This attack may accomplish all sorts of things, thus we do not (on this level) define any existential quantifiers. |
•owl:Thing |
•Attack |
•Threat |
•Threat |
•Attack |
•ActiveAttack |
•BypassingIntendedControls |
•TinyFragmentAttack |
BypassingIntendedControls |
threatens SOME _Network |
threatens ONLY ((_Confidentiality OR _Integrity OR _Availability) AND _Network) |
dc:description | The attacker uses the IP fragmentation option to create extremely small fragments and force the TCP header information into a separate packet fragment. This attack is designed to circumvent filtering rules that depend on TCP header information. (Stallings 06) |
Class(TinyFragmentAttack partial BypassingIntendedControls restriction(threatens someValuesFrom(_Network)) restriction(threatens allValuesFrom(intersectionOf(unionOf(_Confidentiality _Integrity _Availability) _Network))))