|
|
|
A Structured Approach to Classifying Security Vuln
|
|
Hits: 0 |
|
Date added: 11/08/2005 |
|
A Structured Approach to Classifying Security Vulnerabilities
Understanding vulnerabilities is critical to understanding the threats they represent. Vulnerabilities classification enables collection of frequency data; trend analysis of vulnerabilities; correlation with incidents, exploits, and artifacts; and evaluation of the effectiveness of countermeasures. Existing classification schemes are based on vulnerability reports and not on an engineering analysis of the problem domain. In this report a classification scheme that uses attribute-value pairs to provide a multidimensional view of vulnerabilities is proposed. Attributes and values are selected based on engineering distinctions that allow vulnerabilities to be exploited by a given technique or determine which countermeasures are effective. Successful classification of vulnerabilities should lead to greater automation in analyzing code vulnerabilities and supporting effective communication between geographically remote vulnerability handling teams and vendors. |
|
|
|
|
|
|
A practical approach for defeating Nmap OS-Finge..
|
|
Hits: 1 |
|
Date added: 07/02/2005 |
|
Some security tools have been developed to fake Nmap in its OS Fingerprinting purpose. This paper describes different solutions to defeat Nmap and behave like another chosen operating system, as well as a demonstration on how can be accomplished. |
|
|
|
|
|
|
A Large-Scale Distributed Intrusion Detection Fram
|
|
Hits: 1 |
|
Date added: 04/11/2006 |
|
A Large-Scale Distributed Intrusion Detection Framework based on Attack Synergy Analysis
Ming-Yuh Huang, Thomas M. Wicks, RAID Symposium, 1998 |
|
|
|
|
|
|
A Hacking Guide
|
|
Hits: 21 |
|
Date added: 03/12/2006 |
|
Breaking into computer networks from the Internet. An older but informative document. |
|
|
|
