An Analysis of Cyber Security Attack Taxonomies

Associated organisational units

Text available via DOI:

https://doi.org/10.1109/EuroSPW.2018.00028
Final published version

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review

Published

Publication date	27/04/2018
Host publication	Workshop on Safety & Security aSSurance for Critical Infrastructures Protection
Publisher	IEEE
Pages	153-161
Number of pages	9
ISBN (electronic)	9781538654453
<mark>Original language</mark>	English
Event	Workshop on Safety & Security aSSurance for Critical Infrastructures Protection - http://www.dimat.unina2.it/marrone/s4cip18.html, London, United Kingdom Duration: 27/04/2018 → … Conference number: 3

Workshop

Workshop	Workshop on Safety & Security aSSurance for Critical Infrastructures Protection
Abbreviated title	S4CIP
Country/Territory	United Kingdom
City	London
Period	27/04/18 → …

Workshop

Workshop	Workshop on Safety & Security aSSurance for Critical Infrastructures Protection
Abbreviated title	S4CIP
Country/Territory	United Kingdom
City	London
Period	27/04/18 → …

Abstract

Taxonomies have been developed as a mechanism for cyber attack categorisation. However, when one considers the recent and rapid evolution of attacker techniques and targets, the applicability and effectiveness of these taxonomies should be questioned. This paper applies two approaches to
the evaluation of seven taxonomies. The first employs a criteria set, derived through analysis of existing works in which critical components to the creation of taxonomies are defined. The
second applies historical attack data to each taxonomy under review, more specifically, attacks in which industrial control systems have been targeted. This combined approach allows for a more in-depth understanding of existing taxonomies to be developed, from both a theoretical and practical perspective.

Research

Associated organisational units

Links

Text available via DOI: