Analytic Attacks |
Attack Pattern ID: 281 (Meta Attack Pattern Completeness: Stub) | Typical Severity: Medium | Status: Draft |
Summary
An attacker performs an analysis of a target system, protocol, message, or application in order to overcome protections on the target or as a precursor to other attacks. Analysis can involve dissection of an application, analysis of message patterns, formal analysis of protocols, or other methods. The outcome of these attacks can be disclosure of sensitive information, or disclosure of security configuration that leads to further attacks targeted to discovered weaknesses.
Any entity that can be observed by an attacker could potentially be vulnerable to an analysis attack.
Most analysis attacks require tools in order to collect information about the target. For example, scanning suites and packet sniffers might be used to analyze a web service or protocol. Moreover, following collection of information, some attacks require additional tools in order to process the discovered data. Cryptanalysis applications are one example of such tools. Finally, some of these attacks require a high level of sophistication on the part of an attacker in order to extract useful results from collected information.
Implementation: When possible, minimize the information a system displays about itself, including minimizing unnecessary information in error messages and other descriptive messages.
Design: Utilize techniques to minimize covert information. For example, intentionally throttling network throughput can hide an entities true throughput potential.
Nature | Type | ID | Name | Description | View(s) this relationship pertains to |
---|---|---|---|---|---|
ChildOf | Category | 210 | Abuse of Functionality | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 97 | Cryptanalysis | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 167 | Lifting Sensitive Data from the Client | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 169 | Footprinting | Mechanism of Attack (primary)1000 | |
ParentOf | Attack Pattern | 188 | Reverse Engineering | Mechanism of Attack (primary)1000 | |
ParentOf | Category | 224 | Fingerprinting | Mechanism of Attack1000 |