Analytic Attacks
Attack Pattern ID: 281 (Meta Attack Pattern Completeness: Stub)Typical Severity: MediumStatus: Draft
+ Description

Summary

An attacker performs an analysis of a target system, protocol, message, or application in order to overcome protections on the target or as a precursor to other attacks. Analysis can involve dissection of an application, analysis of message patterns, formal analysis of protocols, or other methods. The outcome of these attacks can be disclosure of sensitive information, or disclosure of security configuration that leads to further attacks targeted to discovered weaknesses.

+ Attack Prerequisites

Any entity that can be observed by an attacker could potentially be vulnerable to an analysis attack.

+ Resources Required

Most analysis attacks require tools in order to collect information about the target. For example, scanning suites and packet sniffers might be used to analyze a web service or protocol. Moreover, following collection of information, some attacks require additional tools in order to process the discovered data. Cryptanalysis applications are one example of such tools. Finally, some of these attacks require a high level of sophistication on the part of an attacker in order to extract useful results from collected information.

+ Solutions and Mitigations

Implementation: When possible, minimize the information a system displays about itself, including minimizing unnecessary information in error messages and other descriptive messages.

Design: Utilize techniques to minimize covert information. For example, intentionally throttling network throughput can hide an entities true throughput potential.

+ Related Weaknesses
CWE-IDWeakness NameWeakness Relationship Type
330Use of Insufficiently Random ValuesSecondary
514Covert ChannelSecondary
200Information ExposureSecondary
+ Related Attack Patterns
NatureTypeIDNameDescriptionView(s) this relationship pertains toView\(s\)
ChildOfCategoryCategory210Abuse of Functionality 
Mechanism of Attack (primary)1000
ParentOfAttack PatternAttack Pattern97Cryptanalysis 
Mechanism of Attack (primary)1000
ParentOfAttack PatternAttack Pattern167Lifting Sensitive Data from the Client 
Mechanism of Attack (primary)1000
ParentOfAttack PatternAttack Pattern169Footprinting 
Mechanism of Attack (primary)1000
ParentOfAttack PatternAttack Pattern188Reverse Engineering 
Mechanism of Attack (primary)1000
ParentOfCategoryCategory224Fingerprinting 
Mechanism of Attack1000