CPL - Chalmers Publication Library
| Utbildning | Forskning | Styrkeområden | Om Chalmers | In English In English Ej inloggad.

How to systematically classify computer security intrusions

Ulf Lindqvist (Institutionen för datorteknik) ; Erland Jonsson (Institutionen för datorteknik)
IEEE Symposium on Security and Privacy, 1997. Proceedings. (1081-6011). (1997)
[Konferensbidrag, refereegranskat]

This paper presents a classification of intrusions with respect to the technique as well the result. The taxonomy is intended to be a step on the road to an established taxonomy of intrusions for use in incident reporting, statistics, warning bulletins, intrusion detection systems etc. Unlike previous schemes, it takes the viewpoint of the system owner and should therefore be suitable to a wider community than that of system developers and vendors only. It is based on data from a realistic intrusion experiment, a fact that supports the practical applicability of the scheme. The paper also discusses general aspects of classification, and introduces a concept called dimension. After having made a broad survey of previous work in the field, we decided to base our classification of intrusion techniques on a scheme proposed by Neumann and Parker (1989) and to further refine relevant parts of their scheme. Our classification of intrusion results is derived from the traditional three aspects of computer security: confidentiality, availability and integrity

Nyckelord: computer security, intrusion detection, classification

Denna post skapades 2013-09-13. Senast ändrad 2013-09-13.
CPL Pubid: 183267


Läs direkt!

Lokal fulltext (fritt tillgänglig)

Institutioner (Chalmers)

Institutionen för datorteknik (1985-2001)


Systemvetenskap, informationssystem och informatik

Chalmers infrastruktur