Common Attack Pattern Enumeration and Classification (CAPEC™)

In the CyberSecurity Operations course there are mutiple descriptions of attack patterns. CAPEC is a good source to understand cyber attacks.

The objective of the Common Attack Pattern Enumeration and Classification (CAPEC™) effort is to provide a publicly available catalog of common attack patterns classified in an intuitive manner, along with a comprehensive schema for describing related attacks and sharing information about them.

Some Well-Known Attack Patterns:
HTTP Response Splitting (CAPEC-34) Session Fixation (CAPEC-61) Cross Site Request Forgery (CAPEC-62) SQL Injection (CAPEC-66) Cross-Site Scripting (CAPEC-63) Buffer Overflow (CAPEC-100) Clickjacking (CAPEC-103) Relative Path Traversal (CAPEC-139) XML Attribute Blowup (CAPEC-229)

For an experienced security engineer, the value of an attack pattern is not that it presents a new idea, but that it helps communicate a common idea with others. If you and a colleague all know what clickjacking is, then you can communicate a lot by saying: "This attack leverages clickjacking."

This information when captured in such a formalized way can bring considerable value to security considerations for cyber-enabled capabilities through all phases of the development lifecycle and other security-related activities, including:

Requirements Gathering – Identification of relevant security requirements, misuse and abuse cases.
Architecture and Design – Provide context for architectural risk analysis and guidance for security architecture.
Implementation and Development – Prioritize and guide review activities.
Testing and Quality Assurance – Provide context for appropriate risk-based and penetration testing.
System Operation – Leverage lessons learned from security incidents into preventative guidance
Policy and Standard Generation – Guide the identification of appropriate prescriptive organizational policies and standards.

Of course, attack patterns are not the only useful tool for building secure cyber-enabled capabilities. Many other tools, such as misuse/abuse cases, security requirements, threat models, knowledge of common weaknesses and vulnerabilities, and attack trees, can help. Attack patterns play a unique role amid this larger architecture of security knowledge and techniques.

Source URL: http://capec.mitre.org/about/index.html

Posted at 08:08 PM in Trends | Permalink

Comments

You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

Posted by: |

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:

Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Post a comment

Your Information

(Name and email address are required. Email address will not be displayed with the comment.)

Name is required to post a comment

Please enter a valid email address

Invalid URL

vzw BiASC asbl

Categories

Friday, 05 January 2018