OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

was message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Classification thoughts

I know I am late with the minutes again but the notes are in the office, =
I took a long weekend in NYC (it was the 150th anniversary of central =
park) and the dog ate my homework.....

I think all of us that were on the phone last week would agree that =
whilst on the face of it, creating a classification scheme is an easy =
task, in practice it is fraught with semantical and contextual issues.

We all discussed the merits of hierarchical schemes but all seemed to =
agree that the hierarchies can be meaningless to one person whilst =
communicating a valuable message to another.

In a sense (and remembering why OWASP arrived at the ASAC after the =
call) I personally think we may wish to consider creating atoms of =
attacks and a mechanism for allowing people to piece them together to =
create useful meaningful pieces of information. Kinda like OOP.=20

By taking this approach any scheme is both extensible (users could =
create their own object type) and flexible. You could define classes of =
objects that have a natural hierarchy or share similar properties =
(buffer over flow, format string etc) and also use polymorphism to =
create unique attack objects such as Code Red that inherit from =
different base classes.

Is there any merit to this ?

Any better ideas ?

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]