É com prazer que informamos que os artigos “A Meta-Analysis for Security Threats over the Web Ecosystem“ e “Towards a Taxonomy for Security Threats on the Web Ecosystem” ambos de autoria de Carlo Marcelo Revoredo da Silva, Jose Lutiano Costa da Silva, Ricardo Batista Rodrigues, Daniel Couto Gatti, Pericles Cunha Barbosa de Miranda, Kellyton dos Santos Brito, Leandro Marques do Nascimento, Rodrigo Elia Assad, Ruy José Guerra Barreto de Queiroz e Vinicius Cardoso Garcia foram aceitos para apresentação no IEEE/IFIP Network Operations and Management Symposium (NOMS 2016), que vai ser realizado entre os dias 25 a 29 de Abril de 2016 na cidade de Istambul.
O abstract dos artigos são os seguintes:
A Meta-Analysis for Security Threats over the Web Ecosystem: This article presents an analysis on the attacks related to the sensitive data breach in the Web ecosystem. The study is based on an Meta-Analysis which identified the significance of 21 years of relevant contributions to the subject. Considering the results we elaborate two contributions: (i) we group attacks according to their behavior and (ii) we reveal the most serious emerging attacks. Additionally, we present our critical sense in relation to an overall perspective on the results.
Towards a Taxonomy for Security Threats on the Web Ecosystem: The aim of this paper is to present a taxonomy for security threats on the Web ecosystem. We proposes a classification model based on 21 vectors divided into 8 distinct security threats, making use of levels of abstraction and criteria for discrimination which consider propagation and similarity in vulnerabilities. We also propose to estimate the risk factor and impacts on assets, considering data breaches, human aspects and service reliability. In addition, we validate the taxonomic model proposed through the catalogues of attacks facing the public. Thus, it was possible to observe its applicability for most of the attacks which appear before the public.
Maiores informações sobre o primeiro trabalho podem ser encontradas no post Uma Meta-Análise sobre Ameaças à Segurança no Ecossistema Web.