Understanding the World of Your Enemy With I-CAT (Internet-Categorization of Attacks Toolkit)
Peter M. Mell
Security professionals need to understand the attacks and vulnerabilities utilized by hackers to penetrate and shut down computer systems. However, security companies that collect such knowledge share very little of it with the general security community. The result is that security professionals must use the Internet as their source of computer attack and vulnerability information. While the Internet is a rich source of such information, the data is disorganized, distributed, and unverified. Because of the difficulty of collecting attack and vulnerability information on the Internet, security organizations spend an enormous amount of money sifting through the data. We are trying to mitigate this problem with the Internet- Categorization of Attacks Toolkit (I-CAT). I-CAT is a tool that allows security professionals to quickly glean attack and vulnerability information off the Internet. I-CAT has three main services: attack description lookup, statistics on the popularity of attacks, and measurements of current trends in attack publication. These three services will enable a security professional to determine what kinds of attacks are available, what specific attacks are popular, and how to find information on the published attacks.
Understanding the World of Your Enemy With I-CAT (Internet-Categorization of Attacks Toolkit), National Information Systems Security Conference, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=151185
(Accessed March 5, 2024)