Attack Effort


Attack Effort (or Access Complexity) is to account for the combination of time, knowledge, resources, and potential consequences to an Attacker when conducting a specific attack.

Appears the Common Vulnerabilities and Exposures (CVE) refers to this as "Exploitability Metrics"

Often there are CPU efforts required within the Attack Effort that may exceed the Computational Hardness Assumption

Attack Effort is generally higher for Advanced Persistent Threats and Targeted Attacks than Opportunistic Attack

More Information#

There might be more information for this subject on one of the following: