Formal Modelling and Automatic Detection of Resource Exhaustion Attacks
Many common protocols: TCP, IPSec, etc., are vulnerable to denial of service attacks, where adversaries maliciously consume significant resources of honest principals, leading to resource exhaustion. The authors propose a set of cost-based rules that formalize DoS attacks by resource exhaustion and can automate their detection. Their classification separates excessive but legal protocol use (e.g., flooding) from illegal protocol manipulation that causes participants to waste computation time without reaching the protocol goals. They also distinguish simple intruder intervention leading to wasteful execution from DoS attacks proper, which can be repeatedly initiated.