论文信息 - A classification of computer security incidents based on reported attack data

A classification of computer security incidents based on reported attack data

Previous studies of computer criminals have attempted to differentiate between offenders, but have not used data from the actual attacks. Drawing on theories from investigative psychology as well as information security, the current study differentiates 2755 computer security incidents using information about Method of Operation (MO), Impact, and Source Sector from reported attacks. Multivariate statistical analyses were applied on the data-matrix of 22 variables and showed the co-occurrences of various aspects of computer security incidents. A radex structure emerged where the high frequency variables were positioned in the centre of the data-plot. Based on a previously developed taxonomy of cyber intrusions, the results of the analysis showed that it was possible to draw inferences about the less informative category of Objective, from information about Attacker, Tools, Access, and Results. By applying the division-lines indicating the Objectives of Challenge/Status, Destruction, Political Gain and Financial Gain on the SSA-plot, it was shown how the taxonomies could be further developed by taking into account the relationships between the categories. Copyright © 2005 John Wiley & Sons, Ltd.

Maria Kjaerland | Maria Kjaerland

[1] U. Foa,et al. NEW DEVELOPMENTS IN FACET DESIGN AND ANALYSIS. , 1965, Psychological review.

[2] Karen Huffman. Psychology in Action , 1987 .

[3] David V. Canter,et al. Facet theory : approaches to social research , 1985 .

[4] Donn B. Parker,et al. Fighting computer crime - a new framework for protecting information , 1998 .

[5] D Canter,et al. The application of an action system model to destructive behaviour: the examples of arson and terrorism. , 2001, Behavioral sciences & the law.

[6] D. Canter,et al. Differentiating arsonists: A model of firesetting actions and characteristics , 1998 .

[7] D V Canter,et al. Linking commercial burglaries by modus operandi: tests using regression and ROC analysis. , 2002, Science & justice : journal of the Forensic Science Society.

[8] Bill Landreth. Out of the Inner Circle , 1985 .

[9] J. Lingoes. The Multivariate Analysis Of Qualitative Data , 1968 .

[10] David V. Canter,et al. A multivariate model of sexual offence behaviour: Developments in ‘offender profiling'. I. , 1990 .

[11] David V. Canter,et al. Offender profiling and investigative psychology , 2004 .

[12] Nicolas Chantler,et al. Profile of A Computer Hacker , 2001 .