cs 22(21): e5

Research Article

A Taxonomy for Large-Scale Cyber Security Attacks

Download75 downloads
  • @ARTICLE{10.4108/eai.2-3-2022.173548,
        author={Fadi Mohsen and Cornelis Zwart and Dimka Karastoyanova and Georgi Gaydadjiev},
        title={A Taxonomy for Large-Scale Cyber Security Attacks},
        journal={EAI Endorsed Transactions on Cloud Systems},
        volume={7},
        number={21},
        publisher={EAI},
        journal_a={CS},
        year={2022},
        month={3},
        keywords={Taxonomy, Cyber, Security, Attacks, Large-Scale, Defense, Portal},
        doi={10.4108/eai.2-3-2022.173548}
    }
    
  • Fadi Mohsen
    Cornelis Zwart
    Dimka Karastoyanova
    Georgi Gaydadjiev
    Year: 2022
    A Taxonomy for Large-Scale Cyber Security Attacks
    CS
    EAI
    DOI: 10.4108/eai.2-3-2022.173548
Fadi Mohsen1,*, Cornelis Zwart1, Dimka Karastoyanova1, Georgi Gaydadjiev1
  • 1: Bernoulli Institute for Mathematics, Computer Science and Artificial Intelligence, University of Groningen, The Netherlands
*Contact email: f.f.m.mohsen@rug.nl

Abstract

In an effort to examine the spread of large-scale cyber attacks, researchers have created various taxonomies. These taxonomies are purposefully built to facilitate the understanding and the comparison of these attacks, and hence counter their spread. Yet, existing taxonomies focus mainly on the technical aspects of the attacks, with little or no information about how to defend against them. As such, the aim of this work is to extend existing taxonomies by incorporating new features pertaining the defense strategy, scale, and others. We will compare the proposed taxonomy with existing state of the art taxonomies. We also present the analysis of 174 large cyber security attacks based on our taxonomy. Finally, we present a web tool that we developed to allow researchers to explore exiting data sets of attacks and contribute new ones. We are convinced that our work will allow researchers gain deeper insights into emerging attacks by facilitating their categorization, sharing and analysis, which results in boosting the defense efforts against cyber attack.