Class: AttackPattern
An attack pattern is an abstraction mechanism for helping describe how an attack is
executed. Each pattern defines a challenge that an attacker may face, provides a
description of the common technique(s) used to meet the challenge, and presents
recommended methods for mitigating an actual attack. Attack patterns help categorize
attacks in a meaningful way in an effort to provide a coherent way of teaching
designers and developers how their systems may be attacked and how they can effectively
defend them.
URI: capec:AttackPattern
classDiagram
class AttackPattern
click AttackPattern href "../AttackPattern/"
AttackPattern : abstraction
AttackPattern --> "1" AbstractionEnum : abstraction
click AbstractionEnum href "../AbstractionEnum/"
AttackPattern : alternate_terms
AttackPattern --> "*" AlternateTerm : alternate_terms
click AlternateTerm href "../AlternateTerm/"
AttackPattern : consequences
AttackPattern --> "*" Consequence : consequences
click Consequence href "../Consequence/"
AttackPattern : content_history
AttackPattern --> "0..1" ContentHistory : content_history
click ContentHistory href "../ContentHistory/"
AttackPattern : description
AttackPattern : example_instances
AttackPattern : execution_flow
AttackPattern --> "*" AttackStep : execution_flow
click AttackStep href "../AttackStep/"
AttackPattern : extended_description
AttackPattern : id
AttackPattern : indicators
AttackPattern : likelihood_of_attack
AttackPattern --> "0..1" LikelihoodEnum : likelihood_of_attack
click LikelihoodEnum href "../LikelihoodEnum/"
AttackPattern : mitigations
AttackPattern : name
AttackPattern : notes
AttackPattern --> "*" Note : notes
click Note href "../Note/"
AttackPattern : prerequisites
AttackPattern : references
AttackPattern --> "*" Reference : references
click Reference href "../Reference/"
AttackPattern : related_attack_patterns
AttackPattern --> "*" RelatedAttackPattern : related_attack_patterns
click RelatedAttackPattern href "../RelatedAttackPattern/"
AttackPattern : related_weaknesses
AttackPattern : resources_required
AttackPattern : skills_required
AttackPattern --> "*" Skill : skills_required
click Skill href "../Skill/"
AttackPattern : status
AttackPattern --> "1" StatusEnum : status
click StatusEnum href "../StatusEnum/"
AttackPattern : taxonomy_mappings
AttackPattern --> "*" TaxonomyMapping : taxonomy_mappings
click TaxonomyMapping href "../TaxonomyMapping/"
AttackPattern : typical_severity
AttackPattern --> "0..1" SeverityEnum : typical_severity
click SeverityEnum href "../SeverityEnum/"
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| id | 1 Integer |
Unique integer identifier for the entry | direct |
| name | 1 String |
Descriptive title used to give the reader an idea of what the entry represent... | direct |
| status | 1 StatusEnum |
The development and usage status level for this entry | direct |
| description | 1 StructuredText |
A high level description of the attack pattern | direct |
| notes | * Note |
Additional comments and notes about this entry that cannot be captured using ... | direct |
| content_history | 0..1 ContentHistory |
Tracks the original author of this entry and any subsequent modifications to ... | direct |
| references | * Reference |
Links to external references for further reading and insight into this entry | direct |
| taxonomy_mappings | * TaxonomyMapping |
Mappings from this entry to equivalent or related entries in taxonomies outsi... | direct |
| abstraction | 1 AbstractionEnum |
The abstraction level for this attack pattern | direct |
| extended_description | 0..1 StructuredText |
Additional details important to this attack pattern beyond what is conveyed i... | direct |
| alternate_terms | * AlternateTerm |
One or more other names by which this attack pattern may be known | direct |
| likelihood_of_attack | 0..1 LikelihoodEnum |
An overall average likelihood value for attacks that leverage this attack pat... | direct |
| typical_severity | 0..1 SeverityEnum |
An overall average severity value for attacks that leverage this attack patte... | direct |
| related_attack_patterns | * RelatedAttackPattern |
References to other attack patterns that give insight to similar items at hig... | direct |
| execution_flow | * AttackStep |
A detailed step-by-step flow of the attack pattern, listing the typical steps... | direct |
| prerequisites | * StructuredText |
The conditions that must exist in order for an attack leveraging this pattern... | direct |
| skills_required | * Skill |
