dc.contributor.author |
Van Heerden, Renier P
|
|
dc.contributor.author |
Malan, MM
|
|
dc.contributor.author |
Mouton, F
|
|
dc.contributor.author |
Irwin, B
|
|
dc.date.accessioned |
2015-02-09T07:49:07Z |
|
dc.date.available |
2015-02-09T07:49:07Z |
|
dc.date.issued |
2014-07 |
|
dc.identifier.citation |
van Heerden,R, Malan, MM, Mouton, F, and Irwin, B. 2014. Human perception of the measurement of a network attack taxonomy in near real-time. In: Proceedings of the ICT and Society: 11th IFIP TC 9 International Conference on Human Choice and Computers, HCC11 2014, Turku, Finland, 30 July –1 August 2014 |
en_US |
dc.identifier.isbn |
978-3-662-44207-4 |
|
dc.identifier.issn |
1868-4238 |
|
dc.identifier.uri |
http://link.springer.com/chapter/10.1007%2F978-3-662-44208-1_23
|
|
dc.identifier.uri |
http://hdl.handle.net/10204/7878
|
|
dc.description |
Proceedings of the 11th IFIP TC 9 International Conference on Human Choice and Computers, HCC11 2014, Turku, Finland, 30 July –1 August 2014 |
en_US |
dc.description.abstract |
This paper investigates how the measurement of a network attack
taxonomy can be related to human perception. Network attacks do not have a
time limitation, but the earlier its detected, the more damage can be prevented
and the more preventative actions can be taken. This paper evaluate how elements
of network attacks can be measured in near real-time(60 seconds). The
taxonomy we use was developed by van Heerden et al (2012) with over 100
classes. These classes present the attack and defenders point of view. The degree
to which each class can be quantified or measured is determined by investigating
the accuracy of various assessment methods. We classify each class as
either defined, high, low or not quantifiable. For example, it may not be possible
to determine the instigator of an attack (Aggressor), but only that the attack
has been launched by a Hacker (Actor). Some classes can only be quantified
with a low confidence or not at all in a sort (near real-time) time. The IP address
of an attack can easily be faked thus reducing the confidence in the information
obtained from it, and thus determining the origin of an attack with a low confidence.
This determination itself is subjective. All the evaluations of the classes
in this paper is subjective, but due to the very basic grouping (High, Low or Not
Quantifiable) a subjective value can be used. The complexity of the taxonomy
can be significantly reduced if classes with only a high perceptive accuracy is
used. |
en_US |
dc.language.iso |
en |
en_US |
dc.publisher |
Springer Berlin Heidelberg |
en_US |
dc.relation.ispartofseries |
Workflow;13973 |
|
dc.subject |
Near real-time |
en_US |
dc.subject |
Network attack |
en_US |
dc.subject |
Network attack taxonomy |
en_US |
dc.title |
Human perception of the measurement of a network attack taxonomy in near real-time |
en_US |
dc.type |
Conference Presentation |
en_US |
dc.identifier.apacitation |
Van Heerden, R. P., Malan, M., Mouton, F., & Irwin, B. (2014). Human perception of the measurement of a network attack taxonomy in near real-time. Springer Berlin Heidelberg. http://hdl.handle.net/10204/7878 |
en_ZA |
dc.identifier.chicagocitation |
Van Heerden, Renier P, MM Malan, F Mouton, and B Irwin. "Human perception of the measurement of a network attack taxonomy in near real-time." (2014): http://hdl.handle.net/10204/7878 |
en_ZA |
dc.identifier.vancouvercitation |
Van Heerden RP, Malan M, Mouton F, Irwin B, Human perception of the measurement of a network attack taxonomy in near real-time; Springer Berlin Heidelberg; 2014. http://hdl.handle.net/10204/7878 . |
en_ZA |
dc.identifier.ris |
TY - Conference Presentation
AU - Van Heerden, Renier P
AU - Malan, MM
AU - Mouton, F
AU - Irwin, B
AB - This paper investigates how the measurement of a network attack
taxonomy can be related to human perception. Network attacks do not have a
time limitation, but the earlier its detected, the more damage can be prevented
and the more preventative actions can be taken. This paper evaluate how elements
of network attacks can be measured in near real-time(60 seconds). The
taxonomy we use was developed by van Heerden et al (2012) with over 100
classes. These classes present the attack and defenders point of view. The degree
to which each class can be quantified or measured is determined by investigating
the accuracy of various assessment methods. We classify each class as
either defined, high, low or not quantifiable. For example, it may not be possible
to determine the instigator of an attack (Aggressor), but only that the attack
has been launched by a Hacker (Actor). Some classes can only be quantified
with a low confidence or not at all in a sort (near real-time) time. The IP address
of an attack can easily be faked thus reducing the confidence in the information
obtained from it, and thus determining the origin of an attack with a low confidence.
This determination itself is subjective. All the evaluations of the classes
in this paper is subjective, but due to the very basic grouping (High, Low or Not
Quantifiable) a subjective value can be used. The complexity of the taxonomy
can be significantly reduced if classes with only a high perceptive accuracy is
used.
DA - 2014-07
DB - ResearchSpace
DP - CSIR
KW - Near real-time
KW - Network attack
KW - Network attack taxonomy
LK - https://researchspace.csir.co.za
PY - 2014
SM - 978-3-662-44207-4
SM - 1868-4238
T1 - Human perception of the measurement of a network attack taxonomy in near real-time
TI - Human perception of the measurement of a network attack taxonomy in near real-time
UR - http://hdl.handle.net/10204/7878
ER -
|
en_ZA |