research-article

Towards an Improved Taxonomy of Attacks Related to Digital Identities and Identity Management Systems

Authors:

Wolfgang Hommel Academic Editor:

Wojciech MazurczykAuthors Info & Claims

Security and Communication Networks, Volume 2023

https://doi.org/10.1155/2023/5573310

Published: 01 January 2023 Publication History

Abstract

Digital transformation with the adoption of cloud technologies, outsourcing, and working-from-home possibilities permits flexibility for organizations and persons. At the same time, it makes it more difficult to secure the IT infrastructure as the IT team needs to keep track of who is accessing what data from where and when on which device. With these changes, identity management as a key element of security becomes more important. Identity management relates to the technologies and policies for the identification, authentication, and authorization of users (humans and devices) in computer networks. Due to the diversity of identity management (i.e., models, protocols, and implementations), different requirements, problems, and attack vectors need to be taken into account. In order to secure identity management systems with their identities, a systematic approach is required. In this article, we propose the improved framework Taxonomy for Identity Management related to Attacks (TaxIdMA). The purpose of TaxIdMA is to classify existing attacks, attack vectors, and vulnerabilities associated with system identities, identity management systems, and end-user identities. In addition, the background of these attacks can be described in a structured and systematic way. The taxonomy is applied to the Internet of Things and self-sovereign identities. It is enhanced by a description language for threat intelligence sharing. Last but not least, TaxIdMA is evaluated and improved based on expert interviews, statistics, and discussions. This step enables broader applicability and level of detail at the same time. The combination of TaxIdMA, which allows a structured way to outline attacks and is applicable to different scenarios, and a description language for threat intelligence helps to improve the security identity management systems and processes.

References

[1]

Ponemon Institute, “Cybersecurity in the remote work era: a global risk report,” Ponemon Institute, Traverse, MI, USA, 2020, Technical Report.

[2]

H. Ray, F. Wolf, R. Kuber, and A. J. Aviv, “Why Older Adults (Don’t) Use Password Managers,” in Proceedings of the 30th USENIX Security Symposium (USENIX Security), Berkeley, CA, USA, August 2021.

[3]

S. Pearman, S. A. Zhang, L. Bauer, N. Christin, and L. F. Cranor, “Why people (don’t) use password managers effectively,” in Proceedings of the 15th Symposium on Usable Privacy and Security (SOUPS), pp. 319–338, Berkeley, CA, USA, August 2019.

[4]

P. Mayer, C. W. Munyendo, M. L. Mazurek, and A. J. Aviv, “Why Users (Don’t) Use Password Managers at a Large Educational Institution,” in Proceedings of the 31st USENIX Security Symposium (USENIX Security), pp. 1849–1866, Berkley, CA, USA, August 2022.

[5]

Kaggle, “Common Password List (rockyou.txt),” 2021, https://www.kaggle.com/datasets/wjburns/common-password-list-rockyoutxt.

[6]

OffSec Services, “John,” 2022, https://www.kali.org/tools/john/.

[7]

OffSec Services, “Brutespray,” 2022, https://www.kali.org/tools/brutespray/.

[8]

E. Stobert and R. Biddle, “The Password Life Cycle,” ACM Trans. Priv. Secur, vol. 21, no. 3, pp. 1–32, 2018.

Digital Library

[9]

S. Sahin and F. Li, “Don’t Forget the Stuffing! Revisiting the Security Impact of Typo-Tolerant Password Authentication,” in Proceedings of the SIGSAC Conference On Computer And Communications Security (CCS), pp. 252–270, Association for Computing Machinery, New York, NY, USA, November 2021.

[10]

J. Arquilla and M. Guzdial, “The SolarWinds Hack, and a Grand Challenge for CS Education,” Communications of the ACM, vol. 64, no. 4, pp. 6–7, 2021.

Digital Library

[11]

S. Peisert, B. Schneier, H. Okhravi, F. Massacci, T. Benzel, C. Landwehr, M. Mannan, J. Mirkovic, A. Prakash, and J. B. Michael, “Perspectives on the SolarWinds Incident,” IEEE Security & Privacy, vol. 19, no. 2, pp. 7–13, 2021.

[12]

L. Sterle and S. Bhunia, “On SolarWinds Orion Platform Security Breach,” in Proceedings of the SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/IOP/SCI), pp. 636–641, IEEE, New York, NY, USA, October 2021.

[13]

L. Fritsch, “Identity management as a target in cyberwar,” in Proceedings of the Open Identity Summit (OIS), H. Roßnagel, C. H. Schunck, S. Mödersheim, and D. Hühnlein, Eds., pp. 61–70, GI, Bonn, Germany, April 2020.

[14]

Purple Knights Security, “Purple Knight Report 2022 – facing the unknown: uncovering & addressing systemic active directory security failures,” Purple Knights Security, Hoboken, NJ, USA, 2022, Technical Report.

[15]

D. Pöhn and W. Hommel, “TaxIdMA: Towards a Taxonomy for Attacks Related to Identities,” in Proceedings of the 17th International Conference on Availability, Reliability and Security (ARES), Association for Computing Machinery, New York, NY, USA, August 2022.

[16]

OASIS Cyber Threat Intelligence Technical Committee, “Introduction to STIX,” 2022, https://oasis-open.github.io/cti-documentation/stix/intro.html.

[17]

A. Henricks and H. Kettani, “On Data Protection Using Multi-Factor Authentication,” in Proceedings of the 2019 International Conference on Information System and System Management ISSM 2019, pp. 1–4, Association for Computing Machinery, New York, NY, USA, October 2020.

