| This attack may accomplish all sorts of things, thus we do not (on this level) define any existential quantifiers. |
| •owl:Thing |
| •Attack |
| •Threat |
| •Threat |
| •Attack |
| •ActiveAttack |
| •BypassingIntendedControls |
| •TinyFragmentAttack |
| BypassingIntendedControls |
| threatens SOME _Network |
| threatens ONLY ((_Confidentiality OR _Integrity OR _Availability) AND _Network) |
| dc:description | The attacker uses the IP fragmentation option to create extremely small fragments and force the TCP header information into a separate packet fragment. This attack is designed to circumvent filtering rules that depend on TCP header information. (Stallings 06) |
Class(TinyFragmentAttack partial BypassingIntendedControls
restriction(threatens someValuesFrom(_Network))
restriction(threatens allValuesFrom(intersectionOf(unionOf(_Confidentiality
_Integrity
_Availability)
_Network))))