[Cohen98] Fred Cohen Cynthia Phillips, Laura Painton Swiler,
Timothy Gaylor, Patricia Leary, Fran Rupley, Richard Isler, and Eli Dart A Preliminary Classification Scheme for Information System Threats,
Attacks, and Defenses; A Cause and Effect Model; and Some Analysis Based
on That Model,[This paper (placed at the end for readability) describes
37 different types of actors that may Cause Information System Failure
(Threats), 94 different Mechanisms by Which Information Systems are
Caused to Fail (Attacks), and 140 different Mechanisms Which May
Prevent, Limit, Reduce, or Mitigate Harm (Defenses). We describe a
cause-effect model of information system attacks and defenses based on
the notions that particular threats use particular attacks to cause
desired consequences and successful defenders use particular defensive
measures to defend successfully against those attacks and thus limit the
consequences. Human defenders and attackers also use a variety of
different viewpoints to understand and analyze their attacks and
defenses, and this notion is also brought to bear. We then describe
some analytical methods by which this model may be analyzed to derive
useful information from available and uncertain information. This
useful information can then be applied to meeting the needs of defenders
(or if turned on its head attackers) to find effective and minimal cost
defenses (or attacks) on information systems. Next we consider the
extension of this method to networks and describe a system that
implements some of these notions in an experimental testbed called
HEAT.] Drill Down
fc@red.all.net