A Taxonomy of Network and Computer Attack Methodologies (2003)
AuthorsHansman, Simonshow all
Since the invention of computers and networks, people have found various ways to attack them. Attacks over the years have ranged from using a sledge hammer on a computer, to advanced distributed denial of service attacks. This research focuses on computer and network attacks and providing a taxonomy of them. This is to help combat new attacks, improve computer and network security and to provide consistency in language when describing attacks. A wide range of computer and network attacks are examined to provide both a survey of the field and to provide a basis on which to build the proposed taxonomy. The proposed taxonomy consists of four dimensions which provide a holistic taxonomy and to deal with inherent problems in the computer and network attack field. The first dimension covers the attack vector and the main behaviour of the attack. The second dimension allows for classification of the attack targets. Vulnerabilities are classified in the third dimension and payloads in the fourth. The taxonomy is briefly evaluated and is found to work well, with a few areas that could be improved.