Uses
Forward direction as an ID system
In reverse to identify vulnerabilities
In reverse w/ sensors replaced with appropriate attack scripts as an attack system
- Plans how to reach goal
- Can find new combinations of attacks to reach goal e.g.
- Using DNS requests as a method for a worm to pull in its body.
- Port DOS to Spoof IIS Authentication, then buffer overflow list command as a means of remote execution.