ITU

Committed to connecting the world

ITU-T work programme

[2013-2016] : [SG17] : [Q4/17]

[Declared patent(s)]  - [Associated work]  - [Publication]

Work item: X.1544 (ex X.capec)
Status: Approved on 2013-04-26 [Issued from previous study period]
Approval process: TAP
Type of work item: Recommendation
Version: New
Provisional name: X.capec
Equivalent number: -
Timing: -
Liaison: -
Subject/title: Common attack pattern enumeration and classification
Summary: This Recommendation is an XML/XSD based specification for the identification, description, and enumeration of attack patterns. Attack patterns are a powerful mechanism to capture and communicate the attacker's perspective. They are descriptions of common methods for exploiting software. They derive from the concept of design patterns applied in a destructive rather than constructive context and are generated from in-depth analysis of specific real-world exploit examples. The objective of CAPEC is to provide a publicly available catalogue of attack patterns along with a comprehensive schema and classification taxonomy. CAPEC enables: o Standardizing the capture and description of attack patterns o Collecting known attack patterns into an integrated enumeration that can be consistently and effectively leveraged by the community o Classifying attack patterns such that users can easily identify the subset of the entire enumeration that is appropriate for their context o Linking the attack patterns and the weaknesses (CWEs) that they are effective against through explicit references. As many sources and examples as possible are leveraged from the CAPEC community and other interested parties, to develop the specific and succinct definitions of the CAPEC Dictionary elements and a variety of views and classification tree structures.
Comment: -
Base text(s):
[TD 0271 ]
Contact(s):
ITU-T A.5 reference(s):
Generate A.5 drat TD
-
[Submit new A.5 reference ] 
First registration in the WP: 2009-10-22 14:50:50
Last update: 2013-05-01 09:46:57