Exploit Potential

AS STATED, communications security is protection of access to an item—or datum of meaning. Wherein access (social form) is defined as the ability of an actor to see/find/contact, open/know and/or change/edit/use an item.

As explained, we found that on a network computer—security—is all about protecting copies of datums—whereby we can have three possible types named as Primary, Secondary and Tertiary Copies.

Assumed has been that we are (typically) protecting a private/secret-datum which is to be securely communicated from one party to another.

In other words, we are dealing with the case whereby one wishes to maintain restricted social access to a datum (Privacy Status); being a status that must be preserved/defended; and so we wish to avoid instances of an unwarranted party being able to make an illegitimate copy of said datum and/or to open up the inner contents of this item to extract meaning.


Exploit Pathways

It is salient to picture a generalised hacking procedure; and we can begin our analysis using the Cybersecurity System Access Diagram.

 

Infographic_A7

SCF 1.0 – InfoGraphic A

Cybersecurity System Access Gateways

Source: ‘The Science Of Cybersecurity’ (2017) – by Alan Radley

 

In order to break-into a network security system, a ‘hacker’ must obtain access to a primary, secondary or tertiary copy—existing on a Primary, Secondary or Tertiary Network. In order to do so, the intruder must first contact with the copy’s FORM on a related media of Storage, Transfer or Access—existing within the boundaries of said network.

Next the intruder must traverse (pass-through) this same Physical Gateway, before opening a Virtual Gateway to obtain an intact copy of the datum in its raw form. Finally in order to open up the datum-copy’s inner meaning (CONTENT) all existing Meaning Gateway(s) must be opened (in the correct order)—being of the Metrical, Selectional and Descriptive types.

Ergo—it is important to realise, that for any party to gain access to a protected datum-copy; then all of these steps—Physical Gateway, Virtual Gateway and Meaning Gateway(s) must be successfully traversed for a successful ‘exploit’ or ‘hack’. Note that accordingly—each Attack Surface in question is normally defended by some means (basically by locking, blocking or concealing the gateway in question). QED.


Taxonomy of Cyber-Threats

Now within the boundaries of this logical analysis—it is possible to develop a taxonomy of all the classes of Cyber-threats that are possible in a nominal network communications security system.

We can begin such an analysis by examining all of the different Form and Meaning facets of a Copy that can exist on said network communications system; as shown in the Venn diagram below. This diagram teaches how any particular System-Entry Method or Access Gateway comes to be; and illustrates its most basic aetiology.

 

Infographic_G6

SCF 1.0 – InfoGraphic G

Venn Diagram

Cybersecurity System Access Gateways

Source: ‘The Science Of Cybersecurity’ (2017) – by Alan Radley

 

Moving on, and by means of an exhaustive analysis of all the different ways in which a Datum Copy can some to exist on a Networked Communications System; we are able to break-down and identify all of the different ways in which an Attacker can try to gain access to a Private or Secret Datum present on the same system (see related analysis presented under the Countermeasures section).

Accordingly, we have listed all possible classes of Cyber-threats in the diagram below named: Taxonomy of Cyber-Threats and Effective Countermeasures. We note that this diagram provides a useful summary of the results of all the theoretical work laid out on the present site.

Infographic_H10b

SCF 1.0 – InfoGraphic H (Version 1.0)

Taxonomy Of Cyberthreats And Effective Countermeasures

Source: ‘The Science Of Cybersecurity’ and this site (2017) – by Alan Radley

Cybersecurity Exploit Potential (Equation Form)

Another way of assessing security system vulnerability; is in the form of a single equation; named as the Cybersecurity Exploit Potential.

Such an analysis provides a neat quantitive measure of the likelihood of a nominal Cybersecurity system being ‘hacked’; whilst offering a useful starting point from which to begin a more detailed security analysis of any real-world system.

 

Computer / Application / Networked System (typical) =

Primary-Network + Secondary-Network(s) + Tertiary-Network(s)—(A)

 

Total number of datum-copies held on a single network [N (media)]:

N (media) = sum total of all media copies (permanent/transitory).

N (media) = N (Transfer Media) + N (Storage Media) + N (Access Media)—(B)

 

Total number of datum-copies on all networks (single system) [N (total)]: 

N (total) = sum total of all copies, for all networks, on all media.

N (total) = N (Primary) [N (transfer) + N (storage) + N (access )]

                 + N (Secondary(s)) [N (transfer) + N (storage) + N (access )]

                 + N (Tertiary(s)) [N (transfer) + N (storage) + N (access )]—(C)

 

Access Pathway: AP [for a single datum held on a single media] =

Actor must traverse a specific pathway to access a datum-copy.

AP = Physical Gateway(s) + Virtual Gateway(s) + Meaning Gateway(s)—(D)

 

Total Number of Access Pathway(s) for all datum-copies [N (AP)]:

N (AP) = Integral property (summed across all media) for a specific time-period:

N (AP) = Integral of all possible Access Pathway(s) for all copies (all networks):

N (AP) = AP (total) * N (total)—(E) 

 

Exploit Potential: EP (total) =

Integral of potential copy exposure events for time-period:

EP (total) = N (AP) * UP (fractional percentage of unprotected AP(s))—(F)