Focused On Your Success


The All.Net Security Database


Generated Fri Jun 27 09:58:52 PDT 2003 by fc@red.a.net

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • Defense99:

    Name:deceptions

    Complexity: Deceptions are one of the most interesting areas of information protection but little has been done on the specifics of the complexity of carrying out deceptions. Some work has been done on detecting imperfect deceptions.
    fc@red.a.net

    Related Database Material

    [PDRPrevent - Relates to Prevent]
    [PDRDetect - Relates to Detect]
    [PDRReact - Relates to React]
    [PDRIntegrity - Relates to Integrity]
    [PDRWidespread - Relates to Widespread]
    [PLSLogical - Relates to Logical]
    [ManAlManagement - Relates to Management]
    [ManAlPolicy - Relates to Policy]
    [ManAlStandards - Relates to Standards]
    [ManAlProcedures - Relates to Procedures]
    [ManAlDocumentation - Relates to Documentation]
    [ManAlAudit - Relates to Audit]
    [ManAlSafeguards - Relates to Safeguards]
    [ManAlIncident - Relates to Incident]
    [ManAlLegal - Relates to Legal]
    [ManAlPhysical - Relates to Physical]
    [Attack24 - infrastructure observation]
    [Attack25 - insertion in transit]
    [Attack26 - observation in transit]
    [Attack30 - bribes and extortion]
    [Attack32 - password guessing]
    [Attack39 - modeling mismatches]
    [Attack49 - van Eck bugging]
    [Attack50 - electronic interference]
    [Attack53 - repair-replace-remove information]
    [Attack63 - input overflow]
    [Attack64 - illegal value insertion]
    [Attack67 - error-induced mis-operation]
    [Attack69 - induced stress failures]
    [Attack72 - network service and protocol attacks]
    [Attack73 - distributed coordinated attacks]
    [Attack75 - selected plaintext]
    [Attack77 - cryptanalysis]
    [Attack78 - breaking key management systems]
    [Attack79 - covert channels]
    [Attack80 - error insertion and analysis]
    [Attack81 - reflexive control]
    [Attack82 - dependency analysis and exploitation]
    [Attack83 - interprocess communication attacks]
    [Attack84 - below-threshold attacks]
    [Attack85 - peer relationship exploitation]
    [Attack88 - collaborative misuse]
    [Attack90 - strategic or tactical deceptions]
    [Attack91 - combinations and sequences]
    [Attack94 - repudiation]