A Revised Attack Taxonomy for a New Generation of Smart Attacks

Robert Koch, Mario Golling, Gabi Dreo Rodosek

Abstract


The last years have seen an unprecedented amount of attacks. Intrusions on IT-Systems are rising constantly - both from a quantitative as well as a qualitative point of view. Well-known examples like the hack of the Sony Playstation Network or the compromise of RSA are just some samples of high-quality attack vectors. Since these Smart Attacks are specifically designed to permeate state of the art technologies, current systems like Intrusion Detection Systems (IDSs) are failing to guarantee an adequate protection. In order to improve the protection, a comprehensive analysis of Smart Attacks needs to be performed to provide a basis against emerging threats.Following these ideas and inspired by the original definition of the term Advanced Persistent Threat (APT) given by U.S. Department of Defense, this publication starts with defining the terms, primarily the group of Smart Attacks. Thereafter, individual facets of Smart Attacks are presented in more detail, before recent examples are illustrated and classified using these dimensions. Next to this, current taxonomies are presented including their individual shortcomings. Our revised taxonomy is introduced, specifically addressing the latest generation of Smart Attacks. The different classes of our taxonomy are discussed, showing how to address the specifics of sophisticated, modern attacks. Finally, some ideas of addressing Smart Attacks are presented.


Full Text: PDF DOI: 10.5539/cis.v7n3p18

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.

Computer and Information Science   ISSN 1913-8989 (Print)   ISSN 1913-8997 (Online)
Copyright © Canadian Center of Science and Education

To make sure that you can receive messages from us, please add the 'ccsenet.org' domain to your e-mail 'safe list'. If you do not receive e-mail in your 'inbox', check your 'bulk mail' or 'junk mail' folders.