Analysis of the Computer and Network Attack Taxonomy

The Air Force's dependence on the Internet continues to increase daily. The Internet has become a staple of the office environment along side the telephone, the fax machine, and the computer. However, this increased dependence comes with risks. The popularity and potential of the Internet attracts users with illegal as well as legal intentions. Since the Air Force considers the Internet an integral component of its Information Operations strategy, the Air Force must be confident that it can trust the security of this component. Therefore, reliable methods and information that helps the Air Force classify the risks associated with the Internet can help the Air Force determine the best processes to assure the security of its use of this resource. This thesis examines the computer and network attack taxonomies developed by John Howard. Howard developed the taxonomy to help him classify Internet security incidents as part of his doctoral research and as part of a follow-on project to develop a common language for computer security. The taxonomy is a possible method that the Air Force can use to help it classify Internet security attacks and incidents. This researcher concluded that the computer and network attack taxonomies were satisfactory. The questionnaire respondents appeared to prefer the 1998 version more. In addition, this study offers several areas of improvement to the taxonomy that can help it become more widely accepted. This researcher also concluded that organizations responsible for the collection and distribution of Internet security information, do explicitly collect some, but not all, information useful as input into the taxonomy.