The level of skills or specific knowledge needed by an adversary to execute t... | direct |
| resources_required | * StructuredText |
The resources (e | direct |
| indicators | * StructuredText |
Activities, events, conditions or behaviors that may indicate that an attack ... | direct |
| consequences | * Consequence |
Individual consequences associated with this attack pattern, specifying the s... | direct |
| mitigations | * StructuredText |
Actions or approaches to prevent or mitigate the risk of an attack that lever... | direct |
| example_instances | * StructuredText |
One or more concrete example instances of this attack pattern to help the rea... | direct |
| related_weaknesses | * Integer |
References to CWE weaknesses associated with this attack pattern | direct |
Usages
| used by | used in | type | used |
|---|---|---|---|
| AttackPatternCatalog | attack_patterns | range | AttackPattern |
In Subsets
Identifier and Mapping Information
Annotations
| property | value |
|---|---|
| xsd_type | AttackPatternType |
| description_note | The required Description element represents a high level description of the attack pattern (no longer than a few sentences). The optional Extended_Description element provides additional details. Typical_Severity and Likelihood_Of_Attack capture average values with the understanding they will not be accurate for all attacks. |
Schema Source
- from schema: https://w3id.org/lmodel/capec
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | capec:AttackPattern |
| native | capec:AttackPattern |
| related | attack:Technique, wasc:Threat, owasp:Attack |
| close | stix:attack-pattern |
LinkML Source
Direct
name: AttackPattern
annotations:
xsd_type:
tag: xsd_type
value: AttackPatternType
description_note:
tag: description_note
value: The required Description element represents a high level description of
the attack pattern (no longer than a few sentences). The optional Extended_Description
element provides additional details. Typical_Severity and Likelihood_Of_Attack
capture average values with the understanding they will not be accurate for
all attacks.
description: 'An attack pattern is an abstraction mechanism for helping describe how
an attack is
executed. Each pattern defines a challenge that an attacker may face, provides a
description of the common technique(s) used to meet the challenge, and presents
recommended methods for mitigating an actual attack. Attack patterns help categorize
attacks in a meaningful way in an effort to provide a coherent way of teaching
designers and developers how their systems may be attacked and how they can effectively
defend them.'
in_subset:
- catalog_entries
from_schema: https://w3id.org/lmodel/capec
close_mappings:
- stix:attack-pattern
related_mappings:
- attack:Technique
- wasc:Threat
- owasp:Attack
slots:
- id
- name
- status
- description
- notes
- content_history
- references
- taxonomy_mappings
- abstraction
- extended_description
- alternate_terms
- likelihood_of_attack
- typical_severity
- related_attack_patterns
- execution_flow
- prerequisites
- skills_required
- resources_required
- indicators
- consequences
- mitigations
- example_instances
- related_weaknesses
slot_usage:
description:
name: description
annotations:
xsd_element:
tag: xsd_element
value: Description
xsd_type:
tag: xsd_type
value: StructuredTextType
description: 'A high level description of the attack pattern. The description
should be no
longer than a few sentences and should include how malicious input is initially
supplied, the weakness being exploited, and the resulting negative technical
impact. A full step-by-step description belongs in the Execution_Flow element.'
range: StructuredText
required: true
abstraction:
name: abstraction
annotations:
xsd_attribute:
tag: xsd_attribute
value: Abstraction
description: The abstraction level for this attack pattern. Defines whether this
is a Meta, Standard, or Detailed level pattern.
range: AbstractionEnum
required: true
extended_description:
name: extended_description
annotations:
xsd_element:
tag: xsd_element
value: Extended_Description
xsd_type:
tag: xsd_type
value: StructuredTextType
description: Additional details important to this attack pattern beyond what is
conveyed in the main description, but not necessary to understand the fundamental
concept.
range: StructuredText
alternate_terms:
name: alternate_terms
annotations:
xsd_element:
tag: xsd_element
value: Alternate_Terms/Alternate_Term
xsd_type:
tag: xsd_type
value: AlternateTermsType
description: One or more other names by which this attack pattern may be known.
