Future internet = content + services + management
IEEE Communications Magazine
Review: A review of DoS attack models for 3G cellular networks from a system-design perspective
Computer Communications
A review of classification methods for network vulnerability
SMC'09 Proceedings of the 2009 IEEE international conference on Systems, Man and Cybernetics
Data reduction by identification and correlation of TCP/IP attack attributes for network forensics
Proceedings of the International Conference & Workshop on Emerging Trends in Technology
International Journal of Internet Technology and Secured Transactions
Measuring and ranking attacks based on vulnerability analysis
Information Systems and e-Business Management
A Systematic Survey of Self-Protecting Software Systems
ACM Transactions on Autonomous and Adaptive Systems (TAAS) - Special Section on Best Papers from SEAMS 2012
An extensible pattern-based library and taxonomy of security threats for distributed systems
Computer Standards & Interfaces
| Hi-index | 0.00 |
Security assessment of a system is a difficult problem. Most of the current efforts in security assessment involve searching for known vulnerabilities. Finding unknown vulnerabilities still largely remains a subjective process. The process can be improved by understanding the characteristics and nature of known vulnerabilities. The knowledge thus gained can be organized into a suitable taxonomy, which can then be used as a framework for systematically examining new systems for similar but as yet unknown vulnerabilities. There have been many attempts at producing such taxonomies. This article provides a comprehensive survey of the important work done on developing taxonomies of attacks and vulnerabilities in computer systems. This survey covers work done in security related taxonomies from 1974 until 2006. Apart from providing a state-of-the-art survey of taxonomies, we also analyze their effectiveness for use in a security assessment process. Finally, we summarize the important properties of various taxonomies to provide a framework for organizing information about known attacks and vulnerabilities into a taxonomy that would benefit the security assessment process.