Part of the Attack.tex database ()

Focused On Your Success

The All.Net Security Database

Generated Fri Jun 27 09:58:50 PDT 2003 by fc@red.a.net

Cause/Mechanism: Threat Profiles Attack Methods Defense Methods Process: Prevention Detection Reaction Impact: Integrity Availability Confidential Use Control	Other: Risk Management Database Description Domain: Physical Informational Systemic Sophistication: Theoretical Demonstrated Widespread	Perspectives: Management Policy Standards Procedures Documentation Audit Testing Technical Safeguards Personnel Incident Handling Legal Physical Awareness Training Education Organization
Brekne's Mechanistic: Input Output Storage Processing Transmission	Brekne's Causal: Accidental Malicious	Brekne's Method: Leakage Masquerade Denial Corruption Usage Mental

Attack93:

Name:salami attacks

Many small transactions are used together for a larger aggregated effect. Examples include taking round-off error amounts from financial interest computations and adding them to the thief's account balance (resulting in no net loss to the system), the slow leakage of information through covert channels at rates below normal detection thresholds, and economic intelligence gathering efforts involving the aggregation of small amounts of information from many sources to derive an overall picture of an organization. Complexity: Attacks of this sort are relatively easy to create. Mathematical analysis of the general class of salami attacks has not been done but it seems likely to be similar in complexity to analysis of data aggregation effects.

fc@red.a.net

Related Database Material

[TBVProcessing - Relates to Processing]
[TBVMalicious - Relates to Malicious]
[TBVLeakage - Relates to Leakage]
[TBVDenial - Relates to Denial]
[PDRIntegrity - Relates to Integrity]
[PDRDemonstrated - Relates to Demonstrated]
[PLSSystemic - Relates to Systemic]
[Threat1 - insiders]
[Threat4 - consultants]
[Threat5 - vendors]
[Threat6 - customers]
[Threat7 - Fraudsters]
[Threat14 - tiger teams]
[Threat23 - drug cartels]
[Threat25 - industrial espionage experts]
[Threat28 - government agencies]
[Threat30 - economic rivals]
[Threat31 - nation states]
[Threat32 - global coalitions]
[Threat33 - military organizations]
[Threat35 - information warriors]
[Defense54 - accountability]
[Defense32 - anomaly detection]
[Defense30 - audit analysis]
[Defense29 - auditing]
[Defense33 - capture and punishment]
[Defense72 - detailed audit]
[Defense38 - financial situation checking]
[Defense14 - human intervention after detection]
[Defense119 - individual accountability for all assets and actions]
[Defense127 - integration principle (GASSP)]
[Defense130 - internal control principle (GASSP)]
[Defense79 - inventory control]
[Defense59 - lockouts]
[Defense31 - misuse detection]
[Defense66 - noise injection]
[Defense69 - path diversity]
[Defense128 - timeliness principle (GASSP)]
[Defense95 - traps]