“Detection and Prediction of Resource-Exhaustion Vulnerabilities”
From Navigators
(Difference between revisions)
(NavsPubsFull5.xml import (201201141459, full reimport with new ids for legacy pubs avoiding collisions)) |
|||
Line 1: | Line 1: | ||
{{Publication | {{Publication | ||
- | | | + | |type=inproceedings |
- | + | |title=Detection and Prediction of Resource-Exhaustion Vulnerabilities | |
- | + | |author=João Antunes, Nuno Ferreira Neves, Paulo Veríssimo | |
- | + | |Project=Project:AJECT | |
- | + | |month=nov | |
- | + | |year=2008 | |
- | + | |abstract=Systems connected to the Internet are highly susceptible to denial-of-service attacks that can compromise service availability, causing damage to customers and providers. Due to errors in the design or coding phases, particular client-server interactions can be made to consume much more resources than necessary easing the success of this kind of attack. | |
- | |author= | + | |
- | + | ||
- | | | + | |
- | + | ||
- | | | + | |
- | + | ||
To address this issue we propose a new methodology for the detection and identification of local resource-exhaustion vulnerabilities. The methodology also gives a prediction on the necessary effort to exploit a specific vulnerability, useful to support decisions regarding the configuration of a system, in order to sustain a certain attack magnitude. | To address this issue we propose a new methodology for the detection and identification of local resource-exhaustion vulnerabilities. The methodology also gives a prediction on the necessary effort to exploit a specific vulnerability, useful to support decisions regarding the configuration of a system, in order to sustain a certain attack magnitude. | ||
The methodology was implemented in a tool called PREDATOR that is able to automatically generate malicious traffic and to perform post-processing analysis to build accurate resource usage projections on a given target server. | The methodology was implemented in a tool called PREDATOR that is able to automatically generate malicious traffic and to perform post-processing analysis to build accurate resource usage projections on a given target server. | ||
The validity of the approach was demonstrated with several synthetic programs and well-known DNS servers. | The validity of the approach was demonstrated with several synthetic programs and well-known DNS servers. | ||
- | | | + | |address=Seattle/Redmond, WA, USA |
- | + | |booktitle=Proceedings of the 19th IEEE International Symposium on Software Reliability Engineering | |
- | |booktitle= | + | |url=http://www.navigators.di.fc.ul.pt/archive/papers/antunes08.pdf |
- | + | ||
- | | | + | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
}} | }} |
Latest revision as of 17:10, 14 January 2013
João Antunes, Nuno Ferreira Neves, Paulo Veríssimo
in Proceedings of the 19th IEEE International Symposium on Software Reliability Engineering, Seattle/Redmond, WA, USA, Nov. 2008.
Abstract: Systems connected to the Internet are highly susceptible to denial-of-service attacks that can compromise service availability, causing damage to customers and providers. Due to errors in the design or coding phases, particular client-server interactions can be made to consume much more resources than necessary easing the success of this kind of attack. To address this issue we propose a new methodology for the detection and identification of local resource-exhaustion vulnerabilities. The methodology also gives a prediction on the necessary effort to exploit a specific vulnerability, useful to support decisions regarding the configuration of a system, in order to sustain a certain attack magnitude. The methodology was implemented in a tool called PREDATOR that is able to automatically generate malicious traffic and to perform post-processing analysis to build accurate resource usage projections on a given target server. The validity of the approach was demonstrated with several synthetic programs and well-known DNS servers.
Download paper
Download Detection and Prediction of Resource-Exhaustion Vulnerabilities
Export citation
Project(s): Project:AJECT
Missing ResearchLine