Hacking Framework Extended: The Role of

VulnerabilitiesJoseph H. Schuessler

Bahorat Ibragimova

8th Annual Security ConferenceLas Vegas, NevadaApril 15th & 16th 2009

In view of all the deadly computer viruses that have been spreading lately, Weekend

Update would like to remind you: when you link up to another computer, you're linking up

to every computer that that computer has ever linked up to. — Dennis Miller

Introduction – Literature Review – Methodology – Results - Conclusions

Motivation

• Origin of Threats

• Costs associated with breaches

• Hacking Framework

Introduction – Literature Review – Methodology – Results - Conclusions

Conceptual Model

Introduction – Literature Review – Methodology – Results - Conclusions

Number of Broadband

Connections www.fcc.gov

Environment

Reconnaissance www.us-cert.gov

H1 H7

Malicious Code www.us-cert.gov

User Compromise

www.us-cert.gov

Vulnerabilityicat.nist.gov

H9

H5

H2

H8

H3

H4

H6

Hacking Framework

• Reconnaissance

• Number of Broadband Connections

• Malicious Code

• User Compromise

• Vulnerabilities

Introduction – Literature Review – Methodology – Results - Conclusions

Hypotheses

Introduction – Literature Review – Methodology – Results - Conclusions

Hypothesis

H1 There is a positive relationship between broadband connections and reconnaissance activities.

H2 There is a positive relationship between reconnaissance activities malicious code incidents.

H3 There is a positive relationship between broadband connections and user compromise.

H4 There is a positive relationship between reconnaissance and user compromise.

H5 There is a positive relationship between malicious code and user compromise.

H6 There is a positive relationship between malicious code and broadband connections.

H7 There is a positive relationship between reconnaissance and system vulnerabilities.

H8 There is a positive relationship between system vulnerabilities and malicious code incidents.

H9 There is a positive relationship between system vulnerabilities and user compromise.

Data Analysis

• Archival Data:– ICAT Database maintained by the NIST– Federal Communications Commission (FCC)– United States Computer Emergency

Readiness Team (CERT/CC)

• SmatPLS

Introduction – Literature Review – Methodology – Results - Conclusions

Research Model

Introduction – Literature Review – Methodology – Results - Conclusions

Number of Broadband

ConnectionsR2 = .000

Environment

ReconnaissanceR2 = .053

.229-.085

Malicious CodeR2= .658

User Compromise

R2 = .129

VulnerabilityR2 = .007

.297

-.071

.744

-.033

.248

.008

.185

HypothesesHypotheses Independent

VariableDependent

VariableStandardized path

CoefficientSignificance

LevelSupportα = .10

H1Broadband

ConnectionsReconnaissance .229 .027 √

H2 Reconnaissance Malicious Code .744 .008 √

H3Broadband

ConnectionsUser Compromise .248 .010 √

H4 Reconnaissance User Compromise -.008 .491 X

H5 Malicious Code User Compromise -.071 .425 X

H6Broadband

ConnectionsMalicious Code .185 .022 √

H7 Reconnaissance Vulnerabilities -.085 .103 X

H8 Vulnerabilities Malicious Code -.033 .117 X

H9 Vulnerabilities User Compromise .297 .050 √

Introduction – Literature Review – Methodology – Results - Conclusions

Conclusions

• User Compromise

• Other Predictors

• Vulnerability Types

Introduction – Literature Review – Methodology – Results - Conclusions

Questions

• Contact Information:– Joseph H. Schuessler– 2122 W Prairie– Denton, Texas 76201– joseph.schuessler@schuesslersounds.com– http://joseph.schuesslersounds.com

Introduction – Literature Review – Methodology – Results - Conclusions