Skip to end of banner
Go to start of banner

A Classification of IAM Related Incident Classes (Research Note - IAM)

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Context

IAM

Title

A Classification of IAM Related Incident Classes

Version

1.0 EARLY DRAFT

Summary

In order to enable the measurement of IAM related, it is necessary to establish a classification of IAM related incident classes. This page is a placeholder where to progressively consolidate references to IAM related incident classes.

See Also

TODO

Approach

In order to enable the measurement of IAM related, it is necessary to establish a classification of IAM related incident classes. At this point, this page is a placeholder where references to IAM related incident classes are progressively inventories. It is by no mean complete.

Call for contributions

If you are aware of classes not yet referenced on this page or if you are aware of complementary source references, please let us know and contribute.

Classification

Class

Definition

Sources

Phishing

Class: Information Gathering

Attempt to gather information on a user or a system through phishing methods.

Including;

  • Mass emailing aimed at collecting data for phishing purposes with regard to the victims (Dissemination of phishing emails: Art. 7 [H], Art. 7 [G])

  • Hosting web sites for phishing purposes (Hosting of phishing sites: Art. 7 [F]

ENISA and Europol EC3, 2017

Login attempt

Class: Intrusion Attempt and Intrusion

Attempt to log in to services or authentication / access control mechanisms.

Including:

  • Unsuccessful login by using sequential credentials for gaining access to the system (Brute-force attempt:, Art. 2, 6 and 11 [A] - Art. 3,7 and 8 [F])

  • Unsuccessful acquisition of access credentials by breaking the protective cryptographic keys. (Password cracking attempt: - Art. 2, 6 and 11 [A] - Art. 3,7 and 8 [F])

  • Unsuccessful login by using system access credentials previously loaded into a dictionary. (Dictionary attack attempt: - Art. 2, 6 and 11 [A] - Art. 3,7 and 8 [F])

ENISA and Europol EC3, 2017

Unauthorised access to a system or component by bypassing an access control system in place.

Class: Intrusion

Type: (Successful) Exploitation of vulnerability

Actual intrusion by exploiting vulnerability in the system, component or network.

Unauthorised access to a system or component by bypassing an access control system in place. (Control system bypass: (Art. 2 [A], Art. 3 and 7 [F])

ENISA and Europol EC3, 2017

Compromising an account

Class: Intrusion

Actual intrusion in a system, component or network by compromising a user or administrator account.

Unauthorised access to a system or component by using stolen access credentials. (Theft of access credentials: Art. 6 [A], Art. 3 and 7 [F])

ENISA and Europol EC3, 2017

  • No labels

Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.

This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.