Security incidents on the Internet, 1989--1995
This paper presents an analysis of trends in Internet security based on an investigation of 4,299 Internet security-related incidents reported to the CERT{reg_sign} Coordination Center (CERT{reg_sign}/CC) from 1989 through 1995. Prior to this research, knowledge of actual Internet security incidents was limited and primarily anecdotal. This research: (1) developed a taxonomy to classify Internet attacks and incidents, (2) organized, classified, and analyzed CERT{reg_sign}/CC incident records, (3) summarized the relative frequency of the use of tools and vulnerabilities, success in achieving access, and results of attacks, (4) estimated total Internet incident activity, (5) developed recommendations for Internet users and suppliers, and (6) developed recommendations for future research. With the exception of denial-of-service attacks, security incidents were found to be increasing at a rate less than Internet growth. Estimates showed that most, if not all, severe incidents were reported to the CERT{reg_sign}/CC, and that more than one out of three above average incidents (in terms of duration and number of sites) were reported. Estimates also indicated that a typical Internet site was involved in, at most, around one incident (of any kind) per year, and a typical Internet host in, at most, around one incident in 45 years. The probability of unauthorized privileged access was around an order of magnitude less likely. As a result, simple and reasonable security precautions should be sufficient for most Internet users.
Year of publication: |
2011-11-10
|
---|---|
Authors: | Howard, J.D. |
Subject: | mathematics, computers, information science, management, law, miscellaneous | INTERNET | SECURITY | HUMAN INTRUSION | CLASSIFICATION | RECOMMENDATIONS |
Saved in:
freely available
Saved in favorites
Similar items by subject
-
Evaluating the risk of industrial espionage
Bott, T.F., (2009)
-
Directory Enabled Policy Based Networking
KELIIAA, CURTIS M., (2008)
-
Frank, J.R., (2009)
- More ...