A Revised Attack Taxonomy for a New Generation of Smart Attacks

The last years have seen an unprecedented amount of attacks. Intrusions on IT-Systems are rising constantly - both from a quantitative as well as a qualitative point of view. Well-known examples like the hack of the Sony Playstation Network or the compromise of RSA are just some samples of high-quality attack vectors. Since these Smart Attacks are specifically designed to permeate state of the art technologies, current systems like Intrusion Detection Systems (IDSs) are failing to guarantee an adequate protection. In order to improve the protection, a comprehensive analysis of Smart Attacks needs to be performed to provide a basis against emerging threats.Following these ideas and inspired by the original definition of the term Advanced Persistent Threat (APT) given by U.S. Department of Defense, this publication starts with defining the terms, primarily the group of Smart Attacks. Thereafter, individual facets of Smart Attacks are presented in more detail, before recent examples are illustrated and classified using these dimensions. Next to this, current taxonomies are presented including their individual shortcomings. Our revised taxonomy is introduced, specifically addressing the latest generation of Smart Attacks. The different classes of our taxonomy are discussed, showing how to address the specifics of sophisticated, modern attacks. Finally, some ideas of addressing Smart Attacks are presented.

[1]  Thomas A. Longstaff,et al.  A common language for computer security incidents , 1998 .

[2]  Ronald D. Williams,et al.  Taxonomies of attacks and vulnerabilities in computer systems , 2008, IEEE Communications Surveys & Tutorials.

[3]  Magnus Almgren,et al.  Consolidation and Evaluation of IDS Taxonomies , 2003 .

[4]  N. Paulauskas,et al.  Computer System Attack Classification , 2006 .

[5]  John D. Howard,et al.  An analysis of security incidents on the Internet 1989-1995 , 1998 .

[6]  Michael Hanspach,et al.  On Covert Acoustical Mesh Networks in Air , 2014, J. Commun..

[7]  Gabi Dreo Rodosek,et al.  Geolocation and Verification of IP-Addresses with Specific Focus on IPv6 , 2013, CSS.

[8]  Gonzalo Álvarez,et al.  A new taxonomy of Web attacks suitable for efficient encoding , 2003, Comput. Secur..

[9]  Peter Reiher,et al.  A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.

[10]  D. L. Lough,et al.  A taxonomy of computer attacks with applications to wireless networks , 2001 .

[11]  Paul F. Syverson,et al.  A taxonomy of replay attacks [cryptographic protocols] , 1994, Proceedings The Computer Security Foundations Workshop VII.

[12]  Peter Loos,et al.  Classification of reference models: a methodology and its application , 2003, Inf. Syst. E Bus. Manag..

[13]  Ray Hunt,et al.  A taxonomy of network and computer attacks , 2005, Comput. Secur..

[14]  Sandeep Kumar,et al.  Classification and detection of computer intrusions , 1996 .

[15]  Erland Jonsson,et al.  How to systematically classify computer security intrusions , 1997, S&P 1997.