Noon Attacks on computing system security have different levels of detectability. Some attacks on computing system security have consequences which are relatively easy to detect, such as distributed denial of service (DDOS) attacks or physical attacks such as bombs, earthquakes, or power grid shutdowns. Other attacks are surreptitious, such as data theft or malware infection, and their consequences may go undetected for a long time or until a large portion of the computing system is implicated, or both. Note that the word “attack” is used broadly herein to cover both intended threats (e.g., bombs, DDOS attacks) and unintended threats (e.g., earthquakes, software bugs) to the desired and authorized operation of the computing system. Note also that detecting the consequences of an attack is not necessarily identical with detecting the nature of the attack, much less detecting the source of the attack.
Attacks on computing system security also take many different forms. Some attacks rely mainly or entirely on overcoming, tricking, or evading software protections, such as anti-malware software or firewalls or encryptions. Other attacks rely in some critical way on overcoming, tricking, or evading human precautions, such as the prevalent human suspicion of email which presents an offer that seems too good to be true.
New attacks on computer security are continually being developed and put into use by criminal, malicious, or underground individuals and organizations. As computing systems continue to grow in size, in complexity, and in their fields of use, new vulnerabilities emerge. Accordingly, new technologies for detecting attacks on computing system security are worth careful consideration.