research-article

TaxIdMA: Towards a Taxonomy for Attacks related to Identities

Authors:

Wolfgang HommelAuthors Info & Claims

ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security

Article No.: 125, Pages 1 - 13

https://doi.org/10.1145/3538969.3544430

Published: 23 August 2022 Publication History

Abstract

Identity management refers to the technology and policies for the identification, authentication, and authorization of users in computer networks. Identity management is therefore fundamental to today’s IT ecosystem. At the same time, identity management systems, where digital identities are managed, pose an attractive target for attacks. With the heterogeneity of identity management systems, every type (i. e., models, protocols, implementations) has different requirements, typical problems, and hence attack vectors. In order to provide a systematic and categorized overview, the framework Taxonomy for Identity Management Attacks (TaxIdMA) for attacks related to identities is proposed. The purpose of this framework is to classify existing attacks associated with system identities, identity management systems, and end-user identities as well as the background using an extensible structure from a scientific perspective. The taxonomy is then evaluated with eight real-world attacks resp. vulnerabilities. This analysis shows the capability of the proposed taxonomy framework TaxIdMA in describing and categorizing these attacks.

References

[1]

ARcare. 2022. Notice of Data Privacy Incident. https://www.arcare.net/wp-content/themes/altitude-pro/security_notice.html accessed 2022/06/16 06:57:40.

[2]

Eric W. Burger, Michael D. Goodman, Panos Kampanakis, and Kevin A. Zhu. 2014. Taxonomy Model for Cyber Threat Intelligence Information Exchange Technologies. In Proc. of the Workshop on Information Sharing & Collaborative Security (WISCS)(Scottsdale, AZ, USA). ACM, 51–60. https://doi.org/10.1145/2663876.2663883

Digital Library

[3]

Ian M. Chapman, Sylvain P. Leblanc, and Andrew Partington. 2011. Taxonomy of Cyber Attacks and Simulation of Their Effects. In Proc. of the 2011 Military Modeling & Simulation Symposium (MMS) (Boston, MA, USA). Society for Computer Simulation International, San Diego, CA, USA, 73–80.

Digital Library

[4]

Samuel Chng, Han Yu Lu, Ayush Kumar, and David Yau. 2022. Hacker types, motivations and strategies: A comprehensive framework. Computers in Human Behavior Reports 5 (2022), 100167. https://doi.org/10.1016/j.chbr.2022.100167

[5]

Sungyoung Cho, Insung Han, Hyunsook Jeong, Jinsoo Kim, Sungmo Koo, Haengrok Oh, and Moosung Park. 2018. Cyber Kill Chain based Threat Taxonomy and its Application on Cyber Common Operational Picture. In Proc. of the International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA) (Glasgow, UK). IEEE, 1–8. https://doi.org/10.1109/CyberSA.2018.8551383

[6]

Cybersecurity & Infrastructure Security Agency. 2021. Alert (AA20-352A) – Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations. https://www.cisa.gov/uscert/ncas/alerts/aa20-352a accessed 2022/06/16 06:57:40.

[7]

CySource Team. 2022. Remote Code Execution via VirusTotal Platform. https://www.cysrc.com/blog/virus-total-blog/ accessed 2022/06/16 06:57:40.

[8]

Richard Derbyshire, Benjamin Green, Daniel Prince, Andreas Mauthe, and David Hutchison. 2018. An Analysis of Cyber Security Attack Taxonomies. In Proc. of the IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) (London, UK). 153–161. https://doi.org/10.1109/EuroSPW.2018.00028

[9]

Bob Diachenko. 2021. Bob Diachenko on Twitter. https://twitter.com/mayhemdayone/status/1357319575440875520 accessed 2022/06/16 06:57:40.

[10]

Rebecca Fallon. 2015. Celebgate: Two Methodological Approaches to the 2014 Celebrity Photo Hacks. In Internet Science, Thanassis Tiropanis, Athena Vakali, Laura Sartori, and Pete Burnap (Eds.). Springer International Publishing, 49–60.

