A System-Fault-Risk Framework for cyber attack classification

Computer and network systems fall victim to many cyber attacks of different forms. To reduce the risks of cyber attacks, an organization needs to understand and assess them, make decisions about what types of barriers or protection mechanisms are necessary to defend against them, and decide where to place such mechanisms. Understanding cyber attack characteristics (threats, attack activities, state and performance impact, etc.) helps in choosing effective barriers. Understanding the assets affected by cyber attacks helps decide where to place such barriers. To develop these understandings, we classify attacks in a comprehensive, sensible format. This paper presents the System-Fault-Risk (SFR) framework for cyber attack classification, which we base on a scientific foundation, combining theories from system engineering, fault modeling, and risk-assessment. Our work extends existing classifications with a focus on separating cause and effect, and further refining effects to include state and performance.

[1]  M. Bishop Vulnerabilities Analysis , 1967 .

[2]  共立出版株式会社 コンピュータ・サイエンス : ACM computing surveys , 1978 .

[3]  John D. Howard,et al.  An analysis of security incidents on the Internet 1989-1995 , 1998 .

[4]  Sandeep Kumar,et al.  Classification and detection of computer intrusions , 1996 .

[5]  Erland Jonsson,et al.  How to systematically classify computer security intrusions , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[6]  Erland Jonsson,et al.  How to systematically classify computer security intrusions , 1997, S&P 1997.

[7]  Thomas A. Longstaff,et al.  A common language for computer security incidents , 1998 .

[8]  Kristopher Kendall,et al.  A Database of Computer Attacks for the Evaluation of Intrusion Detection Systems , 1999 .

[9]  Gregory B. White,et al.  Secure Computers and Networks: Analysis, Design, and Implementation , 2000 .

[10]  Andrew P. Moore,et al.  Attack Modeling for Information Security and Survivability , 2001 .

[11]  Richard P. Lippmann,et al.  1999 DARPA Intrusion Detection Evaluation: Design and Procedures , 2001 .

[12]  Jeffrey Undercoffer,et al.  Modeling Computer Attacks : A Target-Centric Ontology for Intrusion Detection , 2002 .

[13]  Frank Piessens,et al.  A taxonomy of causes of software vulnerabilities in Internet software , 2002 .

[14]  A. Householder,et al.  Computer attack trends challenge Internet security , 2002 .

[15]  Nong Ye,et al.  QoS-Centric Stateful Resource Management in Information Systems , 2002, Inf. Syst. Frontiers.

[16]  Sean Convery,et al.  An Attack Tree for the Border Gateway Protocol , 2003 .

[17]  Gonzalo Álvarez,et al.  A new taxonomy of Web attacks suitable for efficient encoding , 2003, Comput. Secur..

[18]  T. Tidwell,et al.  Modeling Internet Attacks , 2022 .