Mapping the Most Significant Computer Hacking Events to a Temporal Computer Attack Model

  • Renier van Heerden
  • Heloise Pieterse
  • Barry Irwin
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 386)

Abstract

This paper presents eight of the most significant computer hacking events (also known as computer attacks). These events were selected because of their unique impact, methodology, or other properties. A temporal computer attack model is presented that can be used to model computer based attacks. This model consists of the following stages: Target Identification, Reconnaissance, Attack, and Post-Attack Reconnaissance stages. The Attack stage is separated into: Ramp-up, Damage and Residue. This paper demonstrates how our eight significant hacking events are mapped to the temporal computer attack model. The temporal computer attack model becomes a valuable asset in the protection of critical infrastructure by being able to detect similar attacks earlier.

Keywords

computer attack model ontology network attack prediction 

References

  1. 1.
  2. 2.
    Hall, K.: The 7 worstcyberattacks in history (that we know about) (2012), http://dvice.com/archives/2010/09/7-of-the-most-d.php
  3. 3.
    Julian: 10 Most Costly Cyber Attacks in History (2011), http://www.businesspundit.com/10-most-costly-cyber-attacks-in-history/
  4. 4.
    van Heerden, R.P., Irwin, B., Burke, I.D.: Classifying Network Attack Scenarios using an Ontology. In: Proceedings of the 7th International Conference on Information Warfare and Security, pp. 331–324 (2012)Google Scholar
  5. 5.
    Desai, P.: Towards an undetectable computer virus. Master’s thesis, San Jose State University (2008), http://www.cs.sjsu.edu/faculty/stamp/students/Desai_Priti.pdf
  6. 6.
    Subramanya, S.R., Lakshminarasimhan, N.: Computer viruses. IEEE Potential 20(4), 16–19 (2001)CrossRefGoogle Scholar
  7. 7.
    Blümler, P.: I-LOVE-YOU: Viruses. Trojan Horses and Worms, http://www.econmr.org/datapool/page/30/virus.pdf
  8. 8.
    Orman, H.: The Morris worm: a fifteen-year perspective. IEEE Security & Privacy 1(5), 35–43 (2003)CrossRefGoogle Scholar
  9. 9.
    Chen, T.M., Robert, J.M.: Worm epidemics in high-speed networks. Computer 37(6), 48–53 (2004)CrossRefGoogle Scholar
  10. 10.
    Cass, S.: Anatomy of malice (computer viruses). IEEE Spectrum 38(11), 56–60 (2004)CrossRefGoogle Scholar
  11. 11.
    Bosworth, S., Kabay, M.E.: Computer security handbook. John Wiley & Sons Inc., New York (2002)Google Scholar
  12. 12.
    Bishop, M.: Analysis of the I LOVE YOU Worm (2000), http://nob.cs.ucdavis.edu/classes/ecs155-2005-04/handouts/iloveyou.pdf
  13. 13.
    Moore, D., Shannon, C.: Code-Red: a case study on the spread and victims of an Internet worm. In: Proceedings of the 2nd ACMSIGCOMM Workshop on Internet Measurement, pp. 273–284. ACM (2002)Google Scholar
  14. 14.
    Zou, C.C., Gong, W., Towsley, D.: Code red worm propagation modeling and analysis. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 138–147. ACM (2002)Google Scholar
  15. 15.
    Sarwar, U., Ramadass, S., Budiarto, R.: Dawn Of The Mobile Malware: Reviewing Mobile Worms. In: Proceedings of the 4th International Conference on Sciences of Electronic, Technologies of Information and Telecommunications (SETIT 2007), pp. 35–39 (2007)Google Scholar
  16. 16.
    Czosseck, C., Ottis, R., Taliharm, A.M.: Estonia after the 2007 Cyber Attacks: Legal, Strategic and Organisational Changes in Cyber Security. International Journal of Cyber Warfare and Terrorism (IJCWT) 1(1), 24–34 (2011)CrossRefGoogle Scholar
  17. 17.
    Davis, J.: Hackers Take Down the Most Wired Country in Europe. Wired Magazine 9(15) (2007)Google Scholar
  18. 18.
    Sharma, V.: An Analytical Survey of Recent Worm Attacks. IJCSNS 11(11), 99–103 (2011)Google Scholar
  19. 19.
    Falliere, N., Murchu, L.O., Chien, E.: W32.stuxnet dossier: version 1.4, White paper, Symantec Corp. Security Response (2011), http://www.wired.com/images_blogs/threatlevel/2011/02/Symantec-Stuxnet-Update-Feb-2011.pdf
  20. 20.
    Bradley, F.: Critical infrastructure protection. Electric Energy T and D 7(2), 4–6 (2003)Google Scholar
  21. 21.
    Tsang, S.: Cyberthreats, Vulnerabilities and Attacks on SCADA Networks (2009), http://gspp.berkeley.edu/iths/TsangSCADA20Attacks.pdf

Copyright information

© IFIP International Federation for Information Processing 2012

Authors and Affiliations

  • Renier van Heerden
    • 1
    • 2
  • Heloise Pieterse
    • 1
  • Barry Irwin
    • 2
  1. 1.Council for Scientific and Industrial ResearchPretoriaSouth Africa
  2. 2.Rhodes UniversityGrahamstownSouth Africa

Personalised recommendations