Formal Modelling and Automatic Detection of Resource Exhaustion Attacks

Many common protocols: TCP, IPSec, etc., are vulnerable to denial of service attacks, where adversaries maliciously consume significant resources of honest principals, leading to resource exhaustion. The authors propose a set of cost-based rules that formalize DoS attacks by resource exhaustion and can automate their detection. Their classification separates excessive but legal protocol use (e.g., flooding) from illegal protocol manipulation that causes participants to waste computation time without reaching the protocol goals. They also distinguish simple intruder intervention leading to wasteful execution from DoS attacks proper, which can be repeatedly initiated.

Provided by: Association for Computing Machinery Topic: Security Date Added: Mar 2011 Format: PDF

Find By Topic