In order to accurately and succinctly describe an Attack Pattern, we must have a
consistent and easily consumable way of representing the pattern to the user. Therefore
we want to try and stay close to existing pattern representations that exist in
the industry and add the necessary information to ensure we convey the pattern properly.
This will allow for easy adoption as the format is familiar. However our new Attack
Pattern structure contains different fields, and they are used quite differently
than standard software patterns.
The following is the structure for recording Attack patterns
|
1. Pattern Name |
10. Dependencies and Conditions |
|
2. Type & Subtypes |
11. Sample Attack Code |
|
3. Also Known As |
12. Existing Exploits |
|
4. Description |
13. Follow-On Attacks |
|
5. Attacker Intent |
14. Mitigation Types |
|
6. Motivation |
15. Recommended Mitigation |
|
7. Exploitable Vulnerability |
16. Related Patterns |
|
8. Participants |
17. Related Alerts, Listings and Publications |
|
9. Process Diagram |
|
Table 1 Proposed attack pattern definition
These fields are described in detail on the
Attack Pattern Fields page.