Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Denial-of-service (DoS) attacks attempt to make a computer resource unavailable or insufficiently available to its intended users. Such Distributed denial-of-service (DDoS) attacks are launched by two or more persons or bots. DoS and DDoS attacks are generally of greater concern for persistent, server-type systems than for desktop applications; nevertheless, denial of service issues can arise for all classes of application

There are several methods of causing a denial of service:

  • Vulnerability attacks involve sending a few well-crafted packets that take advantage of an existing vulnerability in the target machine.
  • Resource exhaustion attacks that consume computational resource such as bandwidth, memory, disk space, or processor time.
  • Algorithmic attacks (such as on hash functions) by injecting values that force worst-case conditions to exist.
  • Bandwidth consumption attacks that consume all available network bandwidth of the victim.

Denial of Service Through Resource Exhaustion

...

The Secure Coding Guidelines for the Java Programming Language [SCG 2009] lists some examples of possible attacks:

...

Rules regarding prevention of denial of service attacks resulting from resource exhaustion include:

Content by Label
showLabelsfalse
maxResults99
sorttitle
showSpacefalse
label+resource-exhaustion,-void
space@self

Concurrency-Related Denial of Service

...

Rules regarding prevention of denial of service attacks resulting from concurrency issues include:

Content by Label
showLabelsfalse
maxResults99
sorttitle
showSpacefalse
label+dos-cc,-void
space@self

Other Denial of Service attacks

Additional rules regarding prevention of denial of service attacks include:

Content by Label
showLabelsfalse
maxResults99
sorttitle
showSpacefalse
label+dos,-void
space@self

Precursors to Denial of Service

A number of additional rules address vulnerabilities that can enable denial of service attacks, but that are insufficient to cause denial of service on their own. These rules include:

Content by Label
showLabelsfalse
maxResults99
sorttitle
showSpacefalse
label+dos-enable,-void
space@self

Bibliography

[Seacord 2015]Image result for video iconImage Added Denial-of-service attacks  LiveLesson