Digital Library

[18]

S. Wiefling, P. R. Jørgensen, S. Thunem, and L. L. Iacono, “Pump Up Password Security! Evaluating and Enhancing Risk-Based Authentication on a Real-World Large-Scale Online Service,” ACM Trans. Priv. Secur, vol. 26, no. 1, pp. 1–36, 2022.

Digital Library

[19]

A. Hang, A. De Luca, E. von Zezschwitz, M. Demmler, and H. Hussmann, “Locked Your Phone? Buy a New One? From Tales of Fallback Authentication on Smartphones to Actual Concepts,” in Proceedings of the 17th International Conference on Human-Computer Interaction with Mobile Devices and Services, pp. 295–305, Association for Computing Machinery, New York, NY, USA, August 2015.

Digital Library

[20]

S. Motiee, K. Hawkey, and K. Beznosov, “Do Windows Users Follow the Principle of Least Privilege? Investigating User Account Control Practices,” in Proceedings of the Sixth Symposium on Usable Privacy and Security, Association for Computing Machinery, New York, NY, USA, October 2010.

Digital Library

[21]

V. Samar, “Unified Login with Pluggable Authentication Modules (PAM),” in Proceedings of the 3rd ACM Conference on Computer and Communications Security, pp. 1–10, Association for Computing Machinery, New York, NY, USA, June 1996.

Digital Library

[22]

M. A. Qadeer, M. Salim, and M. S. Akhtar, “Profile Management and Authentication Using LDAP,” in Proceedings of the International Conference on Computer Engineering and Technology (ICCET), pp. 247–251, IEEE, New York, NY, USA, January 2009.

[23]

D. Lowe, Managing Windows User Accounts, Microsoft Corporation, Washington, DC, USA, 2020.

[24]

A. Kostopoulos, E. Sfakianakis, I. Chochliouros, J. S. Pettersson, S. Krenn, W. Tesfay, A. Migliavacca, and F. Hörandner, “Towards the Adoption of Secure Cloud Identity Services,” in Proceedings of the 12th International Conference on Availability, Reliability and Security (ARES), pp. 1–90, ACM, New York, NY, USA, August 2017.

[25]

E. Maler and D. Reed, “The Venn of Identity: Options and Issues in Federated Identity Management,” IEEE Security and Privacy Magazine, vol. 6, no. 2, pp. 16–23, 2008.

Digital Library

[26]

N. Ragouzis, J. Hughes, R. Philpott, and E. Maler, “Security Assertion Markup Language (SAML) V2.0 Technical Overview,” OASIS, New York, NY, USA, 2008, Technical report.

[27]

D. Hardt, “The OAuth 2.0 authorization framework,” 2012, http://www.rfc-editor.org/rfc/rfc6749.txt.

[28]

N. Sakimura, J. Bradley, M. B. Jones, B. de Medeiros, and C. Mortimore, “OpenID Connect Core 1.0,” Open ID Foundation, San Ramon, CA, USA, 2014, Technical report.

[29]

D. Berbecaru, A. Lioy, and C. Cameroni, “Electronic Identification for Universities: Building Cross-Border Services Based on the eIDAS Infrastructure,” Information, vol. 10, no. 6, p. 210, 2019.

[30]

C. Mainka, V. Mladenov, J. Schwenk, and T. Wich. “SoK, “Single Sign-On Security — An Evaluation of OpenID Connect,” in Proceedings of the European Symposium on Security and Privacy (EuroS&P), pp. 251–266, IEEE, New York, NY, USA, August 2017.

[31]

V. Mladenov and C. Mainka, “OpenID Connect Security Considerations,” Ruhr Universität Bochum, Bochum, Germany, 2017, Technical report.

[32]

D. Fett, R. Küsters, and G. Schmitz, “A Comprehensive Formal Security Analysis of OAuth 2.0,” in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 1204–1215, Association for Computing Machinery, New York, NY, USA, October 2016.

Digital Library

[33]

T. Lodderstedt, J. Bradley, A. Labunets, and D. Fett, “OAuth 2.0 Security Best Current Practice,” 2020, http://www.ietf.org/internet-drafts/draft-ietf-oauth-security-topics-16.txt.

[34]

T. Lodderstedt, M. McGloin, and P. Hunt, OAuth 2.0 Threat Model and Security Considerations, RFC Editor, Marina del Rey, CA, USA, 2013.

[35]

F. Hirsch, R. Philpott, and E. Maler, “Security and Privacy Considerations for the OASIS Security Assertion Markup Language (SAML) V2.0,” OASIS, New York, NY, USA, 2005, Technical Report.

[36]

E. Maler, M. Machulak, and J. Richer, User-Managed Access (UMA) 2.0 Grant for OAuth 2.0 Authorization, Kantara Specification, Herndon, VA, USA, 2018.

[37]

E. Maler, M. Machulak, and J. Richer, Federated Authorization for User-Managed Access (UMA 2.0), Kantara Specification, Herndon, VA, USA, 2017.

[38]

M. P. Machulak, E. L. Maler, D. Catalano, and A. van. Moorsel, “User-Managed Access to Web Resources,” in Proceedings of the 6th Workshop on Digital Identity Management (DIM), pp. 35–44, Association for Computing Machinery, New York, NY, USA, August 2010.

Digital Library

[39]

M. S. Ferdous, F. Chowdhury, and M. O. Alassafi, “In Search of Self-Sovereign Identity Leveraging Blockchain Technology,” IEEE Access, vol. 7, pp. 103059–103079, 2019.

[40]

K. C. Toth and A. Anderson-Priddy, “Self-Sovereign Digital Identity: A Paradigm Shift for Identity,” IEEE Security & Privacy, vol. 17, no. 3, pp. 17–27, 2019.

