![]() This table shows the views that this attack pattern belongs to and top level categories within that view. However, it wasn't until the late 1980s that the first documented case of exploiting a buffer overflow had occurred, where the UNIX 'finger' service was exploited with a stack overflow to further spread the Morris worm. A standard level attack pattern is a specific type of a more abstract meta level attack pattern. History Buffer overflows date back to the 1970s. A standard attack pattern is meant to provide sufficient details to understand the specific technique and how it attempts to accomplish a desired goal. ![]() It is often seen as a singular piece of a fully executed attack. Standard Attack Pattern - A standard level attack pattern in CAPEC is focused on a specific methodology or technique used in an attack. A detailed level attack pattern often will leverage a number of different standard level attack patterns chained together to accomplish a goal.īuffer Overflow in Local Command-Line Utilitiesīuffer Overflow via Environment VariablesĬlient-side Injection-induced Buffer Overflow Overview of Buffer Overflow Attacks A buffer overflow can occur when a process (as a result of programming error) attempts to store data beyond the limits of a fixed-size buffer and consequently overwrites adjacent memory locations. When a programmer writes software that expects. ![]() Detailed attack patterns are more specific than meta attack patterns and standard attack patterns and often require a specific protection mechanism to mitigate actual attacks. A buffer overflow attack is perhaps the most common system compromise in the history of computing security. Meta level attack patterns are particularly useful for architecture and design level threat modeling exercises.ĭetailed Attack Pattern - A detailed level attack pattern in CAPEC provides a low level of detail, typically leveraging a specific technique and targeting a specific technology, and expresses a complete execution flow. A meta level attack pattern is a generalization of related group of standard level attack patterns. A meta attack pattern is often void of a specific technology or implementation and is meant to provide an understanding of a high level approach. Meta Attack Pattern - A meta level attack pattern in CAPEC is a decidedly abstract characterization of a specific methodology or technique used in an attack.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |