Denial-of-service (DoS) attacks attempt to make a computer resource unavailable or insufficiently available to its intended users. Such . Distributed denial-of-service (DDoS) attacks are launched by two or more persons or bots. DoS and DDoS attacks are generally of greater concern for persistent, server-type systems than for desktop applications; nevertheless, denial of service issues can arise for all classes of application
There are several methods of causing a denial of service:
- Vulnerability attacks involve sending a few well-crafted packets that take advantage of an existing vulnerability in the target machine.
- Resource exhaustion attacks that consume computational resource such as bandwidth, memory, disk space, or processor time.
- Algorithmic attacks (such as on hash functions) by injecting values that force worst-case conditions to exist.
- Bandwidth consumption attacks that consume all available network bandwidth of the victim.
Denial of Service Through Resource Exhaustion
...
The Secure Coding Guidelines for the Java Programming Language [SCG 2009] lists some examples of possible attacks:
...
Rules regarding prevention of denial of service attacks resulting from resource exhaustion include:
| Content by Label | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Concurrency-Related Denial of Service
...
Rules regarding prevention of denial of service attacks resulting from concurrency issues include:
| Content by Label | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Other Denial of Service attacks
Additional rules regarding prevention of denial of service attacks include:
| Content by Label | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Precursors to Denial of Service
A number of additional rules address vulnerabilities that can enable denial of service attacks, but that are insufficient to cause denial of service on their own. These rules include:
| Content by Label | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|