Towards Robust Cyber Attack Taxonomies: A Survey with Requirements, Structures, and Assessment

IF 23.8 1区计算机科学 Q1 COMPUTER SCIENCE, THEORY & METHODS

ACM Computing Surveys Pub Date : 2025-02-13 DOI:10.1145/3717606

Paulo Roberto da Paz Ferraz Santos, Paulo Angelo Alves Resende, João José Costa Gondim, André Costa Drummond

{"title":"Towards Robust Cyber Attack Taxonomies: A Survey with Requirements, Structures, and Assessment","authors":"Paulo Roberto da Paz Ferraz Santos, Paulo Angelo Alves Resende, João José Costa Gondim, André Costa Drummond","doi":"10.1145/3717606","DOIUrl":null,"url":null,"abstract":"Cyber attacks have become a growing threat in today’s interconnected society, and taxonomies play a crucial role in understanding and preventing these attacks. However, the lack of comprehensive assessment methods for evaluating attack taxonomies represents a significant gap in the literature, hindering their development and applicability. This paper aims to address this gap by conducting a survey of 20 attack taxonomies published between 2011 and 2022 and evaluating them with a novel set of qualitative and quantitative assessment criteria, grounded in fundamental taxonomy requirements and key structural attributes. In pursuit of clear and objective assessment criteria, the authors investigated the main taxonomy properties in the literature, identifying dependencies and relationships. This investigation extracted the fundamental requirements for a relevant and widely accepted attack taxonomy in the cybersecurity community. Noteworthy structural aspects, such as organization, scheme, labeling, and approach, are also addressed, considering their impact on taxonomy effectiveness and applicability constraints. Finally, the paper poses some open questions and challenges, along with suggestions for future research directions.","PeriodicalId":50926,"journal":{"name":"ACM Computing Surveys","volume":"67 1","pages":""},"PeriodicalIF":23.8000,"publicationDate":"2025-02-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Computing Surveys","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1145/3717606","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 0

Abstract

Cyber attacks have become a growing threat in today’s interconnected society, and taxonomies play a crucial role in understanding and preventing these attacks. However, the lack of comprehensive assessment methods for evaluating attack taxonomies represents a significant gap in the literature, hindering their development and applicability. This paper aims to address this gap by conducting a survey of 20 attack taxonomies published between 2011 and 2022 and evaluating them with a novel set of qualitative and quantitative assessment criteria, grounded in fundamental taxonomy requirements and key structural attributes. In pursuit of clear and objective assessment criteria, the authors investigated the main taxonomy properties in the literature, identifying dependencies and relationships. This investigation extracted the fundamental requirements for a relevant and widely accepted attack taxonomy in the cybersecurity community. Noteworthy structural aspects, such as organization, scheme, labeling, and approach, are also addressed, considering their impact on taxonomy effectiveness and applicability constraints. Finally, the paper poses some open questions and challenges, along with suggestions for future research directions.

查看原文本刊更多论文

在当今相互联系的社会中，网络攻击已成为一种日益严重的威胁，而分类标准在理解和预防这些攻击方面发挥着至关重要的作用。然而，由于缺乏全面的评估方法来评价攻击分类标准，这是文献中的一个重大空白，阻碍了分类标准的发展和应用。本文旨在通过对 2011 年至 2022 年间发布的 20 个攻击分类标准进行调查，并根据分类标准的基本要求和关键结构属性，采用一套新颖的定性和定量评估标准对其进行评估，从而弥补这一空白。为了追求清晰客观的评估标准，作者对文献中的主要分类属性进行了调查，确定了相关性和关系。这项调查提取了网络安全界广泛接受的相关攻击分类法的基本要求。本文还讨论了值得注意的结构方面，如组织、方案、标签和方法，并考虑了它们对分类法有效性和适用性限制的影响。最后，本文提出了一些开放性问题和挑战，并对未来的研究方向提出了建议。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ACM Computing Surveys 工程技术-计算机：理论方法

CiteScore

33.20

自引率

0.60%

发文量

372

审稿时长

12 months

期刊介绍： ACM Computing Surveys is an academic journal that focuses on publishing surveys and tutorials on various areas of computing research and practice. The journal aims to provide comprehensive and easily understandable articles that guide readers through the literature and help them understand topics outside their specialties. In terms of impact, CSUR has a high reputation with a 2022 Impact Factor of 16.6. It is ranked 3rd out of 111 journals in the field of Computer Science Theory & Methods. ACM Computing Surveys is indexed and abstracted in various services, including AI2 Semantic Scholar, Baidu, Clarivate/ISI: JCR, CNKI, DeepDyve, DTU, EBSCO: EDS/HOST, and IET Inspec, among others.