range: AlternateTerm
multivalued: true
inlined_as_list: true
likelihood_of_attack:
name: likelihood_of_attack
annotations:
xsd_element:
tag: xsd_element
value: Likelihood_Of_Attack
xsd_type:
tag: xsd_type
value: LikelihoodEnumeration
description: An overall average likelihood value for attacks that leverage this
attack pattern, with the understanding that it will not be completely accurate
for all attacks.
range: LikelihoodEnum
typical_severity:
name: typical_severity
annotations:
xsd_element:
tag: xsd_element
value: Typical_Severity
xsd_type:
tag: xsd_type
value: SeverityEnumeration
description: An overall average severity value for attacks that leverage this
attack pattern, with the understanding that it will not be completely accurate
for all attacks.
range: SeverityEnum
related_attack_patterns:
name: related_attack_patterns
annotations:
xsd_element:
tag: xsd_element
value: Related_Attack_Patterns/Related_Attack_Pattern
xsd_type:
tag: xsd_type
value: RelatedAttackPatternType
description: References to other attack patterns that give insight to similar
items at higher and lower levels of abstraction.
range: RelatedAttackPattern
multivalued: true
inlined_as_list: true
execution_flow:
name: execution_flow
annotations:
xsd_element:
tag: xsd_element
value: Execution_Flow/Attack_Step
xsd_type:
tag: xsd_type
value: ExecutionFlowType
description: A detailed step-by-step flow of the attack pattern, listing the typical
steps performed by an adversary when leveraging the given technique. Usually
only applicable to Detailed abstraction level attack patterns.
range: AttackStep
multivalued: true
inlined_as_list: true
prerequisites:
name: prerequisites
annotations:
xsd_element:
tag: xsd_element
value: Prerequisites/Prerequisite
xsd_type:
tag: xsd_type
value: PrerequisitesType
description: The conditions that must exist in order for an attack leveraging
this pattern to succeed.
range: StructuredText
multivalued: true
skills_required:
name: skills_required
annotations:
xsd_element:
tag: xsd_element
value: Skills_Required/Skill
xsd_type:
tag: xsd_type
value: SkillsType
description: The level of skills or specific knowledge needed by an adversary
to execute this type of attack.
range: Skill
multivalued: true
inlined_as_list: true
resources_required:
name: resources_required
annotations:
xsd_element:
tag: xsd_element
value: Resources_Required/Resource
xsd_type:
tag: xsd_type
value: RequiredResourcesType
description: The resources (e.g., CPU cycles, IP addresses, tools) required by
an adversary to effectively execute this type of attack.
range: StructuredText
multivalued: true
indicators:
name: indicators
annotations:
xsd_element:
tag: xsd_element
value: Indicators/Indicator
xsd_type:
tag: xsd_type
value: IndicatorsType
description: Activities, events, conditions or behaviors that may indicate that
an attack leveraging this pattern is imminent, in progress, or has occurred.
range: StructuredText
multivalued: true
consequences:
name: consequences
annotations:
xsd_element:
tag: xsd_element
value: Consequences/Consequence
xsd_type:
tag: xsd_type
value: ConsequencesType
description: Individual consequences associated with this attack pattern, specifying
the security properties violated, technical impacts, and likelihoods.
range: Consequence
multivalued: true
inlined_as_list: true
mitigations:
name: mitigations
annotations:
xsd_element:
tag: xsd_element
value: Mitigations/Mitigation
xsd_type:
tag: xsd_type
value: MitigationsType
description: Actions or approaches to prevent or mitigate the risk of an attack
that leverages this attack pattern, aimed at improving system resiliency, reducing
attack surface, or reducing impact.
range: StructuredText
multivalued: true
example_instances:
name: example_instances
annotations:
xsd_element:
tag: xsd_element
value: Example_Instances/Example
xsd_type:
tag: xsd_type
value: ExampleInstancesType
description: One or more concrete example instances of this attack pattern to
help the reader understand its nature, context, and variability in practical
terms.
range: StructuredText
multivalued: true
related_weaknesses:
name: related_weaknesses
annotations:
xsd_element:
tag: xsd_element
value: Related_Weaknesses/Related_Weakness
xsd_type:
tag: xsd_type
value: RelatedWeaknessesType
description: References to CWE weaknesses associated with this attack pattern.
