Cyberattacks: Why, what, who, and how

IT Professional

Volumn 11, Issue 3, 2009, Pages 14-21

  Liu, Simon ^a,c   Cheng, Bruce ^a,b  

^a NATIONAL INSTITUTES OF HEALTH   (United States)

^b Computer Sciences Corporation ^*  (United States)

^c JOHNS HOPKINS UNIVERSITY SCHOOL OF MEDICINE   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ATTACK PATTERNS; BUSINESS OPERATION; CYBER SECURITY; CYBER-ATTACKS;

EID: 67649651686     PISSN: 15209202     EISSN: None     Source Type: Journal    
DOI: 10.1109/MITP.2009.46     Document Type: Article

References (15)

1. C. E. Lindner, Information Security Primer, SANS Inst., 2001; www.sans.org/reading-room/whitepapers/basics/443.php.
2. I. M. Boyd, The Fundamentals of Computer Hacking, SANS Inst., 2000; www.sans.org/reading-room/whitepapers/hackers/956.php.
3. M. Poulin, Hacking: The Basics, SANS Inst., 2006; www.sans.org/reading-room/whitepapers/hackers/955.php.
4. H. Ju, K. Honkaniemi, and T. Svangård, "Wired Equivalent Privacy: A Memorandum in Secure Computer Systems, " Uppsala Univ., 2009; http://74.125.93.104/search?q=cache:TcdYggXQZHUJ:www.it.uu.se/edu/course/ homepage/sakdat/vt09/pm/programme/wep. pdf+Wired+Equivalent+Privacy+CRC32& cd=4&hl=en&ct=clnk&gl=us&client=firefox-a.
5. National Information Assurance Glossary, CNSSI-4009, Committee on Nat'l Security Systems, June 2006; www.cnss.gov/Assets/pdf/cnssi-4009.pdf.
6. M. Allen, Social Engineering: A Meansto Violate a Comput - er System, SANS Inst., 2007; www.sans.org/reading-room/whitepapers/engineering/ 529.php.
7. R. Kissel, Glossary of Key Information Security Terms, N I S T IR 7298, US Nat'l Inst. Standards and Tech., 2006; http://csrc.nist.gov/ publications/nistir/NISTIR-298-Glossary-Key-Infor-Security-Terms.pdf.
8. Technology Assessment: Cybersecurity for Critical Infrastructure Protection, GAO-04-0321, US Gov't Accountability Office, 2004; www.gao.gov/new.items/d04321. pdf.
9. M. Rogers, Preliminary Findings: Understanding Criminal Computer Behavior: A Personality Trait and Moral Choice Analysis, Purdue Univ., 2003; http://homes.cerias. purdue.edu/~mkr/.
10. M. Rogers, A New Hacker Taxonomy, Purdue Univ., 2000; http://homes.cerias.purdue.edu/~mkr/.
11. Technology Assessment: Cybersecurity for Critical Infrastructure Protection, tech. report GAO-04-0321, US Government Accountability Office, 2004; www.gao. gov/new.items/d04321.pdf.
12. T. Wilson, "Eight Faces of a Hacker, " Information Week, 29 Mar. 2007; www.darkreading.com/document.asp?doc-id=120800&page-number=1, 29.
13. M. Shepherd, "Windows Security Patch Management Case Study: Using Software Update Services to Deploy Critical Windows Updates, " SANS Inst., 2005; www.sans.org/reading-room/whitepapers/windows/windows-security- patch-management-case-study-using-software-update-services-to-deploy-critical- windows-updates-1588.
14. D. Scott and R. Sharp, "Specifying and Enforcing Application-Level Web Security Policies, " IEEE Trans. Knowledge and Data Eng., vol. 15, no. 4, 2003, pp. 771-783.
15. J. Wheatman and P. E. Proctor, "Highlights from Black Hat 2008: Virtualization and Web Applications Remain High-Profile Security Issues, " Gartner Group, 2008; www.gartner.com/DisplayDocument?doc-cd=160889&ref=g- rss.