[41]

N. Naik, P. Grace, and P. Jenkins, “An Attack Tree Based Risk Analysis Method for Investigating Attacks and Facilitating Their Mitigations in Self-Sovereign Identity,” in Proceedings of the Symposium Series on Computational Intelligence (SSCI), pp. 1–8, IEEE, New York, NY, USA, December 2021.

[42]

H. L’Amrani, B. E. Berroukech, Y. El Bouzekri Idrissi, and R. Ajhoun, “Identity management systems: Laws of identity for models evaluation,” in Proceedings of the 4th IEEE International Colloquium on Information Science and Technology (CiSt), pp. 736–740, IEEE, New York, NY, USA, October 2016.

[43]

B. Martin, “Common Vulnerabilities Enumeration (CVE), Common Weakness Enumeration (CWE), and Common Quality Enumeration (CQE): Attempting to Systematically Catalog the Safety and Security Challenges for Modern, Networked, Software-Intensive Systems,” Ada Lett, vol. 38, no. 2, pp. 9–42, 2019.

Digital Library

[44]

MITRE Corporation, “CWE – Common Weakness Enumeration,” 2022, https://cwe.mitre.org.

[45]

B. E. Strom, A. Applebaum, D. P. Miller, K. C. Nickels, A. G. Pennington, and C. B. Thomas, “MITRE ATT&CK: Design and Philosophy,” The MITRE Corporation, McLean, VI, USA, 2020, Report.

[46]

S. Cho, I. Han, and H. Jeong, “Cyber Kill Chain based Threat Taxonomy and its Application on Cyber Common Operational Picture,” in Proceedings of the International Conference on Cyber Situational Awareness, Data Analytics and Assessment (Cyber SA), pp. 1–8, IEEE, New York, NY, USA, January 2018.

[47]

MITRE Corporation, “CAPEC – Common Attack Pattern Enumeration and Classification,” 2022, https://capec.mitre.org.

[48]

OWASP, “Projects,” 2022, https://owasp.org/projects/.

[49]

V. M. Igure and R. D. Williams, “Taxonomies of Attacks and Vulnerabilities in Computer Systems,” IEEE Communications Surveys & Tutorials, vol. 10, no. 1, pp. 6–19, 2008.

Digital Library

[50]

I. M. Chapman, S. P. Leblanc, and A. Partington, “Taxonomy of Cyber Attacks and Simulation of Their Effects,” in Proceedings of the Military Modeling & Simulation Symposium (MMS), pp. 73–80, Society for Computer Simulation International, San Diego, CA, USA, August 2011.

[51]

R. Derbyshire, B. Green, D. Prince, A. Mauthe, and D. Hutchison, “An Analysis of Cyber Security Attack Taxonomies,” in Proceedings of the IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pp. 153–161, New York, NY, USA, June 2018.

[52]

M. J. Haber and D. Rolls, Identity Attack Vectors, Apress, New York, NY, USA, 2020.

[53]

U. Habiba, R. Masood, M. A. Shibli, and M. A. Niazi, “Cloud identity management security issues & solutions: a taxonomy,” Complex Adaptive Systems Modeling, vol. 2, no. 1, p. 5, 2014.

[54]

D. Klaper and E. Hovy, “A Taxonomy and a Knowledge Portal for Cybersecurity,” in Proceedings of the 15th Annual International Conference on Digital Government Research (DG-O), pp. 79–85, ACM, New York, NY, USA, March 2014.

[55]

E. W. Burger, M. D. Goodman, P. Kampanakis, J. Squillace, and M. Bantan, “Taxonomy Model for Cyber Threat Intelligence Information Exchange Technologies,” in Proceedings of the Workshop on Information Sharing & Collaborative Security (WISCS), pp. 51–60, ACM, New York, NY, USA, August 2014.

[56]

A. Husseis, J. Liu-Jimenez, I. Goicoechea-Telleria, and R. Sanchez-Reillo, “A Survey in Presentation Attack and Presentation Attack Detection,” in Proceedings of the International Carnahan Conference on Security Technology (ICCST), pp. 1–13, IEEE, New York, NY, USA, December 2019.

[57]

M. Mamchenko and A. Sabanov, “Exploring the Taxonomy of USB-Based Attacks,” in Proceedings of the 12th International Conference Management of Large-Scale System Development (MLSD), pp. 1–4, IEEE, New York, NY, USA, January 2019.

[58]

M. Hollick, C. Nita-Rotaru, P. Papadimitratos, A. Perrig, and S. Schmid, “Toward a Taxonomy and Attacker Model for Secure Routing Protocols,” SIGCOMM Comput. Commun. Rev., vol. 47, no. 1, pp. 43–48, 2017.

Digital Library

[59]

S. Chaipa, E. K. Ngassam, and S. Singh, “Towards a New Taxonomy of Insider Threats,” in Proceedings of the IST-Africa Conference (IST-Africa), pp. 1–10, IEEE, New York, NY, USA, June 2022.

[60]

B. Alsamani and H. Lahza, “A taxonomy of IoT: Security and privacy threats,” in Proceedings of the International Conference on Information and Computer Technologies (ICICT), pp. 72–77, IEEE, New York, NY, USA, August 2018.

[61]

M. Nawir, A. Amir, N. Yaakob, and O. B. Lynn, “Internet of Things (IoT): Taxonomy of security attacks,” in Proceedings of the 3rd International Conference on Electronic Design (ICED), pp. 321–326, IEEE, New York, NY, USA, May 2016.

[62]

S. Khanam, I. B. Ahmedy, M. Y. Idna Idris, M. H. Jaward, and A. Q. Bin Md Sabri, “A Survey of Security Challenges, Attacks Taxonomy and Advanced Countermeasures in the Internet of Things,” IEEE Access, vol. 8, pp. 219709–219743, 2020.

