Addressing internet security vulnerabilities a benchmarking study

IFIP Advances in Information and Communication Technology

Volumn 86, Issue , 2002, Pages 121-132

  Alayed, A ^a   Fvrnell, S M ^a   Barlow, I M ^a  

^a UNIVERSITY OF PLYMOUTH   (United Kingdom)

Author keywords

Advisories; ExplOits; Vulnerability

Indexed keywords

SECURITY OF DATA;

INTERNET SECURITY; IT ENVIRONMENTS; REFERENCE ENVIRONMENTS; SYSTEM ADMINISTRATORS;

BENCHMARKING;

EID: 0242283056     PISSN: 18684238     EISSN: 1868422X     Source Type: Book Series    
DOI: 10.1007/978-0-387-35586-3_9     Document Type: Conference Paper

References (17)

1. SANS Institute. 2001. “How To Eliminate The Ten Most Critical Internet Security Threats”, Version 1.32, January 182001. http://www.sans.org/topten.htm
2. Computer Security Institute. 2000. “2000 CSIIFBI Computer Crime and Security Survey”, Computer Security Issues & Trends, vol. 6, no. 1. Spring 2000.
3. Microsoft Corporation. 2000. “The Definition of a Security Vulnerability”, http://www.microsoft.comltechnet/secrity/vulnrbl.asp. December 2000.
4. Longstaff, T.A, Ellis, J.T., Heman, S.V., Lipson, H.F., McMillan, R.D., Pesante, L.H. and Simmel, D. 1997. “Security of the Internet”, The FroehlichlKent Encyclopedia of Telecommunications, vol. IS. Marcel Dekker, New York: Pp.231-255.
5. Arbaugh, W.A., Fithen, W.L., and McHugh, J. 2000. “Windows of Vulnerability: A Case Study Analysis”, IEEE Computer, vol. 33, no. 12, pp52-59.
6. Noack, D. 2000. “The Back Door Into Cyber-Terrorism”, APBnews.com, 2 June 2000.
7. Furnell, S.M., Chiliarchaki, P. and Dowland, P.S. 2001. “Security analysers: Administrator Assistants or Hacker Helpers?”, Information Management and Computer Security, vol. 9, no.2: 93-101.
8. CERT/CC. 2001. “The CERT Coordination Center FAQ”, CERT Coordination Center, http://www.cert.org/faq/certjaq.html, May 2001.
9. CVE. 2000. “Introduction to CVE, The Key to Information Sharing”, MITRE Corporation. http://cve.mitre.org/docsldocs2000/key_to_info_shar.pdf
10. CVE. 2001. “CVE (version 20010507)”. Mitre Corporation. http://cve.mitre.org/cve/downloads/full-cve.html
11. Hafner, K and Markoff, J. 1991. Cyberpunk: Outlaws and Hackers on the Computer Frontier. Fourth Estate Limited.
12. CERT/CC. 2001. “CERT/CC Statistics 1988-2001”, CERT Coordination Center, http://www.cert.org/stats/cert_stats.html, Jun 2001.
13. Security Focus. 2001. “BUGTRAQ Vulnerability Database Statistics”, http://www.securityfocus.comlvdb/stats.html. Jun 2001.
14. CSI. 2001. ‘2001 CSIIFBI Computer Crime and Security Survey’, Computer Security Issues & Trends, vol. 7, no. 1. Computer Security Institute. Spring 2001.
15. CNET. 2001. “Patchwork Security-Software “fixes” routinely available but often ignored”, CNET News.com report. 24 January 2001. http://news.cnet.comlnews/O-1007-201-4578373-0.html
16. eEye-Digital Security. 2001. “Retina: The Network Security Scanner”, http://www.eeye.comlhtml/assetslpdf/retinawhitepaper.pdf
17. Forristal, J. and Shipley, G. 2001. “Vulnerability Assessment Scanners: Detection Result”, Network Computing, http://www.networkcomputing.comlI2011120IflbI.html