Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - An Analysis of Cyber Security Attack Taxonomies
AU - Derbyshire, Ric
AU - Green, Benjamin
AU - Mauthe, Andreas Ulrich
AU - Busby, Jeremy Simon
AU - Hutchison, David
N1 - Conference code: 3
PY - 2018/4/27
Y1 - 2018/4/27
N2 - Taxonomies have been developed as a mechanism for cyber attack categorisation. However, when one considers the recent and rapid evolution of attacker techniques and targets, the applicability and effectiveness of these taxonomies should be questioned. This paper applies two approaches tothe evaluation of seven taxonomies. The first employs a criteria set, derived through analysis of existing works in which critical components to the creation of taxonomies are defined. Thesecond applies historical attack data to each taxonomy under review, more specifically, attacks in which industrial control systems have been targeted. This combined approach allows for a more in-depth understanding of existing taxonomies to be developed, from both a theoretical and practical perspective.
AB - Taxonomies have been developed as a mechanism for cyber attack categorisation. However, when one considers the recent and rapid evolution of attacker techniques and targets, the applicability and effectiveness of these taxonomies should be questioned. This paper applies two approaches tothe evaluation of seven taxonomies. The first employs a criteria set, derived through analysis of existing works in which critical components to the creation of taxonomies are defined. Thesecond applies historical attack data to each taxonomy under review, more specifically, attacks in which industrial control systems have been targeted. This combined approach allows for a more in-depth understanding of existing taxonomies to be developed, from both a theoretical and practical perspective.
U2 - 10.1109/EuroSPW.2018.00028
DO - 10.1109/EuroSPW.2018.00028
M3 - Conference contribution/Paper
SP - 153
EP - 161
BT - Workshop on Safety & Security aSSurance for Critical Infrastructures Protection
PB - IEEE
T2 - Workshop on Safety & Security aSSurance for Critical Infrastructures Protection
Y2 - 27 April 2018
ER -