Home > Research > Publications & Outputs > An Analysis of Cyber Security Attack Taxonomies

Links

Text available via DOI:

View graph of relations

An Analysis of Cyber Security Attack Taxonomies

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Published
Publication date27/04/2018
Host publicationWorkshop on Safety & Security aSSurance for Critical Infrastructures Protection
PublisherIEEE
Pages153-161
Number of pages9
ISBN (Electronic)9781538654453
<mark>Original language</mark>English
EventWorkshop on Safety & Security aSSurance for Critical Infrastructures Protection - http://www.dimat.unina2.it/marrone/s4cip18.html, London, United Kingdom
Duration: 27/04/2018 → …
Conference number: 3

Workshop

WorkshopWorkshop on Safety & Security aSSurance for Critical Infrastructures Protection
Abbreviated titleS4CIP
Country/TerritoryUnited Kingdom
CityLondon
Period27/04/18 → …

Workshop

WorkshopWorkshop on Safety & Security aSSurance for Critical Infrastructures Protection
Abbreviated titleS4CIP
Country/TerritoryUnited Kingdom
CityLondon
Period27/04/18 → …

Abstract

Taxonomies have been developed as a mechanism for cyber attack categorisation. However, when one considers the recent and rapid evolution of attacker techniques and targets, the applicability and effectiveness of these taxonomies should be questioned. This paper applies two approaches to
the evaluation of seven taxonomies. The first employs a criteria set, derived through analysis of existing works in which critical components to the creation of taxonomies are defined. The
second applies historical attack data to each taxonomy under review, more specifically, attacks in which industrial control systems have been targeted. This combined approach allows for a more in-depth understanding of existing taxonomies to be developed, from both a theoretical and practical perspective.