Title :
Information Security Threats Classification Pyramid
Author :
Alhabeeb, Mohammed ; Almuhaideb, Abdullah ; Le, Phu Dung ; Srinivasan, Bala
Author_Institution :
Sch. of Inf. Technol., Monash Univ., Melbourne, VIC, Australia
Abstract :
Threat classification is extremely important for organizations, as it is an important step towards implementation of information security. Most of the existing threat classifications listed threats in static ways without linking threats to information system areas. The aim of this paper is to design a methodology that can classify deliberate threats in a dynamic way to represent each threat in different areas of the information system. This technique is based on the following factors: the attacker´s prior knowledge (i. e. the knowledge hold by the source of the threat) about the system, loss of security information and the criticality of the area that might be affected by that threat.
Keywords :
security of data; information security threats classification pyramid; information system; Computer crime; Computer hacking; Computer security; Data security; Information security; Information systems; Management information systems; Network servers; Power system security; Protection; deliberate threat; threat classification;
Conference_Titel :
Advanced Information Networking and Applications Workshops (WAINA), 2010 IEEE 24th International Conference on
Conference_Location :
Perth, WA
Print_ISBN :
978-1-4244-6701-3
DOI :
10.1109/WAINA.2010.39
