A Novel Approach for Network Attack Classification Based on Sequential Questions

04/01/2018
by   Md Mehedi Hassan Onik, et al.
0

With the development of incipient technologies, user devices becoming more exposed and ill-used by foes. In upcoming decades, traditional security measures will not be sufficient enough to handle this huge threat towards distributed hardware and software. Lack of standard network attack taxonomy has become an indispensable dispute on developing a clear understanding about the attacks in order to have an operative protection mechanism. Present attack categorization techniques protect a specific group of threat which has either messed the entire taxonomy structure or ambiguous when one network attacks get blended with few others attacks. Hence, this raises concerns about developing a common and general purpose taxonomy. In this study, a sequential question-answer based model of categorization is proposed. In this article, an intrusion detection framework and threat grouping schema are proposed on the basis of four sequential questions (Who, Where, How and What). We have used our method for classifying traditional network attacks in order to identify initiator, source, attack style and seriousness of an attack. Another focus of the paper is to provide a preventive list of actions for network administrator as a guideline to reduce overall attack consequence. Recommended taxonomy is designed to detect common attacks rather than any particular type of attack which can have a practical effect in real life attack classification. From the analysis of the classifications obtained from few infamous attacks, it is obvious that the proposed system holds certain benefits related to the prevailing taxonomies. Future research directions have also been well acknowledged.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
07/15/2020

A Survey of Privacy Attacks in Machine Learning

As machine learning becomes more widely used, the need to study its impl...
research
09/15/2018

What's in a Downgrade? A Taxonomy of Downgrade Attacks in the TLS Protocol and Application Protocols Using TLS

A number of important real-world protocols including the Transport Layer...
research
10/29/2002

Encoding a Taxonomy of Web Attacks with Different-Length Vectors

Web attacks, i.e. attacks exclusively using the HTTP protocol, are rapid...
research
05/11/2020

Threat modeling framework for mobile communication systems

Due to the complex nature of mobile communication systems, most of the s...
research
05/04/2018

Insight into Insiders: A Survey of Insider Threat Taxonomies, Analysis, Modeling, and Countermeasures

Insider threats are one of today's most challenging cybersecurity issues...
research
03/31/2021

Anomaly-Based Intrusion Detection by Machine Learning: A Case Study on Probing Attacks to an Institutional Network

Cyber attacks constitute a significant threat to organizations with impl...
research
09/20/2023

Trojan Taxonomy in Quantum Computing

Quantum computing introduces unfamiliar security vulnerabilities demandi...

Please sign up or login with your details

Forgot password? Click here to reset