A Taxonomy of Computer Attacks with Applications to Wireless Networks

Simple item page
dc.contributor.authorLough, Daniel Lowryen
dc.contributor.committeechairDavis, Nathaniel J. IVen
dc.contributor.committeememberMarchany, Randolph C.en
dc.contributor.committeememberJones, Mark T.en
dc.contributor.committeememberMidkiff, Scott F.en
dc.contributor.committeememberNunnally, Charles E.en
dc.contributor.committeememberBrown, Ezra A.en
dc.contributor.departmentElectrical and Computer Engineeringen
dc.date.accessioned2014-03-14T20:10:43Zen
dc.date.adate2001-04-30en
dc.date.available2014-03-14T20:10:43Zen
dc.date.issued2001-03-26en
dc.date.rdate2002-04-30en
dc.date.sdate2001-04-25en
dc.description.abstractThe majority of attacks made upon modern computers have been successful due to the exploitation of the same errors and weaknesses that have plagued computer systems for the last thirty years. Because the industry has not learned from these mistakes, new protocols and systems are not designed with the aspect of security in mind; and security that is present is typically added as an afterthought. What makes these systems so vulnerable is that the security design process is based upon assumptions that have been made in the past; assumptions which now have become obsolete or irrelevant. In addition, fundamental errors in the design and implementation of systems repeatedly occur, which lead to failures. This research presents a comprehensive analysis of the types of attacks that are being leveled upon computer systems and the construction of a general taxonomy and methodologies that will facilitate design of secure protocols. To develop a comprehensive taxonomy, existing lists, charts, and taxonomies of host and network attacks published over the last thirty years are examined and combined, revealing common denominators among them. These common denominators, as well as new information, are assimilated to produce a broadly applicable, simpler, and more complete taxonomy. It is shown that all computer attacks can be broken into a taxonomy consisting of improper conditions: <b>V</b>alidation <b>E</b>xposure <b>R</b>andomness <b>D</b>eallocation <b>I</b>mproper <b>C</b>onditions <b>T</b>axonomy; hence described by the acronym <b>VERDICT</b>. The developed methodologies are applicable to both wired and wireless systems, and they are applied to some existing Internet attacks to show how they can be classified under VERDICT. The methodologies are applied to the IEEE 802.11 wireless local area network protocol and numerous vulnerabilities are found. Finally, an extensive annotated bibliography is included.en
dc.description.degreePh. D.en
dc.identifier.otheretd-04252001-234145en
dc.identifier.sourceurlhttp://scholar.lib.vt.edu/theses/available/etd-04252001-234145/en
dc.identifier.urihttp://hdl.handle.net/10919/27242en
dc.publisherVirginia Techen
dc.relation.haspartlough.dissertation.pdfen
dc.rightsIn Copyrighten
dc.rights.urihttp://rightsstatements.org/vocab/InC/1.0/en
dc.subjectcomputer attack taxonomyen
dc.subjectcomputer securityen
dc.subjectintegrity flawsen
dc.subjectwireless securityen
dc.subjectVERDICTen
dc.subjectIEEE 802.11en
dc.titleA Taxonomy of Computer Attacks with Applications to Wireless Networksen
dc.typeDissertationen
thesis.degree.disciplineElectrical and Computer Engineeringen
thesis.degree.grantorVirginia Polytechnic Institute and State Universityen
thesis.degree.leveldoctoralen
thesis.degree.namePh. D.en

Files

Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
lough.dissertation.pdf
Size:
1.93 MB
Format:
Adobe Portable Document Format
Download

Collections

Doctoral Dissertations