Carlo Marcelo Revoredo da Silva, Ricardo Batista Rodrigues, R. D. Queiroz, V. Garcia, Jose Silva, Daniel Gatti, R. Assad, L. Nascimento, K. Brito, P. Miranda
{"title":"对网络生态系统的安全威胁进行分类","authors":"Carlo Marcelo Revoredo da Silva, Ricardo Batista Rodrigues, R. D. Queiroz, V. Garcia, Jose Silva, Daniel Gatti, R. Assad, L. Nascimento, K. Brito, P. Miranda","doi":"10.1109/NOMS.2016.7502862","DOIUrl":null,"url":null,"abstract":"The aim of this paper is to present a taxonomy for security threats on the Web ecosystem. We proposes a classification model based on 21 vectors divided into 8 distinct security threats, making use of levels of abstraction and criteria for discrimination which consider propagation and similarity in vulnerabilities. We also propose to estimate the risk factor and impacts on assets, considering data breaches, human aspects and service reliability. In addition, we validate the taxonomic model proposed through the catalogues of attacks facing the public. Thus, it was possible to observe its applicability for most of the attacks which appear before the public.","PeriodicalId":344879,"journal":{"name":"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Towards a taxonomy for security threats on the web ecosystem\",\"authors\":\"Carlo Marcelo Revoredo da Silva, Ricardo Batista Rodrigues, R. D. Queiroz, V. Garcia, Jose Silva, Daniel Gatti, R. Assad, L. Nascimento, K. Brito, P. Miranda\",\"doi\":\"10.1109/NOMS.2016.7502862\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The aim of this paper is to present a taxonomy for security threats on the Web ecosystem. We proposes a classification model based on 21 vectors divided into 8 distinct security threats, making use of levels of abstraction and criteria for discrimination which consider propagation and similarity in vulnerabilities. We also propose to estimate the risk factor and impacts on assets, considering data breaches, human aspects and service reliability. In addition, we validate the taxonomic model proposed through the catalogues of attacks facing the public. Thus, it was possible to observe its applicability for most of the attacks which appear before the public.\",\"PeriodicalId\":344879,\"journal\":{\"name\":\"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-04-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NOMS.2016.7502862\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NOMS.2016.7502862","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Towards a taxonomy for security threats on the web ecosystem
The aim of this paper is to present a taxonomy for security threats on the Web ecosystem. We proposes a classification model based on 21 vectors divided into 8 distinct security threats, making use of levels of abstraction and criteria for discrimination which consider propagation and similarity in vulnerabilities. We also propose to estimate the risk factor and impacts on assets, considering data breaches, human aspects and service reliability. In addition, we validate the taxonomic model proposed through the catalogues of attacks facing the public. Thus, it was possible to observe its applicability for most of the attacks which appear before the public.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
