Page History

Denial-of-service (DoS) attacks attempt to make a computer resource unavailable or insufficiently available to its intended users. Such . Distributed denial-of-service (DDoS) attacks are launched by two or more persons or bots. DoS and DDoS attacks are generally of greater concern for persistent, server-type systems than for desktop applications; nevertheless, denial of service issues can arise for all classes of application

There are several methods of causing a denial of service:

• Vulnerability attacks involve sending a few well-crafted packets that take advantage of an existing vulnerability in the target machine.
• Resource exhaustion attacks that consume computational resource such as bandwidth, memory, disk space, or processor time.
• Algorithmic attacks (such as on hash functions) by injecting values that force worst-case conditions to exist.
• Bandwidth consumption attacks that consume all available network bandwidth of the victim.

Denial of Service Through Resource Exhaustion

...

The Secure Coding Guidelines for the Java Programming Language [SCG 2009] lists some examples of possible attacks:

...

Rules regarding prevention of denial of service attacks resulting from resource exhaustion include:

...

Concurrency-Related Denial of Service

...

Rules regarding prevention of denial of service attacks resulting from concurrency issues include:

...

...

Other Denial of Service attacks

Additional rules regarding prevention of denial of service attacks include:

...

...

Precursors to Denial of Service

A number of additional rules address vulnerabilities that can enable denial of service attacks, but that are insufficient to cause denial of service on their own. These rules include:

...

...

...

Bibliography

[Seacord 2015]

Image Added Denial-of-service attacks  LiveLesson