A Taxonomy For Network Vulnerabilities

The number of reported vulnerabilities is dramatically rising every year. in addition, the combination ofdifferent kinds of network devices, services and applications in a complex manner lead to increase the complexity ofvulnerabilities. increasing the number of vulnerabilities and their complications show the importance of vulnerabilitytaxonomies which could provide a common language for defining vulnerabilities and help analyze and assess them.both the advantages of using vulnerability taxonomies and the features of the taxonomies that have ever beensuggested encouraged us to offer the new network vulnerability taxonomy. our proposed taxonomy is a multidimensionaland hierarchical taxonomy which classifies network vulnerabilities based on their location, cause andimpact. these are three dimensions of our taxonomy. we use itu-t x-805 security architecture to provide acomprehensive layered classification for the location dimension and also use common weakness enumeration (cwe)project to provide a complete layered classification for the cause dimension of the proposed taxonomy. finally, weevaluate our taxonomy based on taxonomy requirements. in addition, to demonstrate the usefulness of our taxonomy,a case study applies the taxonomy to a number of network vulnerabilities. we also use this taxonomy to analyzenetwork vulnerabilities. the result of our analysis is a matrix that demonstrates the distribution of networkvulnerabilities based on their causes, locations and impacts. in addition to offering a taxonomy that is specific tonetwork vulnerabilities and is beneficial for analyzing network vulnerabilities by covering almost all possiblecombinations of causes, locations, and impacts, we also introduce and consider network activities in the classificationof location dimension for the first time.