Focused On Your Success


The All.Net Security Database


Generated Fri Jun 27 09:58:50 PDT 2003 by fc@red.a.net

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • Attack92:

    Name:kiting

    Complexity: The complexity of kiting schemes has not been mathematically analyzed in published literature to date, but indications from actual cases are that substantial computing power is required to track substantial kiting schemes. The first case where such a scheme was detected and prosecuted was detected because the kiter's computer failed for a long enough period of time that the set of transactions and delays could no longer be tracked - the kite fell out of the sky.
    fc@red.a.net

    Related Database Material

    [TBVProcessing - Relates to Processing]
    [TBVMalicious - Relates to Malicious]
    [TBVUsage - Relates to Usage]
    [PDRIntegrity - Relates to Integrity]
    [PDRDemonstrated - Relates to Demonstrated]
    [PLSSystemic - Relates to Systemic]
    [Threat1 - insiders]
    [Threat4 - consultants]
    [Threat6 - customers]
    [Threat7 - Fraudsters]
    [Threat14 - tiger teams]
    [Threat16 - professional thieves]
    [Threat23 - drug cartels]
    [Threat28 - government agencies]
    [Threat30 - economic rivals]
    [Threat31 - nation states]
    [Threat32 - global coalitions]
    [Threat33 - military organizations]
    [Threat35 - information warriors]
    [Defense54 - accountability]
    [Defense32 - anomaly detection]
    [Defense30 - audit analysis]
    [Defense29 - auditing]
    [Defense33 - capture and punishment]
    [Defense72 - detailed audit]
    [Defense38 - financial situation checking]
    [Defense14 - human intervention after detection]
    [Defense119 - individual accountability for all assets and actions]
    [Defense127 - integration principle (GASSP)]
    [Defense130 - internal control principle (GASSP)]
    [Defense79 - inventory control]
    [Defense59 - lockouts]
    [Defense31 - misuse detection]
    [Defense66 - noise injection]
    [Defense69 - path diversity]
    [Defense128 - timeliness principle (GASSP)]
    [Defense95 - traps]