[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Classification thoughts
I know I am
late with the minutes again but the notes are in the office, =
I took a long weekend in NYC (it was the 150th anniversary of central = park) and the dog ate my homework..... I think all of us that were on the phone last week would agree that = whilst on the face of it, creating a classification scheme is an easy = task, in practice it is fraught with semantical and contextual issues. We all discussed the merits of hierarchical schemes but all seemed to = agree that the hierarchies can be meaningless to one person whilst = communicating a valuable message to another. In a sense (and remembering why OWASP arrived at the ASAC after the = call) I personally think we may wish to consider creating atoms of = attacks and a mechanism for allowing people to piece them together to = create useful meaningful pieces of information. Kinda like OOP.=20 By taking this approach any scheme is both extensible (users could = create their own object type) and flexible. You could define classes of = objects that have a natural hierarchy or share similar properties = (buffer over flow, format string etc) and also use polymorphism to = create unique attack objects such as Code Red that inherit from = different base classes. Is there any merit to this ? Any better ideas ? |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]