[63]

N. Neshenko, E. Bou-Harb, J. Crichigno, G. Kaddoum, and N. Ghani, “Demystifying IoT Security: An Exhaustive Survey on IoT Vulnerabilities and a First Empirical Look on Internet-Scale IoT Exploitations,” IEEE Communications Surveys & Tutorials, vol. 21, no. 3, pp. 2702–2733, 2019.

[64]

L. Wüstrich, M.-O. Pahl, and S. Liebald, “Towards an Extensible IoT Security Taxonomy,” in Proceedings of the IEEE Symposium on Computers and Communications (ISCC), pp. 1–6, IEEE, New York, NY, USA, February 2020.

[65]

S. Rizvi, A. Kurtz, J. Pfeffer, and M. Rizvi, “Securing the Internet of Things (IoT): A Security Taxonomy for IoT,” in Proceedings of the 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), pp. 163–168, IEEE, New York, NY, USA, October 2018.

[66]

S. Shasha, M. Mahmoud, M. Mannan, and A. Youssef, “Playing With Danger: A Taxonomy and Evaluation of Threats to Smart Toys,” IEEE Internet of Things Journal, vol. 6, no. 2, pp. 2986–3002, 2019.

[67]

P. Williams, P. Rojas, and M. Bayoumi, “Security Taxonomy in IoT – A Survey,” in Proceedings of the 62nd International Midwest Symposium on Circuits and Systems (MWSCAS), pp. 560–565, IEEE, New York, NY, USA, July 2019.

[68]

J. Squillace and M. Bantan, “A Taxonomy of Privacy, Trust, and Security Breach Incidents of Internet-of-Things Linked to F(M).A.A.N.G. Corporations,” in Proceedings of the World AI IoT Congress (AIIoT), pp. 591–596, IEEE, New York, NY, USA, August 2022.

[69]

C. Xenofontos, I. Zografopoulos, C. Konstantinou, A. Jolfaei, M. K. Khan, and K. K. R. Choo, “Consumer, Commercial, and Industrial IoT (In)Security: Attack Taxonomy and Case Studies,” IEEE Internet of Things Journal, vol. 9, no. 1, pp. 199–221, 2022.

[70]

A. Taivalsaari and T. Mikkonen, “A Taxonomy of IoT Client Architectures,” IEEE Software, vol. 35, no. 3, pp. 83–88, 2018.

[71]

R. B. Auliar and G. Bekaroo, “Security in IoT-based Smart Homes: A Taxonomy Study of Detection Methods of Mirai Malware and Countermeasures,” in Proceedings of the International Conference on Electrical, Computer, Communications and Mechatronics Engineering (ICECCME), pp. 1–6, IEEE, New York, NY, USA, January 2021.

[72]

M. El-hajj, M. Chamoun, A. Fadlallah, and A. Serhrouchni, “Taxonomy of authentication techniques in Internet of Things (IoT),” in Proceedings of the 15th Student Conference on Research and Development (SCOReD), pp. 67–71, IEEE, New York, NY, USA, August 2017.

[73]

K. Lounis and M. Zulkernine, “Attacks and Defenses in Short-Range Wireless Technologies for IoT,” IEEE Access, vol. 8, pp. 88892–88932, 2020.

[74]

H. Boujezza, M. Al-Mufti, H. K. Ben Ayed, and L. Saidane, “A taxonomy of identities management systems in IOT,” in Proceedings of the IEEE/ACS 12th International Conference of Computer Systems and Applications (AICCSA), pp. 1–8, IEEE, New York, NY, USA, November 2015.

[75]

A. N. Bikos and S. A. P. Kumar, “Securing Digital Ledger Technologies-Enabled IoT Devices: Taxonomy, Challenges, and Solutions,” IEEE Access, vol. 10, pp. 46238–46254, 2022.

[76]

C. Berger, P. Eichhammer, H. P. Reiser, J. Domaschka, F. J. Hauck, and G. Habiger, “A Survey on Resilience in the IoT: Taxonomy, Classification, and Discussion of Resilience Mechanisms,” ACM Computing Surveys, vol. 54, no. 7, pp. 1–39, September 2021.

Digital Library

[77]

F. Alsubaei, A. Abuhussein, and S. Shiva, “Security and privacy in the internet of medical things: Taxonomy and risk assessment,” in Proceedings of the 42nd Conference on Local Computer Networks Workshops (LCN Workshops), pp. 112–120, IEEE, New York, NY, USA, December 2017.

[78]

D. Redding, A. Jian, and S. Bhunia, “A Case Study of Massive API Scrapping: Parler Data Breach After the Capitol Riot,” in Proceedings of the 7th International Conference on Smart and Sustainable Technologies (SpliTech), pp. 1–7, IEEE, New York, NY, USA, January 2022.

[79]

B. Gibson, T. Spencer, D. Lewis, and S. Bhunia, “Vulnerability in massive api scraping: 2021 linkedin data breach,” in Proceedings of the International Conference on Computational Science and Computational Intelligence (CSCI), pp. 777–782, IEEE, New York, NY, USA, January 2021.

[80]

J. Qian, Z. Gan, J. Zhang, and S. Bhunia, “Analyzing SocialArks Data Leak - A Brute Force Web Login Attack,” in Proceedings of the 4th International Conference on Computer Communication and the Internet (ICCCI), pp. 21–27, IEEE, New York, NY, USA, December 2022.

[81]

H. Nguyen Ba Minh, J. Bennett, M. Gallagher, and S. Bhunia, “A Case Study of Credential Stuffing Attack: Canva Data Breach,” in Proceedings of the International Conference on Computational Science and Computational Intelligence (CSCI), pp. 735–740, IEEE, New York, NY, USA, November 2021.

