|
|
|
|
Resources
Resources
- Attack Patterns content area of the DHS-sponsored Build Security In website located at https://buildsecurityin.us-cert.gov/daisy/bsi/articles/knowledge/attack.html
- Moore, A. P.; Ellison, R. J.; & Linger, R. C. Attack Modeling for Information Security and Survivability (CMU/SEI-2001-TN-001, ADA388771). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2001.
- Hoglund, Greg & McGraw, Gary. Exploiting Software: How to Break Code. Boston, MA: AddisonWesley, 2004 (ISBN 0-2017-8695-8).
- Gegick, Michael & Williams, Laurie. "Matching Attack Patterns to Security Vulnerabilities in SoftwareIntensive System Designs.” ACM SIGSOFT Software Engineering Notes, Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications SESS '05, Volume 30, Issue 4. New York, NY: ACM Press, 2005.
- McGraw, Gary. Software Security: Building Security In. Boston, MA: Addison-Wesley, 2006. http://www.buildingsecurityin.com
- Recently discovered parallel efforts by Rocky Heckman. Rocky's perpectives on attack patterns can be found at http://www.rockyh.net and http://www.attackpattern.org
|
