Abstract
Denial of Service (DoS) attack has been identified in security surveys as the second largest cause of monetary loss. Hence, DoS is a very important problem that needs to be dealt with seriously. Many DoS attacks are conducted by generating extremely high rate traffic; these are classified as flooding attacks. Other DoS attacks, which are caused by resource consumption, belong to the so-called logic attacks category, one such example is algorithmic complexity attack. Complexity attacks generate traffic containing data, which exploits the working principle of the algorithms running on a machine. In such an attack, a request imposes worst-case execution time on a resource and repeatedly re-uses the same resource for further services. In this paper, we propose a regression analysis based model that can prevent algorithmic complexity attacks. We demonstrate our model on quick-sort algorithm.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Crosby, S.A., Wallach, D.S.: Denial of Service via Algorithmic Complexity Attacks. In: 12th USENIX Security Symposium (August 2003)
Mcilroy, M.D.: A Killer Adversary for Quicksort. Software –Practice and Experience 29, 1–4 (1999)
Gligor, V.D.: A note on the denial-of-service problem. In: IEEE Symposium on Security and Privacy, pp. 139–149 (1983)
Gal, A., Probst, C.W., Franz, M.: Complexity-Based Denial-of-Service Attacks on Mobile Code Systems. ICS technical report 04-09, department of Computer Science, University of California, Irvine
Czajkowski, G., Eicken, T.V.: JRes: A Resource Accounting Interface for Java. In: Proceedings of the 1998 ACM OOPSLA Conference, Vancouver, BC (October 1998)
Spatscheck, O., Peterson, L.: Defending against denial-of-service attacks in Scout. In: Proceedings of the 1999 USENIX/ACM Symposium on Operating System Design and Implementation (February 1999)
Fisk, M., Varghese, G.: Fast Content-Based Packet Handling for Intrusion Detection. Technical Report, UCSD Computer Science and Engineering, CS2001-0670 (May 7, 2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Khan, S., Traore, I. (2005). A Prevention Model for Algorithmic Complexity Attacks. In: Julisch, K., Kruegel, C. (eds) Detection of Intrusions and Malware, and Vulnerability Assessment. DIMVA 2005. Lecture Notes in Computer Science, vol 3548. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11506881_10
Download citation
DOI: https://doi.org/10.1007/11506881_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-26613-6
Online ISBN: 978-3-540-31645-9
eBook Packages: Computer ScienceComputer Science (R0)