[11]

Federal Office for Information Security. 2021. IT-Grundschutz-Compendium. Technical Report.

[12]

Lothar Fritsch. 2020. Identity Management as a target in cyberwar. In Open Identity Summit 2020 (online), Heiko Roßnagel, Christian H. Schunck, Sebastian Mödersheim, and Detlef Hühnlein (Eds.). GI, 61–70. https://doi.org/10.18420/ois2020_05

[13]

Umme Habiba, Rahat Masood, Muhammad Awais Shibli, and Muaz A. Niazi. 2014. Cloud identity management security issues & solutions: a taxonomy. Complex Adaptive Systems Modeling 2, 1 (2014), 5. https://doi.org/10.1186/s40294-014-0005-9

[14]

Simon Hansman and Ray Hunt. 2005. A taxonomy of network and computer attacks. Computers & Security 24, 1 (2005), 31–43. https://doi.org/10.1016/j.cose.2004.06.011

Digital Library

[15]

Ryan Heartfield and George Loukas. 2015. A Taxonomy of Attacks and a Survey of Defence Mechanisms for Semantic Social Engineering Attacks. ACM Comput. Surv. 48, 3, Article 37 (2015), 39 pages. https://doi.org/10.1145/2835375

Digital Library

[16]

Anas Husseis, Judith Liu-Jimenez, Ines Goicoechea-Telleria, and Raul Sanchez-Reillo. 2019. A Survey in Presentation Attack and Presentation Attack Detection. In Proc. of the International Carnahan Conference on Security Technology (ICCST) (Chennai, India). IEEE, 1–13. https://doi.org/10.1109/CCST.2019.8888436

[17]

Vinay M. Igure and Ronald D. Williams. 2008. Taxonomies of Attacks and Vulnerabilities in Computer Systems. IEEE Communications Surveys Tutorials 10, 1 (2008), 6–19. https://doi.org/10.1109/COMST.2008.4483667

Digital Library

[18]

David Klaper and Eduard Hovy. 2014. A Taxonomy and a Knowledge Portal for Cybersecurity. In Proc. of the 15th Annual International Conference on Digital Government Research (DG-O)(Aguascalientes, Mexico). ACM, 79–85. https://doi.org/10.1145/2612733.2612759

Digital Library

[19]

Carl E. Landwehr, Alan R. Bull, John P. McDermott, and William S. Choi. 1994. A Taxonomy of Computer Program Security Flaws. ACM Comput. Surv. 26, 3 (1994), 211–254. https://doi.org/10.1145/185403.185412

Digital Library

[20]

Ulf Lindqvist and Erland Jonsson. 1997. How to systematically classify computer security intrusions. In Proc. of the IEEE Symposium on Security and Privacy (S&P) (Oakland, CA, USA). 154–163. https://doi.org/10.1109/SECPRI.1997.601330

[21]

MITRE Corporation. 2022. CAPEC – Common Attack Pattern Enumeration and Classification. https://capec.mitre.org accessed 2022/06/16 06:57:40.

[22]

MITRE Corporation. 2022. CWE – Common Weakness Enumeration. https://cwe.mitre.org accessed 2022/06/16 06:57:40.

[23]

NIST. 2022. CVE-2022-22782 Detail. https://nvd.nist.gov/vuln/detail/CVE-2022-22782 accessed 2022/06/16 06:57:40.

[24]

OWASP. 2022. Projects. https://owasp.org/projects/ accessed 2022/06/16 06:57:40.

[25]

Purple Knights Security. 2022. Purple Knight Report 2022 – Facing the Unknown: Uncovering & Addressing Systemic Active Directory Security Failures. Technical Report.

[26]

Chris Simmons, Charles Ellis, Sajjan Shiva, Dipankar Dasgupta, and Qishi Wu. 2014. AVOIDIT: A Cyber Attack Taxonomy. In Proc. of the 9th Annual Symposium on Information Assurance (ASIA). 2–12.

