Accession Number : ADA325125

Title :   Threat Assessment of Malicious Code and External Attacks,

Corporate Author : NATIONAL INST OF STANDARDS AND TECHNOLOGY GAITHERSBURG MD

Personal Author(s) : Bassham, Lawrence E. ; Polk, W. T.

PDF Url : ADA325125

Report Date : OCT 1992

Pagination or Media Count : 24

Abstract : This report provides an assessment of the threats associated with malicious code and external attacks on systems using commercially available hardware and software. The history of the threat is provided and current protection methods described. A projection of the future threats for both malicious code and human threats is also given. Today, computer systems are under attack from a multitude of sources. These range from malicious code, such as viruses and worms, to human threats, such as hackers and phone "phreaks." These attacks target different characteristics of a system. This leads to the possibility that a particular system is more susceptible to certain kinds of attacks. Malicious code, such as viruses and worms, attack a system in one of two ways, either internally or externally. Traditionally, the virus has been an internal threat, while the worm, to a large extent, has been a threat from an external source. Human threats are perpetrated by individuals or groups of individuals that attempt to penetrate systems through computer networks, public switched telephone networks or other sources. These attacks generally target known security vulnerabilities of systems. Many of these vulnerabilities are simply due to configuration errors.

Descriptors :   *ELECTRONIC SECURITY, COMPUTER PROGRAMS, CONTROL, REQUIREMENTS, MANAGEMENT, ATTACK, VULNERABILITY, PLANNING, CONFIGURATIONS, THREAT EVALUATION, HISTORY, PROTECTION, COMMERCIAL EQUIPMENT, ACCESS, EXTERNAL, COMPUTER NETWORKS, TECHNOLOGY FORECASTING, WORMS, INFORMATION SCIENCES, COMPUTER VIRUSES.

Subject Categories : Defense Systems

Distribution Statement : APPROVED FOR PUBLIC RELEASE