[82]

L. Rizkallah, N. Potter, K. Reed, D. Reynolds, M. Salman, and S. Bhunia, “Red Toad, Blue Toad, Hacked Toad?” in Proceedings of the World AI IoT Congress (AIIoT), pp. 379–386, IEEE, New York, NY, USA, December 2022.

[83]

A. Pitney, S. Penrod, M. Foraker, and S. Bhunia, “A Systematic Review of 2021 Microsoft Exchange Data Breach Exploiting Multiple Vulnerabilities,” in Proceedings of the 7th International Conference on Smart and Sustainable Technologies (SpliTech), pp. 1–6, IEEE, New York, NY, USA, August 2022.

[84]

J. Nadjar, Y. Liu, J. Salinas, and S. Bhunia, “A Case Study on the Multi-Vector Data Breach on Astoria,” in Proceedings of the 4th International Conference on Computer Communication and the Internet (ICCCI), pp. 51–57, IEEE, New York, NY, USA, November 2022.

[85]

C. Faircloth, G. Hartzell, N. Callahan, and S. Bhunia, “A Study on Brute Force Attack on T-Mobile Leading to SIM-Hijacking and Identity-Theft,” in Proceedings of the World AI IoT Congress (AIIoT), pp. 501–507, IEEE, New York, NY, USA, August 2022.

[86]

C. D. Motero, J. R. B. Higuera, J. B. Higuera, J. A. S. Montalvo, and N. G. Gomez, “On Attacking Kerberos Authentication Protocol in Windows Active Directory Services: A Practical Survey,” IEEE Access, vol. 9, pp. 109289–109319, 2021.

[87]

N. Anita and M. Vijayalakshmi, “Blockchain Security Attack: A Brief Survey,” in Proceedings of the 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT), pp. 1–6, IEEE, New York, NY, USA, January 2019.

[88]

M. Saad, J. Spaulding, L. Njilla, C. Kamhoua, S. Shetty, D. Nyang, and D. Mohaisen, “Exploring the Attack Surface of Blockchain: A Comprehensive Survey,” IEEE Communications Surveys & Tutorials, vol. 22, no. 3, pp. 1977–2008, 2020.

[89]

O. B. Al-Khurafi and M. A. Al-Ahmad, “Survey of Web Application Vulnerability Attacks,” in Proceedings of the 4th International Conference on Advanced Computer Science Applications and Technologies (ACSAT), pp. 154–158, IEEE, New York, NY, USA, October 2015.

[90]

V. Gaikwad and L. Ragha, “Mitigation of attack on authenticating identities in ad-hoc network,” in Proceedings of the International Conference on Energy, Communication, Data Analytics and Soft Computing (ICECDS), pp. 1027–1032, IEEE, New York, NY, USA, November 2017.

[91]

T. Sharma and L. Singh, “A detection technique for identity based attacks in clustered mobile ad-hoc networks,” in Proceedings of the International Conference on Advances in Computer Engineering and Applications (ICACEA), pp. 893–898, IEEE, New York, NY, USA, November 2015.

[92]

L. Bahri, “Identity Related Threats, Vulnerabilities and Risk Mitigation in Online Social Networks: A Tutorial,” in Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 2603–2605, Association for Computing Machinery, New York, NY, USA, December 2017.

[93]

S. Gupta, A. Singhal, and A. Kapoor, “A literature survey on social engineering attacks: Phishing attack,” in Proceedings of the International Conference on Computing, Communication and Automation (ICCCA), pp. 537–540, IEEE, New York, NY, USA, February 2016.

[94]

S. Qin, M. C. Silaghi, T. Matsui, M. Yokoo, and K. Hirayama, “Addressing False Identity Attacks in Action-Based P2P Social Networks with an Open Census,” in Proceedings of the IEEE/WIC/ACM International Joint Conferences on Web Intelligence (WI) and Intelligent Agent Technologies (IAT), pp. 50–57, IEEE Computer Society, New York, NY, USA, March 2013.

[95]

I. Karunanayake, N. Ahmed, R. Malaney, R. Islam, and S. K. Jha, “De-Anonymisation Attacks on Tor: A Survey,” IEEE Communications Surveys & Tutorials, vol. 23, no. 4, pp. 2324–2350, 2021.

[96]

E. Erdin, C. Zachor, and M. H. Gunes, “How to Find Hidden Users: A Survey of Attacks on Anonymity Networks,” IEEE Communications Surveys & Tutorials, vol. 17, no. 4, pp. 2296–2316, 2015.

Digital Library

[97]

S. Mavoungou, G. Kaddoum, M. Taha, and G. Matar, “Survey on Threats and Attacks on Mobile Networks,” IEEE Access, vol. 4, pp. 4543–4572, 2016.

[98]

J. M. Briones, M. A. Coronel, and P. Chavez-Burbano, “Case of study: Identity theft in a university WLAN Evil twin and cloned authentication web interface,” in Proceedings of the World Congress on Computer and Information Technology (WCCIT), pp. 1–4, IEEE, New York, NY, USA, January 2013.

[99]

Y. Mei, W. Han, S. Li, and X. Wu, “A Survey of Advanced Persistent Threats Attack and Defense,” in Proceedings of the 6th International Conference on Data Science in Cyberspace (DSC), pp. 608–613, IEEE, New York, NY, USA, February 2021.

[100]

R. Barona and E. A. Mary Anita, “A survey on data breach challenges in cloud computing security: issues and threats,” in Proceedings of the International Conference on Circuit, Power and Computing Technologies (ICCPCT), pp. 1–8, IEEE, New York, NY, USA, 2017.

[101]

Y. Fang, Y. Guo, C. Huang, and L. Liu, “Analyzing and Identifying Data Breaches in Underground Forums,” IEEE Access, vol. 7, pp. 48770–48777, 2019.