Any of the weaknesses (not necessarily all) may be present for the attack to
be successful.
range: integer
multivalued: true
inlined_as_list: true
Induced
name: AttackPattern
annotations:
xsd_type:
tag: xsd_type
value: AttackPatternType
description_note:
tag: description_note
value: The required Description element represents a high level description of
the attack pattern (no longer than a few sentences). The optional Extended_Description
element provides additional details. Typical_Severity and Likelihood_Of_Attack
capture average values with the understanding they will not be accurate for
all attacks.
description: 'An attack pattern is an abstraction mechanism for helping describe how
an attack is
executed. Each pattern defines a challenge that an attacker may face, provides a
description of the common technique(s) used to meet the challenge, and presents
recommended methods for mitigating an actual attack. Attack patterns help categorize
attacks in a meaningful way in an effort to provide a coherent way of teaching
designers and developers how their systems may be attacked and how they can effectively
defend them.'
in_subset:
- catalog_entries
from_schema: https://w3id.org/lmodel/capec
close_mappings:
- stix:attack-pattern
related_mappings:
- attack:Technique
- wasc:Threat
- owasp:Attack
slot_usage:
description:
name: description
annotations:
xsd_element:
tag: xsd_element
value: Description
xsd_type:
tag: xsd_type
value: StructuredTextType
description: 'A high level description of the attack pattern. The description
should be no
longer than a few sentences and should include how malicious input is initially
supplied, the weakness being exploited, and the resulting negative technical
impact. A full step-by-step description belongs in the Execution_Flow element.'
range: StructuredText
required: true
abstraction:
name: abstraction
annotations:
xsd_attribute:
tag: xsd_attribute
value: Abstraction
description: The abstraction level for this attack pattern. Defines whether this
is a Meta, Standard, or Detailed level pattern.
range: AbstractionEnum
required: true
extended_description:
name: extended_description
annotations:
xsd_element:
tag: xsd_element
value: Extended_Description
xsd_type:
tag: xsd_type
value: StructuredTextType
description: Additional details important to this attack pattern beyond what is
conveyed in the main description, but not necessary to understand the fundamental
concept.
range: StructuredText
alternate_terms:
name: alternate_terms
annotations:
xsd_element:
tag: xsd_element
value: Alternate_Terms/Alternate_Term
xsd_type:
tag: xsd_type
value: AlternateTermsType
description: One or more other names by which this attack pattern may be known.
range: AlternateTerm
multivalued: true
inlined_as_list: true
likelihood_of_attack:
name: likelihood_of_attack
annotations:
xsd_element:
tag: xsd_element
value: Likelihood_Of_Attack
xsd_type:
tag: xsd_type
value: LikelihoodEnumeration
description: An overall average likelihood value for attacks that leverage this
attack pattern, with the understanding that it will not be completely accurate
for all attacks.
range: LikelihoodEnum
typical_severity:
name: typical_severity
annotations:
xsd_element:
tag: xsd_element
value: Typical_Severity
xsd_type:
tag: xsd_type
value: SeverityEnumeration
description: An overall average severity value for attacks that leverage this
attack pattern, with the understanding that it will not be completely accurate
for all attacks.
range: SeverityEnum
related_attack_patterns:
name: related_attack_patterns
annotations:
xsd_element:
tag: xsd_element
value: Related_Attack_Patterns/Related_Attack_Pattern
xsd_type:
tag: xsd_type
value: RelatedAttackPatternType
description: References to other attack patterns that give insight to similar
items at higher and lower levels of abstraction.
range: RelatedAttackPattern
multivalued: true
inlined_as_list: true
execution_flow:
name: execution_flow
annotations:
xsd_element:
tag: xsd_element
value: Execution_Flow/Attack_Step
xsd_type:
tag: xsd_type
value: ExecutionFlowType
description: A detailed step-by-step flow of the attack pattern, listing the typical
steps performed by an adversary when leveraging the given technique. Usually
only applicable to Detailed abstraction level attack patterns.
