Академический Документы
Профессиональный Документы
Культура Документы
CoC - page 1
Overview
Introduction
Definitions
Examples
Observations
Summary
sniffers distributed
attack tools
Intruder sweepers www attacks
Knowledge
automated probes/scans
GUI
back doors
disabling audits network mgmt. diagnostics
hijacking
burglaries sessions
Attack exploiting known vulnerabilities
Sophistication
password cracking
self-replicating code
password guessing
Intruders
Low
1980 1985 1990 1995 2000
Advanced
Intruders
Discover New
Vulnerability
More…
Incidents Active
600
500
over between months) 400
300
200
Varying diversity of ports used 100
0
in incidents
Ports in Incidents
80
involved in incidents 60
40
90
80
com
70 g ov
ed u
60 in tl
u ser
50 is p
o rg
40 fin
k12
30
m is c
o th e r
20
10
0
/ 0
0
/ 00 / 0
0
/ 00 / 0
0
/ 00 / 0
0
/ 0
0
/ 00 / 00 / 00 / 00 / 0
0
/ 00 /0
1
/0
1
/0
1
/0
1
24 /8 22 /5 19 /2 16 30 / 14 / 28 / 11 / 25 /9 / 23 1/
6
/2
0
2/
3
/1
7
6/ 7 7/ 8 8/ 9 9/ 9/ 10 10 11 11 12 12 1 2
7 /8 /0 0
7 /2 2 /0 0
8/5/0 0
8 /19 /0 0
9 /2 /00
9 /3 0/00
1 0/1 4/00
1 0 /2 8/00
11 /1 1 /0 0
11 /2 5 /0 0
12 /9 /0 0
Weekly Incidents by OS
1 2/23 /0 0
1 /6 /0 1
1 /2 0/01
2 /3 /0 1
2 /17 /0 1
IR
LX
NT
UN
SO
MO
m is c
O th e r
CoC - page 15
u n kn own
0
10
20
30
40
50
60
70
80
90
100
6 /2 4 /0 0
7 /8 /0 0
7 /2 2 /0 0
8 /5 /0 0
8 /1 9 /0 0
9 /2 /0 0
9 /3 0 /0 0
1 0 /1 4 /0 0
1 0 /2 8 /0 0
1 1 /1 1 /0 0
1 1 /2 5 /0 0
1 2 /9 /0 0
1 2 /2 3 /0 0
1 /6 /0 1
Weekly Incidents by Impact
1 /2 0 /0 1
2 /3 /0 1
2 /1 7 /0 1
CoC - page 16
D is t o r t
D is r u p t
D e s tr u c t
U n kn ow n
D e c e p t io n
d is c lo s u r e
Socio-Political Activity
100
Inauguration
Holidays
90
Conventions
80 Debates Election Best Fit
Controversy
70
Campaign
60
50
40
30
20
10