Abstract
|
Systems connected to the Internet are high … Systems connected to the Internet are highly susceptible to denial-of-service attacks that can compromise service availability, causing damage to customers and providers. Due to errors in the design or coding phases, particular client-server interactions can be made to consume much more resources than necessary easing the success of this kind of attack.
To address this issue we propose a new methodology for the detection and identification of local resource-exhaustion vulnerabilities. The methodology also gives a prediction on the necessary effort to exploit a specific vulnerability, useful to support decisions regarding the configuration of a system, in order to sustain a certain attack magnitude.
The methodology was implemented in a tool called PREDATOR that is able to automatically generate malicious traffic and to perform post-processing analysis to build accurate resource usage projections on a given target server.
The validity of the approach was demonstrated with several synthetic programs and well-known DNS servers. hetic programs and well-known DNS servers.
|
Address
|
Seattle/Redmond, WA, USA +
|
Author
|
João Antunes +
, Nuno Ferreira Neves +
, Paulo Verissimo +
|
Booktitle
|
Proceedings of the 19th IEEE International Symposium on Software Reliability Engineering +
|
Key
|
Joao-antunes2008detection-and-219 +
|
Missing
|
ResearchLine +
|
Month
|
nov +
|
NumPubDate
|
2,008.11 +
|
Project
|
Project:AJECT +
|
Title
|
Detection and Prediction of Resource-Exhaustion Vulnerabilities +
|
Type
|
inproceedings +
|
Url
|
http://www.navigators.di.fc.ul.pt/archive/papers/antunes08.pdf +
|
Year
|
2008 +
|
Categories |
Publication +
|
Modification dateThis property is a special property in this wiki.
|
14 January 2013 17:10:12 +
|