Software Engineering, International Conference on (2003)
May 3, 2003 to May 10, 2003
Richard A. Kemmerer , University of California Santa Barbara
As more business activities are being automated and an increasing number of computers are being used to store sensitive information, the need for secure computer systems becomes more apparent. This need is even more apparent as systems and applications are being distributed and accessed via an insecure network, such as the Internet. The Internet itself has become critical for governments, companies, financial institutions, and millions of everyday users. Networks of computers support a multitude of activities whose loss would all but cripple these organizations. As a consequence, cybersecurity issues have become national security issues. Protecting the Internet is a difficult task.<div></div> Cybersecurity can be obtained only through systematic development; it can not be achieved through haphazard seat-of-the-pants methods. Applying software engineering techniques to the problem is a step in the right direction. However, software engineers need to be aware of the risks and security issues associated with the design, development, and deployment of network-based software.<div></div> This paper introduces some known threats to cybersecurity, categorizes the threats, and analyzes protection mechanisms and techniques for countering the threats. Approaches to prevent, detect, and respond to cyber attacks are also discussed.
R. A. Kemmerer, "Cybersecurity," Software Engineering, International Conference on(ICSE), Portland, Oregon, 2003, pp. 705.