Overview#
Attack Effort (or Access Complexity) is to account for the combination of time, knowledge, resources, and potential consequences to an Attacker when conducting a specific attack.Appears the Common Vulnerabilities and Exposures (CVE) refers to this as "Exploitability Metrics"
Often there are CPU efforts required within the Attack Effort that may exceed the Computational Hardness Assumption
Attack Effort is generally higher for Advanced Persistent Threats and Targeted Attacks than Opportunistic Attack
The Open Group Risk Taxonomy (O-RT)#
Attack Effort is defined in Risk Taxonomy (O-RT) as Threat Capability (TCap) as the probable level of force that a threat agent is capable of applying against an asset.More Information#
There might be more information for this subject on one of the following:- Block Cipher Mode
- Computational Hardness Assumption
- Cryptanalysis
- CryptoAPI
- Exploitability Metrics
- Golden Ticket
- Multiple-channel Authentication
- Real Risk
- Risk Assessment
- Rowhammer
- Side-channel attacks
- Strength of Function for Authenticators - Biometrics
- Targeted Attack
- Threat Model
- [#1] - Common Vulnerability Scoring System#Base_metrics
- based on information obtained 2017-08-17-