CAPEC-655: Avoid Security Tool Identification by Adding Data

An adversary adds data to a file to increase the file size beyond what security tools are capable of handling in an attempt to mask their actions. In addition to this, adding data to a file also changes the file's hash, frustrating security tools that look for known bad files by their hash.

High

Typical severity

Per MITRE

High

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Detailed

Abstraction

MITRE classification

Overview

CAPEC-655 (Avoid Security Tool Identification by Adding Data) is a detailed-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.

CAPEC-655: Avoid Security Tool Identification by Adding Data

Overview

Consequences

Examples

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CAPEC-655?

How severe is CAPEC-655?

References

Defend against CAPEC-655

Overview

Consequences

Examples

Related attack patterns

Parent

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CAPEC-655?

How severe is CAPEC-655?

References

Defend against CAPEC-655