range: AttackStep
multivalued: true
inlined_as_list: true
prerequisites:
name: prerequisites
annotations:
xsd_element:
tag: xsd_element
value: Prerequisites/Prerequisite
xsd_type:
tag: xsd_type
value: PrerequisitesType
description: The conditions that must exist in order for an attack leveraging
this pattern to succeed.
range: StructuredText
multivalued: true
skills_required:
name: skills_required
annotations:
xsd_element:
tag: xsd_element
value: Skills_Required/Skill
xsd_type:
tag: xsd_type
value: SkillsType
description: The level of skills or specific knowledge needed by an adversary
to execute this type of attack.
range: Skill
multivalued: true
inlined_as_list: true
resources_required:
name: resources_required
annotations:
xsd_element:
tag: xsd_element
value: Resources_Required/Resource
xsd_type:
tag: xsd_type
value: RequiredResourcesType
description: The resources (e.g., CPU cycles, IP addresses, tools) required by
an adversary to effectively execute this type of attack.
range: StructuredText
multivalued: true
indicators:
name: indicators
annotations:
xsd_element:
tag: xsd_element
value: Indicators/Indicator
xsd_type:
tag: xsd_type
value: IndicatorsType
description: Activities, events, conditions or behaviors that may indicate that
an attack leveraging this pattern is imminent, in progress, or has occurred.
range: StructuredText
multivalued: true
consequences:
name: consequences
annotations:
xsd_element:
tag: xsd_element
value: Consequences/Consequence
xsd_type:
tag: xsd_type
value: ConsequencesType
description: Individual consequences associated with this attack pattern, specifying
the security properties violated, technical impacts, and likelihoods.
range: Consequence
multivalued: true
inlined_as_list: true
mitigations:
name: mitigations
annotations:
xsd_element:
tag: xsd_element
value: Mitigations/Mitigation
xsd_type:
tag: xsd_type
value: MitigationsType
description: Actions or approaches to prevent or mitigate the risk of an attack
that leverages this attack pattern, aimed at improving system resiliency, reducing
attack surface, or reducing impact.
range: StructuredText
multivalued: true
example_instances:
name: example_instances
annotations:
xsd_element:
tag: xsd_element
value: Example_Instances/Example
xsd_type:
tag: xsd_type
value: ExampleInstancesType
description: One or more concrete example instances of this attack pattern to
help the reader understand its nature, context, and variability in practical
terms.
range: StructuredText
multivalued: true
related_weaknesses:
name: related_weaknesses
annotations:
xsd_element:
tag: xsd_element
value: Related_Weaknesses/Related_Weakness
xsd_type:
tag: xsd_type
value: RelatedWeaknessesType
description: References to CWE weaknesses associated with this attack pattern.
Any of the weaknesses (not necessarily all) may be present for the attack to
be successful.
range: integer
multivalued: true
inlined_as_list: true
attributes:
id:
name: id
annotations:
xsd_attribute:
tag: xsd_attribute
value: ID
xsd_type:
tag: xsd_type
value: xs:integer
description: Unique integer identifier for the entry. Considered static for the
lifetime of the entry. If an entry becomes deprecated, the identifier is not
reused and a placeholder is left in the catalog.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
identifier: true
alias: id
owner: AttackPattern
domain_of:
- AttackPattern
- Category
- View
range: integer
required: true
name:
name: name
annotations:
xsd_attribute:
tag: xsd_attribute
value: Name
description: Descriptive title used to give the reader an idea of what the entry
represents. All words in the name should be capitalized except for articles
and prepositions unless they begin or end the name.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: name
owner: AttackPattern
domain_of:
- AttackPatternCatalog
- AttackPattern
- Category
- View
- PreviousEntryName
range: string
required: true
status:
name: status
annotations:
xsd_attribute:
tag: xsd_attribute
value: Status
description: The development and usage status level for this entry. Please refer
to the StatusEnum enumeration for a list of valid values and their meanings.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: status
owner: AttackPattern
domain_of:
- AttackPattern
- Category
- View
range: StatusEnum
required: true
description:
name: description
annotations:
xsd_element:
tag: xsd_element
value: Description
xsd_type:
tag: xsd_type
value: StructuredTextType
description: 'A high level description of the attack pattern. The description
should be no
longer than a few sentences and should include how malicious input is initially
supplied, the weakness being exploited, and the resulting negative technical
impact. A full step-by-step description belongs in the Execution_Flow element.'
