A Taxonomy for Network Vulnerabilities
The number of reported vulnerabilities is dramatically rising every year. In addition, the combination of different kinds of network devices, services and applications in a complex manner lead to increase the complexity of vulnerabilities. Increasing the number of vulnerabilities and their complicat...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
Iran Telecom Research Center
2010-03-01
|
Series: | International Journal of Information and Communication Technology Research |
Subjects: | |
Online Access: | http://ijict.itrc.ac.ir/article-1-269-en.html |
_version_ | 1811169288904507392 |
---|---|
author | Sara Hajian Faramarz Hendessi Mehdi Berenjkoub |
author_facet | Sara Hajian Faramarz Hendessi Mehdi Berenjkoub |
author_sort | Sara Hajian |
collection | DOAJ |
description | The number of reported vulnerabilities is dramatically rising every year. In addition, the combination of different kinds of network devices, services and applications in a complex manner lead to increase the complexity of vulnerabilities. Increasing the number of vulnerabilities and their complications show the importance of vulnerability taxonomies which could provide a common language for defining vulnerabilities and help analyze and assess them. Both the advantages of using vulnerability taxonomies and the features of the taxonomies that have ever been suggested encouraged us to offer the new network vulnerability taxonomy. Our proposed taxonomy is a multidimensional and hierarchical taxonomy which classifies network vulnerabilities based on their location, cause and impact. These are three dimensions of our taxonomy. We use ITU-T X-805 security architecture to provide a comprehensive layered classification for the location dimension and also use common weakness enumeration (CWE) project to provide a complete layered classification for the cause dimension of the proposed taxonomy. Finally, we evaluate our taxonomy based on taxonomy requirements. In addition, to demonstrate the usefulness of our taxonomy, a case study applies the taxonomy to a number of network vulnerabilities. We also use this taxonomy to analyze network vulnerabilities. The result of our analysis is a matrix that demonstrates the distribution of network vulnerabilities based on their causes, locations and impacts. In addition to offering a taxonomy that is specific to network vulnerabilities and is beneficial for analyzing network vulnerabilities by covering almost all possible combinations of causes, locations, and impacts, we also introduce and consider network activities in the classification of location dimension for the first time. |
first_indexed | 2024-04-10T16:40:59Z |
format | Article |
id | doaj.art-4eddaa280b9c4233b90479838b48e4fe |
institution | Directory Open Access Journal |
issn | 2251-6107 2783-4425 |
language | English |
last_indexed | 2024-04-10T16:40:59Z |
publishDate | 2010-03-01 |
publisher | Iran Telecom Research Center |
record_format | Article |
series | International Journal of Information and Communication Technology Research |
spelling | doaj.art-4eddaa280b9c4233b90479838b48e4fe2023-02-08T07:29:31ZengIran Telecom Research CenterInternational Journal of Information and Communication Technology Research2251-61072783-44252010-03-01212944A Taxonomy for Network VulnerabilitiesSara Hajian0Faramarz Hendessi1Mehdi Berenjkoub2 AP A-IUTcert Department of Electrical and Computer Engineering Isfahan University of Technology Department of Electrical and Computer Engineering Isfahan University of Technology Department of Electrical and Computer Engineering Isfahan University of Technology The number of reported vulnerabilities is dramatically rising every year. In addition, the combination of different kinds of network devices, services and applications in a complex manner lead to increase the complexity of vulnerabilities. Increasing the number of vulnerabilities and their complications show the importance of vulnerability taxonomies which could provide a common language for defining vulnerabilities and help analyze and assess them. Both the advantages of using vulnerability taxonomies and the features of the taxonomies that have ever been suggested encouraged us to offer the new network vulnerability taxonomy. Our proposed taxonomy is a multidimensional and hierarchical taxonomy which classifies network vulnerabilities based on their location, cause and impact. These are three dimensions of our taxonomy. We use ITU-T X-805 security architecture to provide a comprehensive layered classification for the location dimension and also use common weakness enumeration (CWE) project to provide a complete layered classification for the cause dimension of the proposed taxonomy. Finally, we evaluate our taxonomy based on taxonomy requirements. In addition, to demonstrate the usefulness of our taxonomy, a case study applies the taxonomy to a number of network vulnerabilities. We also use this taxonomy to analyze network vulnerabilities. The result of our analysis is a matrix that demonstrates the distribution of network vulnerabilities based on their causes, locations and impacts. In addition to offering a taxonomy that is specific to network vulnerabilities and is beneficial for analyzing network vulnerabilities by covering almost all possible combinations of causes, locations, and impacts, we also introduce and consider network activities in the classification of location dimension for the first time.http://ijict.itrc.ac.ir/article-1-269-en.htmlnetwork vulnerabilitiesitu-t x-805 security architecturecommon weakness enumeration(cwe)network vulnerability analysis |
spellingShingle | Sara Hajian Faramarz Hendessi Mehdi Berenjkoub A Taxonomy for Network Vulnerabilities International Journal of Information and Communication Technology Research network vulnerabilities itu-t x-805 security architecture common weakness enumeration (cwe) network vulnerability analysis |
title | A Taxonomy for Network Vulnerabilities |
title_full | A Taxonomy for Network Vulnerabilities |
title_fullStr | A Taxonomy for Network Vulnerabilities |
title_full_unstemmed | A Taxonomy for Network Vulnerabilities |
title_short | A Taxonomy for Network Vulnerabilities |
title_sort | taxonomy for network vulnerabilities |
topic | network vulnerabilities itu-t x-805 security architecture common weakness enumeration (cwe) network vulnerability analysis |
url | http://ijict.itrc.ac.ir/article-1-269-en.html |
work_keys_str_mv | AT sarahajian ataxonomyfornetworkvulnerabilities AT faramarzhendessi ataxonomyfornetworkvulnerabilities AT mehdiberenjkoub ataxonomyfornetworkvulnerabilities AT sarahajian taxonomyfornetworkvulnerabilities AT faramarzhendessi taxonomyfornetworkvulnerabilities AT mehdiberenjkoub taxonomyfornetworkvulnerabilities |