This paper presents a classification of intrusions with respect to the technique as well the result. The taxonomy is intended to be a step on the road to an established taxonomy of intrusions for use in incident reporting, statistics, warning bulletins, intrusion detection systems etc. Unlike previous schemes, it takes the viewpoint of the system owner and should therefore be suitable to a wider community than that of system developers and vendors only. It is based on data from a realistic intrusion experiment, a fact that supports the practical applicability of the scheme. The paper also discusses general aspects of classification, and introduces a concept called dimension. After having made a broad survey of previous work in the field, we decided to base our classification of intrusion techniques on a scheme proposed by Neumann and Parker (1989) and to further refine relevant parts of their scheme. Our classification of intrusion results is derived from the traditional three aspects of computer security: confidentiality, availability and integrity.
展开▼
机译:本文介绍了关于该技术的侵入的分类。结果。分类法旨在成为用于事件报告,统计,警告公告,入侵检测系统等的建立的入侵分类道路的一步。与之前的方案不同,它需要系统所有者的观点,因此应该是合适的对于更广泛的社区而不是系统开发人员和供应商的社区。它基于来自现实入侵实验的数据,这是支持该方案的实际适用性的事实。本文还讨论了分类的一般方面,并引入了一个称为维度的概念。在对该领域进行了广泛的调查后,我们决定基于Neumann and Parker(1989)提出的计划的入侵技巧分类,并进一步细化其计划的相关部分。我们的入侵结果分类来自于计算机安全的传统三个方面:机密性,可用性和完整性。
展开▼
