taxonomies for use in a security evaluation procedure. Further this paper summarizes the characteristics of various prominent taxonomies and provides a structure for organizing information about well-known attacks and vulnerabilities that would help in security evaluation procedure. I. INTRODUCTION Vulnerability is the root cause of network and security attacks. Any system can be termed as secure if it has no flaws and vulnerability. Therefore the detection and remediation of vulnerability is crucial to guarantee the security of the system [22]. For proper security assessment it is essential to determine system's capability to resist attacks. Security evaluation procedure generally involves probing the system to detect the presence of well-known vulnerabilities because most of the attacks typically exploit well known vulnerabilities that have not been patched. Vulnerability is the weak point in system by which hacker can gain access to the network. For security assessment it is necessary to find and classify these vulnerabilities. The first step in understanding vulnerabilities is to classify them into a taxonomy based on their characteristics. Taxonomy classifies attack into well-defined and easily understood categories. Such classification can be used for performing a systematic security assessment of a system. Taxonomy is formally defined by Merriam-Webster Online Dictionary as " the study of the general principles of scientific classification ". The word taxonomy is also used to denote the actual classification of objects. This classification is done according to the relationships between the characteristics of the objects. While beginning the scientific study of a new field, a good taxonomy is considered an " important and necessary prerequisite for systematic study " [29]. A simple collection of a large number of objects is not very useful for systematic study. The collection becomes useful only when it is classified according to set of rules. A good taxonomy also provides a common language for the study of the field.
Study of vulnerability taxonomies to provide a Novel approach for vulnerability categorization
In this age of universal electronic connectivity when world is becoming a global village ,different threats like viruses and hackers, eavesdropping and fraud, undeniably there is no time at which security does not matter. In view of large growing population of vulnerabilities, major challenge is how to prevent exploitation of these vulnerabilities by attackers. The first step in understanding vulnerabilities is to classify them into a taxonomy based on their characteristics. A good taxonomy also provides a common language for the study of the field. Properties and requirements of good taxonomy are described in this paper to lead security experts for the development of secure infrastructure. An analysis of some prominent taxonomies and their valuable aspects are highlighted that can be used to create a complete useful taxonomy.
Understanding Vulnerabilities by Refining Taxonomy
Since early 90s, experts have proposed various ways to prevent exploitations and avoid releasing software with vulnerabilities. One way is through educating developers with information on known vulnerabilities using taxonomy of vulnerabilities as a guide. However, the guide using taxonomy of vulnerabilities has not shown to mitigate the issues. One possibility is due to the existence of gaps in producing the right and comprehensive taxonomy for software vulnerabilities. We studied various available taxonomies on software vulnerabilities. In this paper we propose and discuss our own criteria for taxonomy of software vulnerabilities with some improvement with particular emphasis on C programming.
Security vulnerability categories in major software systems
… , Network, and Information …, 2006
The security vulnerabilities in software systems can be categorized by either the cause or severity. Several software vulnerabilities datasets for major operating systems and web servers are examined. The goal is to identify the attributes of each category that can potentially be exploited for enhancing security. Linking a vulnerability type to a severity level can help us prioritize testing to develop more effective testing plans. Instead of using an ad hoc security testing approach, testing can be directed to vulnerabilities with higher risk. ...
ADMIT-A Five Dimensional Approach towards Standardization of Network and Computer Attack Taxonomies
This paper proposed a five dimensional taxonomy ADMIT which captures five major classifiers to characterize the nature of attacks. These are classification by attack vector, classification by defense, classification by method, classification by impact and classification by attack target. The classification structure of proposed taxonomy described the nature of attacks thoroughly. The administrator can use the proposed taxonomy to locate strategies that are appropriate for securing their system against vulnerabilities that can be exploited. Use of ADMIT taxonomy in network defense strategies can improve the overall level of security.
Use of a taxonomy of security faults
1996
Security in computer systems is impodant so as to ensure reliable operation and to protect the integrity of stored information. Faults in the implementation of critical components can be exploited to breach se-curity and penetrate a system. These faults must he identified, detected, and corrected to ensure reliabil-ity and safeguard against denial of service, unautho-rized modification of data, or disclosure of information.
Vulnerability Scoring Systems, Remediation Strategies and Taxonomies by
This thesis focuses on vulnerability scoring systems, remediation strategies and classification systems, with the goal of improving organizational security and improving security awareness. Section 1 will function as an introduction to the cybersecurity space, with a particular focus on business applications and introducing a number of necessary frameworks for developing security awareness. This section will also include vulnerability trend research on the largest vendors in the space and their contribution to the security problem.
1996
Security in computer systems is important soasto ensure reliable operation and to protect the integrity of stored information. Faults in the implementation of critical components can be exploited to breach security and penetrate a system. These faults must be identi ed, detected, and corrected to ensure reliability and safeguard against denial of service, unauthorized modi cation of data, or disclosure of information. We define a classification of security faults in the Unix operating system. We state the criteria used to categorize the faults and present examples of the di erent fault types. We present the design and implementation details of a prototype database to store vulnerability information collected from different sources. The data is organized according to our fault categories. The information in the database can be applied in static audit analysis of systems, intrusion detection, and fault detection. We also identify and describe software testing methods that should be ef...
Categorization of software errors that led to security breaches
1998
A set of errors known to have led to security breaches in computer systems was analyzed. The analysis led to a categorization of these errors. After examining several proposed schemes for the categorization of software errors a new scheme was developed and used. This scheme classi es errors by their cause, the nature of their impact, and the ty p e o f c hange, or x, made to remove the error. The errors considered in this work are found in a database maintained by the COAST laboratory. The categorization is the rst step in the investigation of the e ectiveness of various measures of code coverage in revealing software errors that might lead to security breaches.