[102]

R. R. Subramanian, R. Avula, P. S. Surya, and B. Pranay, “Modeling and predicting cyber hacking breaches,” in Proceedings of the 5th International Conference on Intelligent Computing and Control Systems (ICICCS), pp. 288–293, IEEE, New York, NY, USA, December 2021.

[103]

F. Aiolli, M. Conti, A. Gangwal, and M. Polato, “Mind Your Wallet’s Privacy: Identifying Bitcoin Wallet Apps and User’s Actions through Network Traffic Analysis,” in Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing (SAC), pp. 1484–1491, Association for Computing Machinery, New York, NY, USA, January 2019.

[104]

M. Ussath, D. Jaeger, F. Cheng, and C. Meinel, “Pushing the limits of cyber threat intelligence: Extending stix to support complex patterns,” in Information Technology: New Generations, S. Latifi, Ed., pp. 213–225, Springer International Publishing, Cham, Switzerland, 2016.

[105]

M. Vielberth, F. Menges, and G. Pernul, “Human-as-a-security-sensor for harvesting threat intelligence,” Cybersecurity, vol. 2, no. 1, p. 23, 2019.

[106]

OASIS Cyber Threat Intelligence TC, TAXII Version 2.1”, OASIS, New York, NY, USA, 2021.

[107]

FireEye, “OpenIOC 1.1 DRAFT – README,” 2020, https://github.com/fireeye/OpenIOC_1.1.

[108]

SECEF, “IODEF Introduction,” 2022, https://www.secef.net/secef/iodef/iodef-introduction/.

[109]

J. Meijer, R. Danyliw, and Y. Demchenko, “The Incident Object Description Exchange Format,” 2007, https://www.rfc-editor.org/info/rfc5070.

[110]

B. Trammell, “Expert Review for Incident Object Description Exchange Format (IODEF) Extensions in IANA XML Registry,” 2012, https://www.rfc-editor.org/info/rfc6685.

[111]

T. Takahashi, K. Landfield, and Y. Kadobayashi, “An Incident Object Description Exchange Format (IODEF) Extension for Structured Cybersecurity Information”. RFC 7203,” 2014, https://www.rfc-editor.org/info/rfc7203.

[112]

R. Stillions, “The DML model,” 2014, https://ryanstillions.blogspot.com/2014/04/the-dml-model_21.html.

[113]

S. Bromander, A. Jøsang, and M. Eian, “Semantic Cyberthreat Modelling,” in Proceedings of the Semantic Technology for Intelligence, Defense, and Security (STIDS), pp. 74–78, CEUR Workshop, Aachen, Germany, January 2016.

[114]

M. Pahlevan, A. Voulkidis, and T.-H. Velivassaki, “Secure Exchange of Cyber Threat Intelligence Using TAXII and Distributed Ledger Technologies - Application for Electrical Power and Energy System,” in Proceedings of the 16th International Conference on Availability, Reliability and Security (ARES), Association for Computing Machinery, New York, NY, USA, November 2021.

[115]

V. Mavroeidis and S. Bromander, “Cyber Threat Intelligence Model: An Evaluation of Taxonomies, Sharing Standards, and Ontologies within Cyber Threat Intelligence,” in Proceedings of the European Intelligence and Security Informatics Conference (EISIC), pp. 91–98, IEEE, New York, NY, USA, October 2017.

[116]

A. Zibak and A. Simpson, “Cyber Threat Information Sharing: Perceived Benefits and Barriers,” in Proceedings of the 14th International Conference on Availability, Reliability and Security (ARES), Association for Computing Machinery, New York, NY, USA, January 2019.

[117]

B. Stojkovski, G. Lenzini, V. Koenig, and S. Rivas, “What’s in a Cyber Threat Intelligence Sharing Platform? A Mixed-Methods User Experience Investigation of MISP,” in Proceedings of the Annual Computer Security Applications Conference (ACSAC), pp. 385–398, Association for Computing Machinery, New York, NY, USA, December 2021.

[118]

S. Bromander, M. Swimmer, L. P. Muller, A. Jøsang, M. Eian, G. Skjøtskift, and F. Borg, “Investigating Sharing of Cyber Threat Intelligence and Proposing A New Data Model for Enabling Automation in Knowledge Representation and Exchange,” Digital Threats, vol. 3, no. 1, pp. 1–22, 2021.

Digital Library

[119]

V. Mavroeidis, H. Ryan, T. Casey, and A. Jesang, “Threat Actor Type Inference and Characterization within Cyber Threat Intelligence,” in Proceedings of the 13th International Conference on Cyber Conflict (CyCon), pp. 327–352, IEEE, New York, NY, USA, May 2021.

[120]

C. Wagner, A. Dulaunoy, G. Wagener, and A. Iklody, “MISP: The Design and Implementation of a Collaborative Threat Intelligence Sharing Platform,” in Proceedings of the Workshop on Information Sharing and Collaborative Security (WISCS), pp. 49–56, Association for Computing Machinery, New York, NY, USA, February 2016.

[121]

OpenCTI Platform, “OpenCTI,” 2022, https://github.com/OpenCTI-Platform/opencti.

[122]

N. Adouani, T. Franco, and J. Leonard, “TheHive,” 2022, https://github.com/TheHive-Project/TheHive.

[123]

S. Wendzel, L. Caviglione, and W. Mazurczyk, “Avoiding research tribal wars using taxonomies,” IEEE Computer, vol. 56, no. 1, 2023.

[124]

C. E. Landwehr, A. R. Bull, J. P. McDermott, and W. S. Choi, “A taxonomy of computer program security flaws,” ACM Computing Surveys, vol. 26, no. 3, pp. 211–254, 1994.