[27]

Elizabeth Stobert and Robert Biddle. 2018. The Password Life Cycle. ACM Trans. Priv. Secur. 21, 3, Article 13(2018), 32 pages. https://doi.org/10.1145/3183341

Digital Library

[28]

Blake E. Strom, Andy Applebaum, Doug P. Miller, Kathryn C. Nickels, Adam G. Pennington, and Cody B. Thomas. 2018. Mitre Att&ck: Design and Philosophy. (2018).

[29]

vx-underground. 2022. vx-underground on Twitter. https://twitter.com/vxunderground/status/1497484483494354946 accessed 2022/06/16 06:57:40.

[30]

Phillip Williams, Pablo Rojas, and Magdy Bayoumi. 2019. Security Taxonomy in IoT – A Survey. In Proc. of the 62nd International Midwest Symposium on Circuits and Systems (MWSCAS) (Dallas, TX, USA). IEEE, 560–565. https://doi.org/10.1109/MWSCAS.2019.8884913

[31]

Aazim Yaswant. 2021. FlyTrap Android Malware Compromises Thousands of Facebook Accounts. https://blog.zimperium.com/flytrap-android-malware-compromises-thousands-of-facebook-accounts/ accessed 2022/06/16 06:57:40.

Cited By

Mundt MBaier H(2024)Enhancing Incident Management by an Improved Understanding of Data Exfiltration: Definition, Evaluation, ReviewDigital Forensics and Cyber Crime10.1007/978-3-031-56580-9_3(33-57)Online publication date: 3-Apr-2024
https://doi.org/10.1007/978-3-031-56580-9_3
Makowski JPöhn D(2023)Evaluation of Real-World Risk-Based Authentication at Online Services Revisited: Complexity WinsProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3605024(1-9)Online publication date: 29-Aug-2023
https://dl.acm.org/doi/10.1145/3600160.3605024

Index Terms

TaxIdMA: Towards a Taxonomy for Attacks related to Identities
1. Security and privacy
  1. Security services

Recommendations

A new and comprehensive taxonomy of DDoS attacks and defense mechanism
ISP'07: Proceedings of the 6th WSEAS international conference on Information security and privacy

Distributed denial of services (DDoS) is the most important security problem for IT managers. These attacks are very simple organized for intruders and hence so disruptive. Moreover, its serious damage has been increased, the detection and defense of ...
A taxonomy of network and computer attacks

Attacks over the years have become both increasingly numerous and sophisticated. This paper focuses on the provisioning of a method for the analysis and categorisation of both computer and network attacks, thus providing assistance in combating new ...
A comprehensive taxonomy of DDOS attacks and defense mechanism applying in a smart classification

A Distributed denial of service (DDoS) attack uses multiple machines operating in concern to attack a network or site. It is the most important security problem for IT managers. These attacks are very simple organized for intruders and hence so ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security

August 2022

1371 pages

ISBN:9781450396707

DOI:10.1145/3538969

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 23 August 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

Bavarian Ministry for Digital Affairs

Conference

ARES 2022

ARES 2022: The 17th International Conference on Availability, Reliability and Security

August 23 - 26, 2022

Vienna, Austria

Acceptance Rates

Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
85
Total Downloads

Downloads (Last 12 months)27
Downloads (Last 6 weeks)0

Reflects downloads up to 04 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Mundt MBaier H(2024)Enhancing Incident Management by an Improved Understanding of Data Exfiltration: Definition, Evaluation, ReviewDigital Forensics and Cyber Crime10.1007/978-3-031-56580-9_3(33-57)Online publication date: 3-Apr-2024
https://doi.org/10.1007/978-3-031-56580-9_3
Makowski JPöhn D(2023)Evaluation of Real-World Risk-Based Authentication at Online Services Revisited: Complexity WinsProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3605024(1-9)Online publication date: 29-Aug-2023
https://dl.acm.org/doi/10.1145/3600160.3605024

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View Table of Contents