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: description
owner: AttackPattern
domain_of:
- AttackPattern
- AlternateTerm
- Skill
- AttackStep
- Technique
- Stakeholder
range: StructuredText
required: true
notes:
name: notes
description: Additional comments and notes about this entry that cannot be captured
using the other available elements.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: notes
owner: AttackPattern
domain_of:
- AttackPattern
- Category
- View
range: Note
multivalued: true
inlined: true
inlined_as_list: true
content_history:
name: content_history
description: Tracks the original author of this entry and any subsequent modifications
to the content, providing a means of contacting authors and modifiers.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: content_history
owner: AttackPattern
domain_of:
- AttackPattern
- Category
- View
range: ContentHistory
inlined: true
references:
name: references
description: Links to external references for further reading and insight into
this entry. Should be used when the entry is based on external sources or projects.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: references
owner: AttackPattern
domain_of:
- AttackPattern
- Category
- View
range: Reference
multivalued: true
inlined: true
inlined_as_list: true
taxonomy_mappings:
name: taxonomy_mappings
description: Mappings from this entry to equivalent or related entries in taxonomies
outside of CAPEC, such as ATT&CK, WASC, or OWASP Attacks.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: taxonomy_mappings
owner: AttackPattern
domain_of:
- AttackPattern
- Category
range: TaxonomyMapping
multivalued: true
inlined: true
inlined_as_list: true
abstraction:
name: abstraction
annotations:
xsd_attribute:
tag: xsd_attribute
value: Abstraction
description: The abstraction level for this attack pattern. Defines whether this
is a Meta, Standard, or Detailed level pattern.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: abstraction
owner: AttackPattern
domain_of:
- AttackPattern
range: AbstractionEnum
required: true
extended_description:
name: extended_description
annotations:
xsd_element:
tag: xsd_element
value: Extended_Description
xsd_type:
tag: xsd_type
value: StructuredTextType
description: Additional details important to this attack pattern beyond what is
conveyed in the main description, but not necessary to understand the fundamental
concept.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: extended_description
owner: AttackPattern
domain_of:
- AttackPattern
range: StructuredText
alternate_terms:
name: alternate_terms
annotations:
xsd_element:
tag: xsd_element
value: Alternate_Terms/Alternate_Term
xsd_type:
tag: xsd_type
value: AlternateTermsType
description: One or more other names by which this attack pattern may be known.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: alternate_terms
owner: AttackPattern
domain_of:
- AttackPattern
range: AlternateTerm
multivalued: true
inlined: true
inlined_as_list: true
likelihood_of_attack:
name: likelihood_of_attack
annotations:
xsd_element:
tag: xsd_element
value: Likelihood_Of_Attack
xsd_type:
tag: xsd_type
value: LikelihoodEnumeration
description: An overall average likelihood value for attacks that leverage this
attack pattern, with the understanding that it will not be completely accurate
for all attacks.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: likelihood_of_attack
owner: AttackPattern
domain_of:
- AttackPattern
range: LikelihoodEnum
typical_severity:
name: typical_severity
annotations:
xsd_element:
tag: xsd_element
value: Typical_Severity
xsd_type:
tag: xsd_type
value: SeverityEnumeration
description: An overall average severity value for attacks that leverage this
attack pattern, with the understanding that it will not be completely accurate
for all attacks.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: typical_severity
owner: AttackPattern
domain_of:
- AttackPattern
range: SeverityEnum
related_attack_patterns:
name: related_attack_patterns
annotations:
xsd_element:
tag: xsd_element
value: Related_Attack_Patterns/Related_Attack_Pattern
xsd_type:
tag: xsd_type
value: RelatedAttackPatternType
description: References to other attack patterns that give insight to similar
items at higher and lower levels of abstraction.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: related_attack_patterns
owner: AttackPattern
domain_of:
- AttackPattern
range: RelatedAttackPattern
