A Potency Relation for Worms and Next-Generation Attack Tools

We describe the attributes that span the space of attack tools, illustrate a class of nextgeneration attack tools and contrast it with contemporary worms, and outline a methodology that can be used to express the potency of the threat. In identifying what influences the potency of a threat we hope to identify underlying principles that govern the potency of a class of attack tools or a specific instance. This methodology is based on an analytical process that maps two spaces and illustrates the relationships between these spaces. The first space is described by the fundamental attributes that describe the space of attack tools. The second space describes various metrics of the potency of attack tools. The potency relation is a formulation of the relationship between attributes possessed by an attack tool and a description of how potent that attack tool is. This potency relation, therefore, can be used for both predictive as well as defensive purposes. By identifying what factors influence the potency of an attack tool, we have identified the very factors a defender must influence in order to minimize potency.