New to CAPEC? Start Here
Home > About CAPEC > Resources  



The publications and websites listed below also provide information about attack patterns.

  • Attack Patterns content area of the DHS-sponsored Build Security In website located at
  • Moore, A. P.; Ellison, R. J.; & Linger, R. C. Attack Modeling for Information Security and Survivability (CMU/SEI-2001-TN-001, ADA388771). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2001.
  • Hoglund, Greg & McGraw, Gary. Exploiting Software: How to Break Code. Boston, MA: AddisonWesley, 2004 (ISBN 0-2017-8695-8).
  • Gegick, Michael & Williams, Laurie. "Matching Attack Patterns to Security Vulnerabilities in SoftwareIntensive System Designs." ACM SIGSOFT Software Engineering Notes, Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications SESS '05, Volume 30, Issue 4. New York, NY: ACM Press, 2005.
  • McGraw, Gary. Software Security: Building Security In. Boston, MA: Addison-Wesley, 2006.
More information is available — Please select a different filter.
Page Last Updated or Reviewed: April 04, 2019