Summary

Recommendation ITU-T X.1544 is an XML/XSD-based specification for the identification, description, and enumeration of attack patterns. Attack patterns are a powerful mechanism to capture and communicate the attacker's perspective. They are descriptions of common methods for exploiting software. They derive from the concept of design patterns applied in a destructive rather than constructive context and are generated from in-depth analysis of specific real-world exploit examples. The objective of the common attack pattern enumeration and classification (CAPEC) is to provide a publicly available catalogue of attack patterns along with a comprehensive schema and classification taxonomy.