Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

Security incidents on the Internet, 1989--1995

Conference ·
OSTI ID:677057
This paper presents an analysis of trends in Internet security based on an investigation of 4,299 Internet security-related incidents reported to the CERT{reg_sign} Coordination Center (CERT{reg_sign}/CC) from 1989 through 1995. Prior to this research, knowledge of actual Internet security incidents was limited and primarily anecdotal. This research: (1) developed a taxonomy to classify Internet attacks and incidents, (2) organized, classified, and analyzed CERT{reg_sign}/CC incident records, (3) summarized the relative frequency of the use of tools and vulnerabilities, success in achieving access, and results of attacks, (4) estimated total Internet incident activity, (5) developed recommendations for Internet users and suppliers, and (6) developed recommendations for future research. With the exception of denial-of-service attacks, security incidents were found to be increasing at a rate less than Internet growth. Estimates showed that most, if not all, severe incidents were reported to the CERT{reg_sign}/CC, and that more than one out of three above average incidents (in terms of duration and number of sites) were reported. Estimates also indicated that a typical Internet site was involved in, at most, around one incident (of any kind) per year, and a typical Internet host in, at most, around one incident in 45 years. The probability of unauthorized privileged access was around an order of magnitude less likely. As a result, simple and reasonable security precautions should be sufficient for most Internet users.
Research Organization:
Sandia National Labs., Livermore, CA (United States)
Sponsoring Organization:
USDOE Assistant Secretary for Management and Administration, Washington, DC (United States)
DOE Contract Number:
AC04-94AL85000
OSTI ID:
677057
Report Number(s):
SAND--98-8497C; CONF-980723--; ON: DE98052851
Country of Publication:
United States
Language:
English

Similar Records

Security and Privacy Grand Challenges for the Internet of Things
Conference · Thu Aug 20 00:00:00 EDT 2015 · OSTI ID:1314417
A common language for computer security incidents
Technical Report · Thu Oct 01 00:00:00 EDT 1998 · OSTI ID:751004
Quantifying the Spectrum of Denial-of-Service Attacks through Internet Backscatter
Journal Article · Sat Dec 31 23:00:00 EST 2016 · OSTI ID:1544376

Related Subjects

99 GENERAL AND MISCELLANEOUS
CLASSIFICATION
HUMAN INTRUSION
INTERNET
RECOMMENDATIONS
SECURITY