IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations
navleft navright Research IRM Open Access IRMA Journals IRM Books Proceedings Membership

The IRMA Community

Calls for Papers
Online Symposium
Newsletters

Research IRM

Click a keyword to search titles using our InfoSci-OnDemand powered search:

Taxonomy for Computer Security Incidents

Taxonomy for Computer Security Incidents
View Sample PDF
Author(s): Stefan Kiltz (Otto-von-Guericke University Magdeburg, Germany), Andreas Lang (Otto-von-Guericke University Magdeburg, Germany)and Jana Dittmann (Otto-von-Guericke University Magdeburg, Germany)
 Copyright: 2007
 Pages: -2
 Source title: Cyber Warfare and Cyber Terrorism
Source Author(s)/Editor(s): Lech Janczewski (University of Auckland, New Zealand)and Andrew Colarik (AndrewColarik.com, USA)
 DOI: 10.4018/978-1-59140-991-5.ch048

Purchase

View Taxonomy for Computer Security Incidents on the publisher's website for pricing and purchasing information.

Abstract

The adaptation and extension is necessary to apply the CERT-taxonomy to malware in order to categorise the threat (e.g., Trojan horses, Viruses etc.) as a basis for countermeasures. For the adaptation of the taxonomy to include malware a new entry in the tools section is needed (malicious software). This entry will cover the Trojan horses mentioned earlier. The proposed extension of the CERT-taxonomy will include the attacker-model, the vulnerability and the objectives. Within the attacker-model a new entry should be added, the security scan. This type of penetration testing by security-experts is similar to the works done by ‘white hat’- hackers. However, such penetration testing is done by contractors on request, within strict margins concerning ethics and the assessment of potential damages before such testing takes place. The objectives within the CERT-taxonomy need a supplement, the security evaluation. This of course is the addition necessary to complement the introduction of the security scan. A very important vulnerability, social engineering, should be added to the taxonomy as well. It describes a very effective way to attack an IT-System. Two types can be distinguished, social engineering with the use of computers (e.g. e-mail content, phishing) and social engineering using human-based methods (e.g. dumpster diving, impostors).

Related Content

Eugene de Silva. © 2026. 20 pages.
I Made Wisnu Wardhana. © 2026. 28 pages.
Sinduja Umandi W. Jayaratne. © 2026. 16 pages.
Kavindu Peiris, Sinduja Umandi W. Jayaratne. © 2026. 18 pages.
Galit Margalit Ben-Israel. © 2026. 30 pages.
Tehmina Aslam. © 2026. 20 pages.
Bhagya Senaratne, Asif Fuard. © 2026. 30 pages.
IRMA Offers Over 2,500 Full Text Open Access Research Papers for Free Download Click to Start Searching Free IRM Research!

IRMA Sponsors

Sponsor IGI Global

Sponsor eContentPro

Encyclopedia of Information Science and Technology, Fourth Edition
Body Bottom
About Us | Contact | Sitemap | Legal | Policies
Copyright ©2026, Information Resources Management Association. 701 East Chocolate Avenue, Hershey, PA 17033.