Abstract | ||
---|---|---|
The aim of this paper is to present a taxonomy for security threats on the Web ecosystem. We proposes a classification model based on 21 vectors divided into 8 distinct security threats, making use of levels of abstraction and criteria for discrimination which consider propagation and similarity in vulnerabilities. We also propose to estimate the risk factor and impacts on assets, considering data breaches, human aspects and service reliability. In addition, we validate the taxonomic model proposed through the catalogues of attacks facing the public. Thus, it was possible to observe its applicability for most of the attacks which appear before the public. |
Year | Venue | Keywords |
---|---|---|
2016 | IEEE IFIP Network Operations and Management Symposium | Web Application Vulnerabilities,Web Browser Vulnerabilities,Social Engineering,Taxonomy for Security Threats |
Field | DocType | ISSN |
World Wide Web,Security through obscurity,Computer security,Computer science,Asset (computer security),Information security,Security service,Security analysis,Cloud computing security,Web application security,Data breach | Conference | 1542-1201 |
Citations | PageRank | References |
1 | 0.36 | 5 |
Authors | ||
10 |
Name | Order | Citations | PageRank |
---|---|---|---|
Carlo Marcelo Revoredo da Silva | 1 | 12 | 3.35 |
Ricardo Batista Rodrigues | 2 | 9 | 2.94 |
Ruy Queiroz | 3 | 1 | 0.70 |
Vinicius Cardoso Garcia | 4 | 298 | 34.17 |
Jose Silva | 5 | 1 | 0.36 |
Daniel Gatti | 6 | 1 | 0.36 |
Rodrigo Elia Assad | 7 | 11 | 4.98 |
Leandro M. do Nascimento | 8 | 1 | 0.70 |
Kellyton Brito | 9 | 1 | 1.72 |
Péricles B. C. de Miranda | 10 | 58 | 8.23 |