multivalued: true
inlined: true
inlined_as_list: true
execution_flow:
name: execution_flow
annotations:
xsd_element:
tag: xsd_element
value: Execution_Flow/Attack_Step
xsd_type:
tag: xsd_type
value: ExecutionFlowType
description: A detailed step-by-step flow of the attack pattern, listing the typical
steps performed by an adversary when leveraging the given technique. Usually
only applicable to Detailed abstraction level attack patterns.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: execution_flow
owner: AttackPattern
domain_of:
- AttackPattern
range: AttackStep
multivalued: true
inlined: true
inlined_as_list: true
prerequisites:
name: prerequisites
annotations:
xsd_element:
tag: xsd_element
value: Prerequisites/Prerequisite
xsd_type:
tag: xsd_type
value: PrerequisitesType
description: The conditions that must exist in order for an attack leveraging
this pattern to succeed.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: prerequisites
owner: AttackPattern
domain_of:
- AttackPattern
range: StructuredText
multivalued: true
skills_required:
name: skills_required
annotations:
xsd_element:
tag: xsd_element
value: Skills_Required/Skill
xsd_type:
tag: xsd_type
value: SkillsType
description: The level of skills or specific knowledge needed by an adversary
to execute this type of attack.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: skills_required
owner: AttackPattern
domain_of:
- AttackPattern
range: Skill
multivalued: true
inlined: true
inlined_as_list: true
resources_required:
name: resources_required
annotations:
xsd_element:
tag: xsd_element
value: Resources_Required/Resource
xsd_type:
tag: xsd_type
value: RequiredResourcesType
description: The resources (e.g., CPU cycles, IP addresses, tools) required by
an adversary to effectively execute this type of attack.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: resources_required
owner: AttackPattern
domain_of:
- AttackPattern
range: StructuredText
multivalued: true
indicators:
name: indicators
annotations:
xsd_element:
tag: xsd_element
value: Indicators/Indicator
xsd_type:
tag: xsd_type
value: IndicatorsType
description: Activities, events, conditions or behaviors that may indicate that
an attack leveraging this pattern is imminent, in progress, or has occurred.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: indicators
owner: AttackPattern
domain_of:
- AttackPattern
range: StructuredText
multivalued: true
consequences:
name: consequences
annotations:
xsd_element:
tag: xsd_element
value: Consequences/Consequence
xsd_type:
tag: xsd_type
value: ConsequencesType
description: Individual consequences associated with this attack pattern, specifying
the security properties violated, technical impacts, and likelihoods.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: consequences
owner: AttackPattern
domain_of:
- AttackPattern
range: Consequence
multivalued: true
inlined: true
inlined_as_list: true
mitigations:
name: mitigations
annotations:
xsd_element:
tag: xsd_element
value: Mitigations/Mitigation
xsd_type:
tag: xsd_type
value: MitigationsType
description: Actions or approaches to prevent or mitigate the risk of an attack
that leverages this attack pattern, aimed at improving system resiliency, reducing
attack surface, or reducing impact.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: mitigations
owner: AttackPattern
domain_of:
- AttackPattern
range: StructuredText
multivalued: true
example_instances:
name: example_instances
annotations:
xsd_element:
tag: xsd_element
value: Example_Instances/Example
xsd_type:
tag: xsd_type
value: ExampleInstancesType
description: One or more concrete example instances of this attack pattern to
help the reader understand its nature, context, and variability in practical
terms.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: example_instances
owner: AttackPattern
domain_of:
- AttackPattern
range: StructuredText
multivalued: true
related_weaknesses:
name: related_weaknesses
annotations:
xsd_element:
tag: xsd_element
value: Related_Weaknesses/Related_Weakness
xsd_type:
tag: xsd_type
value: RelatedWeaknessesType
description: References to CWE weaknesses associated with this attack pattern.
Any of the weaknesses (not necessarily all) may be present for the attack to
be successful.
from_schema: https://w3id.org/lmodel/capec
rank: 1000
alias: related_weaknesses
owner: AttackPattern
domain_of:
- AttackPattern
range: integer
multivalued: true
inlined: true
inlined_as_list: true