Back to Security Pattern Catalog


Classification Key : Security Pattern Space


An attacker who knows how the system works internally has an advantage over someone who has to go through reconnaissance activities. Normally COTS (Commercial off the Shelf) components are used to implement some security mechanism. But the COTS components are available for the attackers to analyze and therefore using them would expose the internal workings of the system to the attackers. How can the internal workings of COTS components be hidden from the attacker ?


Customize variations in the system to make them different from regular security implementation. Limit the modifications as they do not defeat the purpose itself.

Known Uses

Tripwire for Web pages. The Deception Toolkit.


Kienzle et. al. Repository


Variation, Attack Prevention


Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz