How to Systematically Classify Computer Security Intrusions

Oakland, CA May 04-May 07

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/SECPRI.1997.601330

1997 IEEE Symposium on Security and P ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Ulf Lindqvist Articles by Erland Jonsson

	ASCII Text	x
	Ulf Lindqvist, Erland Jonsson, "How to Systematically Classify Computer Security Intrusions," Security and Privacy, IEEE Symposium on, pp. 0154, 1997 IEEE Symposium on Security and Privacy, 1997.

	BibTex	x
	@article{ 10.1109/SECPRI.1997.601330, author = {Ulf Lindqvist and Erland Jonsson}, title = {How to Systematically Classify Computer Security Intrusions}, journal ={Security and Privacy, IEEE Symposium on}, volume = {0}, year = {1997}, issn = {1540-7993}, pages = {0154}, doi = {http://doi.ieeecomputersociety.org/10.1109/SECPRI.1997.601330}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Security and Privacy, IEEE Symposium on TI - How to Systematically Classify Computer Security Intrusions SN - 1540-7993 SP EP A1 - Ulf Lindqvist, A1 - Erland Jonsson, PY - 1997 KW - Computers KW - Security KW - Intrusion KW - Classification KW - Taxonomy KW - Experiment KW - Intrusion Detection VL - 0 JA - Security and Privacy, IEEE Symposium on ER -

Ulf Lindqvist, Chalmers University of Technology

Erland Jonsson, Chalmers University of Technology

This paper presents a classification of intrusions with respect to technique as well as to result. The taxonomy is intended to be a step on the road to an established taxonomy of intrusions for use in incident reporting, statistics, warning bulletins, intrusion detection systems etc. Unlike previous schemes, it takes the viewpoint of the system owner and should therefore be suitable to a wider community than that of system developers and vendors only. It is based on data from a realistic intrusion experiment, a fact that supports the practical applicability of the scheme. The paper also discusses general aspects of classification, and introduces a concept called dimension. After having made a broad survey of previous work in the field, we decided to base our classification of intrusion techniques on a scheme proposed by Neumann and Parker in 1989 and to further refine relevant parts of their scheme. Our classification of intrusion results is derived from the traditional three aspects of computer security: confidentiality, availability and integrity.

Index Terms:

Computers, Security, Intrusion, Classification, Taxonomy, Experiment, Intrusion Detection

Citation:

Ulf Lindqvist, Erland Jonsson, "How to Systematically Classify Computer Security Intrusions," sp, pp.0154, 1997 IEEE Symposium on Security and Privacy, 1997

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.