Threat Taxonomy
From SentryOutpost
Contents |
[edit] Networked Threats and Computer Insecurity
The topic of "networked threats" includes a huge variety of vulnerabilities, exploits and criminal behavior involving networked computing devices and the data those machines hold. Individual academic and professional practices studying these effects have typically built their own threat taxonomies limited to their specific spheres of study: synethizing these viewpoints together holistically is, in itself, a challenge. For a good overview of the huge variety of subjects involved in this field of study, please see the Wikipedia entries on "computer insecurity," "security exploits," and "computer security".
Over the years, the Sentries have frequently relied upon a
four-part taxonomy of threats:
[edit] System Exploits
Threats targeting mass-produced security holes in hardware, software and protocol designs. Examples of system exploit techniques include computer hacking (gaining access to systems through security holes), denial of service attacks (flooding machines with requests from multiple attacking machines), and malware (malicious software developed for doing harm).
Some Whitepapers and Research:
Webcast: Understanding Malware and How it Threatens Your Business (March 2007)
Malware: A Moving Target (February 2007)
Temporal Search: Detecting Hidden Malware Timebombs with Virtual Machines (October 2006)
Botnets: Proactive System Defense (June 2006)
An Inside Look at Botnets (2006?)
[edit] Social Exploits
Threats targeting behavior errors by people in networked environments. More general information can be found in the Social Engineering entry at Wikipedia. Examples of social exploit techniques include Phishing (frauduently acquiring sensitive information) and Trojans (malicious programs disguised as other kinds of software).
Some Whitepapers and Research:
The Threat of Social Engineering and Your Defense Against It (April 2007)
Behavioral Modeling of Social Engineering-Based Malicious Software (October 2006)
Computerworld: Hacker Mitnick preaches social engineering awareness (July 2005)
[edit] Data Exploits
Threats targeting data flow and storage schemas, including such techniques as packet sniffing (intercepting data in transit), tools developed to defeat copy prevention, and digital forms of counterfitting.
[edit] Documentation Exploits
Threats targeting the retrieval of data documented in non-digital forms. Examples of documentation exploit techniques include a variety of crimes that could be described as mail fraud or wire fraud as well as indentity theft involving records obtained through dumpster diving.