Monday, August 22, 2011

Classifying Hacking in 4D: Impact, Illegality, Evilness and Complexity

This chart is an attempt to classify hacking events and methods with something more than the simple black, white and grey hat hacking classification. After looking through a number of different possible attributes, the ones I came up with were the following, each rated on a scale of 0 to 10.
    what sort of damage has been done to systems or to finances. a score of 0 means an improvement was made to the system due to the hack.
    where on the legal scale does the event lie in the range of 100% legal to 100% illegal, or it might be a bit of a "grey area"?
    yes, a bit subjective I know, but can we generalize that the motivation of the attacker is good, evil or maybe something in between?
    how complex was the attack, is it a simple DDOS or an advanced threat like an online banking password stealing botnet?
Please note that this is just the first draft of the chart, and I've guesstimated the above data as best as I could. This is an attempt to see how the chart feels when classifying hacking methods.

Any comments would be most appreciated.

Follow @dodgy_coder

Subscribe to posts via RSS

No comments:

Post a Comment