Hyökkäysten taksonomia
John D. Howard esittää väitöskirjasssaan
:
An Analysis of Security Incidents on the Internet 1989-1995
määritelmän tietoturvalle:
"Computer security is preventing attackers from achieving objectives
through unauthorized access or unauthorized use of computers and networks."
Sen pohjalta hän tiivistää
(luvussa 6)
alla olevaan taulukkoon taksonomian, jossa
tietokoneeseen tai verkkoon hyökkäävä voidaan luokitella ensimmäisen
sarakkeen mukaisesti ja tavoite (motivaatio), johon hän tähtää, on jokin
viimeisessä sarakkeessa mainituista. Tavoitteeseen päästään jonkin
tietoon liittyvän tuloksen kautta.
Tulos muodostuu siitä, että jollain välineellä pääsee käsiksi tietoon.
Pääsy on jaoteltu neljään vaiheeseen.
Ideana on siis, että erilaisia hyökkäyksiä voidaan mallintaa
valitsemalla kustakin sarakkeesta yksi (tai usea) vaihtoehto.
| Attackers |
|
Tools |
|
----------------- Access ----------------- |
|
Results |
|
Objectives |
| Hackers |
|
User Command |
|
Implementation Vulnerability |
|
Unauthorized Access |
|
Files |
|
Corruption of Information |
|
Challenge, Status |
| Spies |
==> |
Script or Program |
==> |
Design Vulnerability |
=> |
Unauthorized Use |
=> |
Processes |
=> |
Data in Transit |
==> |
Disclosure of Information |
==> |
Political Gain |
| Terrorists |
|
Autonomous Agent |
|
Configuration Vulnerability |
|
Theft of Service |
|
Financial Gain |
| Corporate Raiders |
|
Toolkit |
|
Denial-of-service |
|
Damage |
| Professional Criminals |
|
Distributed Tool |
|
|
| Vandals |
|
Data Tap |
|
|
Muita taksonomioita
Landwehr C.E., Bull A.R., McDermott J.P., Choi W.S.:
A taxonomy of computer program security flaws.
ACM Computing Surveys,
Vol.26, No. 3 (Sept. 1994), pp. 211-254.
Tiivistelmä
:
An organized record of actual flaws can be useful to computer system
designers, programmers, analysts, administrators, and users. This
survey provides a taxonomy for computer program security flaws, with
an Appendix that documents 50 actual security flaws. These flaws have
all been described previously in the open literature, but in widely
separated places. For those new to the field of computer security,
they provide a good introduction to the characteristics of security
flaws and how they can arise. Because these flaws were not randomly
selected from a valid statistical sample of such flaws, we make no
strong claims concerning the likely distribution of actual security
flaws within the taxonomy. However, this method of organizing security
flaw data can help those who have custody of more representative
samples to organize them and to focus their efforts to remove and,
eventually, to prevent the introduction of security flaws.
Taimur Aslamin MS-thesis vuodelta 1995:
A Taxonomy of Security Faults in the Unix Operating System
(ks. erityisesti sivu 39).
Lyhyempi
versio samasta aiheesta (vuodelta 1996, 10 sivua).