Announcements

Center for Information Protection
UC Davis is planning to join the NSF I/UCRC Center for Information Protection. We are looking for companies to join our Industrial Advisory Board.
Find out more here!

Conferences and Workshops

ISGIG 2009
ACSAC 25
PETRA 2010 (due 11/15)
Oakland 2010 (due 11/18)

My Links

Other Links

This Quarter’s Classes

Office Hours for This Quarter

Contacting Me

A Taxonomy of UNIX System and Network Vulnerabilities

Citation

M. Bishop, “A Taxonomy of UNIX System and Network Vulnerabilities”, Technical Report CSE-95-8, Dept. of Computer Science, University of California at Davis, Davis, CA 95616-8562 (May 1995).

Paper

About This Report

From the introduction:

In this paper, we shall build on prior work to present another taxonomy, and argue that this classification scheme highlights characteristics of the vulnerabilities it classifies in a more useful way than other work. We shall then examine vulnerabilities in the UNIX operating system, its system and ancillary software, and classify the security-related problems along several axes, after which we shall examine the earlier work to see if this taxonomy holds for other systems. The unique contribution of this work is an analysis of how to use the Protection Analysis work to improve security of existing systems, and how to write programs with minimal exploitable security flaws. This contrasts the work to others, which argue that a preventative approach using formal methods to design secure systems is appropriate. We emphatically agree; however, as nonsecure systems continue to be used, our work is presented with the hope it will guide maintainers and software implementers to improve the security of these flawed systems and software.

Background

This was part of a project to analyze vulnerabilities.

Last updated on Monday, July 20, 2009 at 10:33:11AM PDT