Many attacks combine several techniques synergistically in
order to affect their goal. Examples include exploiting an emergency
response to a flood to gain entry into a terminal room where password
guessing gains entry into a system and subsequent data diddling alters
billing records, the use of a virus to create protection missetting which
are subsequently exploited by planting a Trojan horse to allow reentry and
the creation of fictitious people in key offices who are automatically
granted access to appropriate systems (process bypassing) to allow the
attacker access to other systems, and the creation of an attractive Web site
designed to exploit users who visit it by sending their browsers
content-based attacks that set up covert channels through firewalls and
extend access through peer network relationships to other systems within the
victim's network.
Complexity: Combinations and sequences of attacks are at
least as complex as their individual components, and may be more complex to
create in coordination. Detection may be less complex because detection of
any subset or subsequence may be adequate to detect the combined attack.
This has not been studied in any mathematical depth to date.
fc@red.a.net