Digital Library

[125]

U. Lindqvist and E. Jonsson, “How to systematically classify computer security intrusions,” in Proceedings of the IEEE Symposium on Security and Privacy (S&P), pp. 154–163, New York, NY, USA, November 1997.

[126]

M. J. M. Al-Saadi and M. Ilyas, “Identity Management Approach in Internet of Things (IoT),” in Proceedings of the 4th International Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT), pp. 1–6, IEEE, New York, NY, USA, December 2020.

[127]

B. Zhao, P. Zhao, and P. Fan, “ePUF: A lightweight double identity verification in IoT,” Tsinghua Science and Technology, vol. 25, no. 5, pp. 625–635, 2020.

[128]

S. K. Gebresilassie, J. Rafferty, P. Morrow, L. Chen, M. Abu-Tair, and Z. Cui, “Distributed, Secure, Self-Sovereign Identity for IoT Devices,” in Proceedings of the 6th World Forum on Internet of Things (WF-IoT), pp. 1–6, IEEE, New York, NY, USA, December 2020.

[129]

H. Ning, Z. Zhen, F. Shi, and M. Daneshmand, “A Survey of Identity Modeling and Identity Addressing in Internet of Things,” IEEE Internet of Things Journal, vol. 7, no. 6, pp. 4697–4710, 2020.

[130]

B. B. Gupta, A. Gaurav, K. T. Chui, and C.-H. Hsu, “Identity-Based Authentication Technique for IoT Devices,” in Proceedings of the International Conference on Consumer Electronics (ICCE), vol. 4, p. 1, IEEE, New York, NY, USA, May 2022.

[131]

S. Lips, N. Vinogradova, R. Krimmer, and D. Draheim, “Re-Shaping the EU Digital Identity Framework,” in Proceedings of the 23rd Annual International Conference on Digital Government Research (dg.O), pp. 13–21, Association for Computing Machinery, New York, NY, USA, August 2022.

[132]

A. Sharif, M. Ranzi, R. Carbone, G. Sciarretta, and S. Ranise. “SoK, “A Survey on Technological Trends for (Pre)Notified EIDAS Electronic Identity Schemes,” in Proceedings of the 17th International Conference on Availability, Reliability and Security (ARES), Association for Computing Machinery, New York, NY, USA, December 2022.

[133]

Š. Čučko, Š. Bećirović, A. Kamišalić, S. Mrdović, and M. Turkanović, “Towards the Classification of Self-Sovereign Identity Properties,” IEEE Access, vol. 10, pp. 88306–88329, 2022.

[134]

S. Chng, H. Y. Lu, A. Kumar, and D. Yau, “Hacker types, motivations and strategies: A comprehensive framework,” Computers in Human Behavior Reports, vol. 5, 2022.

[135]

S. Hansman and R. Hunt, “A taxonomy of network and computer attacks,” Computers & Security, vol. 24, no. 1, pp. 31–43, 2005.

Digital Library

[136]

C. Simmons, C. Ellis, S. Shiva, D. Dasgupta, and Q. Wu, “AVOIDIT: A Cyber Attack Taxonomy,” in Proceedings of the 9th Annual Symposium on Information Assurance (ASIA), pp. 2–12, New York, NY, USA, June 2014.

[137]

R. Heartfield and G. Loukas, “A Taxonomy of Attacks and a Survey of Defence Mechanisms for Semantic Social Engineering Attacks,” ACM Computing Surveys, vol. 48, no. 3, pp. 1–39, 2015.

Digital Library

[138]

Federal Office for Information Security, IT-Grundschutz-Compendium, Bonn, Germany, 2021.

[139]

MITRE, “Steal or Forge Kerberos Tickets,” 2022, https://attack.mitre.org/techniques/T1558/.

[140]

Microsoft, “Microsoft Security Bulletin MS17-010-Critical,” 2022, https://learn.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010.

[141]

Microsoft, “Microsoft Security Bulletin MS16-032-Important,” 2022, https://learn.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-032.

[142]

MITRE, “Steal or Forge Kerberos Tickets,” 2022, https://attack.mitre.org/techniques/T1550/002/.

[143]

MITRE, “Steal or Forge Kerberos Tickets: Kerberoasting,” 2022, https://attack.mitre.org/techniques/T1558/003/.

[144]

K. I. Ahmed, M. Tahir, and S. L. Lau, “Trust Management for IoT Security: Taxonomy and Future Research Directions,” in Proceedings of the Conference on Application, Information and Network Security (AINS), pp. 26–31, IEEE, New York, NY, USA, December 2020.

[145]

N. Naik and P. Jenkins, “Self-Sovereign Identity Specifications: Govern Your Identity Through Your Digital Wallet using Blockchain Technology,” in Proceedings of the 8th International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud), pp. 90–95, IEEE, New York, NY, USA, November 2020.

[146]

X. Chen, Z. Wei, X. Jia, P. Zheng, M. Han, and X. Yang, “Current Status and Prospects of Blockchain Security Standardization,” in Proceedings of the 9th International Conference on Cyber Security and Cloud Computing (CSCloud)/2022 IEEE 8th International Conference on Edge Computing and Scalable Cloud (EdgeCom), pp. 24–29, IEEE, New York, NY, USA, January 2022.

[147]

P. R. Nair and D. R Dorai, “Evaluation of Performance and Security of Proof of Work and Proof of Stake using Blockchain,” in Proceedings of the 3rd International Conference on Intelligent Communication Technologies and Virtual Mobile Networks (ICICV), pp. 279–283, IEEE, New York, NY, USA, May 2021.

