Welcome to Attack Patterns.  For several years I've been doing research into improving software security through improving the development process.  Part of that research is into patterns that apply to software security.  Chief amongst these patterns is Attack Patterns.  Additionally there are two other forms of software security oriented patterns, Security Patterns, and Defensive Coding Patterns. 

Attack Patterns (APs) as used in this context are not trends in software viri or hacking attempts.  Attack Patterns as defined here are:

Attack Pattern:

"A series of repeatable steps that can be applied in a consistant and reliable manner to simulate an attack against a software system."

From the development life cycle end of the spectrum there are two categories of attack patterns, Architectural and Physical. Architectural attack patterns are used to attack flaws in the architectural design of the system. These are things like attacks against a weaknesses in protocols, authentication strategies, and system modularization. These are more logical level attacks than actual bit manipulation attacks. Physical attack patterns are targeted at the code itself. These are things such as SQL Injection attacks, Buffer Overflows, race conditions, and the more common forms of attacks that have become popular in the news and with script kiddies.

There is a third category of attack patterns that are independent such as Trojan Horse attacks, viri, and worms. These are not something that you can design out of your product. They operate outside and independent of any particular product. However vulnerabilities in a product can lead to these other attacks being successful, or at a minimum facilitating these attacks on a system hosting the vulnerable product. For example the vulnerable edition of SQL Server which allowed the Slammer worm to propagate itself. The worm itself can’t be designed out, but the vulnerability in the product can be.

Attack Patterns are most useful for testing purposes, but are also very important for ensuring proper architecture design, and coding techniques are used to prevent potential vulnerabilities. The APs themselves can be used to highlight areas that need to be considered for securing in a software application. They also provide either physically or in reference, the common solution pattern for preventing the vulnerability. This itself can lead to another category of patterns, Defensive Coding Patterns which we will also cover on this web site.

There are many commonly accepted patterns in software design and development. These are very familiar to software professionals. So to be useful, and to reduce any learning curve by introducing Attack Patterns, keeping the pattern structure as close to existing patterns is preferable. However, due to their nature some deviance from standardised pattern languages such as those used by The GoF and Martin Fowler may be necessary.