Common Attack Pattern Enumeration and Classification
A Community Resource for Identifying and Understanding Attacks
The Common Attack Pattern Enumeration and Classification (CAPEC™) effort provides a publicly available catalog of common attack patterns that helps users understand how adversaries exploit weaknesses in applications and other cyber-enabled capabilities.
"Attack Patterns" are descriptions of the common attributes and approaches employed by adversaries to exploit known weaknesses in cyber-enabled capabilities. Attack patterns define the challenges that an adversary may face and how they go about solving it. They derive from the concept of design patterns applied in a destructive rather than constructive context and are generated from in-depth analysis of specific real-world exploit examples.
Each attack pattern captures knowledge about how specific parts of an attack are designed and executed, and gives guidance on ways to mitigate the attack's effectiveness. Attack patterns help those developing applications, or administrating cyber-enabled capabilities to better understand the specific elements of an attack and how to stop them from succeeding.
CAPEC was established by the U.S. Department of Homeland Security as part of the Software Assurance (SwA) strategic initiative of the Office of Cybersecurity and Communications (CS&C). Initially released in 2007, the CAPEC List continues to evolve with public participation and contributions to form a standard mechanism for identifying, collecting, refining, and sharing attack patterns among the cybersecurity community.
Attack patterns captured in such a formalized way can bring considerable value to the development and maintenance of cyber-enabled capabilities, including:
Of course, attack patterns are not the only useful tool for building secure cyber-enabled capabilities. Many other tools, such as misuse/abuse cases, security requirements, threat models, knowledge of common weaknesses and vulnerabilities, and attack trees, can help. Attack patterns play a unique role amid this larger architecture of security knowledge and techniques.
More information is available — Please select a different filter.