[148]

S. Sharma and K. Shah, “Exploring Security Threats on Blockchain Technology along with possible Remedies,” in Proceedings of the 7th International conference for Convergence in Technology (I2CT), pp. 1–4, IEEE, New York, NY, USA, February 2022.

[149]

B. Putz and G. Pernul, “Detecting Blockchain Security Threats,” in Proceedings of the International Conference on Blockchain (Blockchain), pp. 313–320, IEEE, New York, NY, USA, April 2020.

[150]

T. Ameen, S. Sankagiri, and B. Hajek, “Blockchain Security When Messages Are Lost,” in Proceedings of the Workshop on Developments in Consensus (ConsensusDay), pp. 1–14, Association for Computing Machinery, New York, NY, USA, December 2022.

[151]

A. Lewis-Pye and T. Roughgarden, “How Does Blockchain Security Dictate Blockchain Implementation?” in Proceedings of the SIGSAC Conference on Computer and Communications Security (CCS), pp. 1006–1019, Association for Computing Machinery, New York, NY, USA, October 2021.

[152]

G. Karame, “On the Security and Scalability of Bitcoin’s Blockchain,” in Proceedings of the SIGSAC Conference on Computer and Communications Security (CCS), pp. 1861–1862, Association for Computing Machinery, New York, NY, USA, November 2016.

[153]

N. Amiet, “Blockchain Vulnerabilities in Practice,” Digital Threats, vol. 2, no. 2, pp. 1–7, 2021.

Digital Library

[154]

R. Zhang, R. Xue, and L. Liu, “Security and Privacy on Blockchain,” ACM Computing Surveys, vol. 52, no. 3, pp. 1–34, July 2019.

Digital Library

[155]

A. Davenport and S. Shetty, “Modeling Threat of Leaking Private Keys from Air-Gapped Blockchain Wallets,” in Proceedings of the International Smart Cities Conference (ISC2), pp. 9–13, IEEE, New York, NY, USA, January 2019.

[156]

M. Guri, “BeatCoin: Leaking Private Keys from Air-Gapped Cryptocurrency Wallets,” in Proceedings of the International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 1308–1316, IEEE, New York, NY, USA, May 2018.

[157]

Y. Hu, S. Wang, G.-H. Tu, L. Xiao, T. Xie, X. Lei, and C.-Y. Li, “Security Threats from Bitcoin Wallet Smartphone Applications: Vulnerabilities, Attacks, and Countermeasures,” in Proceedings of the 11th Conference on Data and Application Security and Privacy (CODASPY), pp. 89–100, Association for Computing Machinery, New York, NY, USA, September 2021.

[158]

Symantec, “Internet Security Threat Report,” Symantec, Tempe, AR, USA, 2019, Technical report.

[159]

ENISA, “ENISA Threat Landscape,” ENISA, Athens, Greece, 2022, Technical report.

[160]

Federal Trade Commission, “Consumer Sentinel Network Data Book 2021,” Federal Trade Commission, Washington, DC, USA, 2022, Technical report.

[161]

EY, “Is cybersecurity about more than protection? – EY Global Information Security Survey 2018-19,” EY, Washington, DC, USA, 2018, Technical report.

[162]

ENISA, “Identity Theft - ENISA Threat Landscape,” ENISA, Athens, Greece, 2020, Technical report.

[163]

ENISA, “Data Breach - ENISA Threat Landscape,” ENISA, Athens, Greece, 2020, Technical report.

[164]

OWASP Top Ten, 2022, https://owasp.org/www-project-top-ten/.

[165]

IIoT World, “An Overview of the IoT Security Market Report 2017-2022,” 2022, https://iiot-world.com/reports/an-overview-of-the-iot-security-market-report-2017-2022/.

[166]

Curated Intel, “Initial-Access-Broker-Landscape,” 2021, https://github.com/curated-intel/Initial-Access-Broker-Landscape.

[167]

Identity Defined Security Alliance, “2022 Trends in Securing Digital Identities,” IDSA, New Delhi, India, 2022, Technical report.

Cited By

Messinis STemenos NProtonotarios NRallis IKalogeras DDoulamis N(2024)Enhancing Internet of Medical Things security with artificial intelligenceComputers in Biology and Medicine10.1016/j.compbiomed.2024.108036170:COnline publication date: 25-Jun-2024
https://dl.acm.org/doi/10.1016/j.compbiomed.2024.108036

Recommendations

TaxIdMA: Towards a Taxonomy for Attacks related to Identities
ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security

Identity management refers to the technology and policies for the identification, authentication, and authorization of users in computer networks. Identity management is therefore fundamental to today’s IT ecosystem. At the same time, identity ...
Practical versus moral identities in identity management

Over the past decade Identity Management has become a central theme in information technology, policy, and administration in the public and private sectors. In these contexts the term `Identity Management' is used primarily to refer to ways and methods ...
Identity Management

The Identity Solutions Symposium held in Jonesboro, Arkansas, 21 to 22 February, 2007 brought together academic, industry, and government experts working on radio frequency identification (RFID), biometrics, sensors, animal identification, identity ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Security and Communication Networks

Security and Communication Networks Volume 2023, Issue

2023

2370 pages

ISSN:1939-0114

EISSN:1939-0122

Issue’s Table of Contents

Copyright © 2023 Daniela Pöhn and Wolfgang Hommel.

This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Publisher

John Wiley & Sons, Inc.

United States

Publication History

Published: 01 January 2023

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 04 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Messinis STemenos NProtonotarios NRallis IKalogeras DDoulamis N(2024)Enhancing Internet of Medical Things security with artificial intelligenceComputers in Biology and Medicine10.1016/j.compbiomed.2024.108036170:COnline publication date: 25-Jun-2024
https://dl.acm.org/doi/10.1016/j.compbiomed.2024.108036

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents