Internet-based security incidents and the potential for false alarms |
The provision of security represents an important consideration for Internet-based systems and media reports suggest that certain sites experience a significant number of remote attacks. However, the validity of such claims depends upon what type of event is considered to constitute an attack and whether an attempted security breach would be the only explanation for its occurrence.
Evans MP, Furnell SM
The paper explains the background to experimental work that was conducted with the aim of measuring aspects of the WWW (specifically the average lifetime of a web link and the impact of the ?Millennium Bug?), but which inadvertently caused two perceived security breaches on remote systems. The paper explains the nature of these incidents and considers why, when over 700,000 IP addresses were randomly sampled in the experimental study, only two sites considered the activity to be an attempt to breach their security. It is concluded that, while the appropriate protection of Internet-based systems is undoubtedly of importance, the problems experienced during the experimental study suggest a lack of uniformity in what different organisations will class as a security breach.