Jump to content

Mixed threat attack

From Wikipedia, the free encyclopedia

Regarding computer security, a mixed threat attack is an attack that uses several different tactics to infiltrate a computer user's environment. A mixed threat attack might include an infected file that comes in by way of spam or can be received by an Internet download. Mixed threat attacks try to exploit multiple vulnerabilities to get into a system. By launching multiple diverse attacks in parallel, the attacker can exploit more entry points than with just a single attack.

Because these threats are based on multiple single-attacks, they are much harder to detect. Firewalls can help with these types of attacks; if configured correctly, they are somewhat effective against this type of attack. However, if the attack is embedded inside an application, it is no longer able to prevent it. Typical techniques employed are to define the multiple access threat with a signature that can represent identification for the virus removal software. These types of techniques need to be employed on the host machine because sometimes the firewall or Intrusion Detection System is not able to detect the attack.[1]

Nimda and Code Red are examples of computer worms that utilized mixed threat attacks.[1]

See also

[edit]

References

[edit]
  1. ^ a b Trend Micro. "Enterprise Prevention and Management of Mixed-Threat Attacks" (PDF).