This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Periodic Table of Vulnerabilities - Denial of Service (Application Based)"
David Fern (talk | contribs) (Created page with "Return to Periodic Table Working View === Denial of Service (Application Based) === == Root Cau...") |
David Fern (talk | contribs) |
||
(4 intermediate revisions by 2 users not shown) | |||
Line 14: | Line 14: | ||
== Perimeter Solution == | == Perimeter Solution == | ||
− | + | Perimeter anti-automation for application-based DoS is identical to [[OWASP Periodic Table of Vulnerabilities - Brute Force (Generic) / Insufficient Anti-automation|Generic Brute Force]]. | |
− | == Framework Solution== | + | == Generic Framework Solution == |
None | None | ||
Line 30: | Line 30: | ||
== Discussion / Controversy == | == Discussion / Controversy == | ||
− | Denial of service vulnerabilities | + | Denial of service vulnerabilities have other names including “resource exhaustion” and “resource depletion” and there are other types of denial of service attacks different from application including network and connection based. |
== References == | == References == | ||
− | + | [https://www.owasp.org/index.php/Application_Denial_of_Service OWASP - Application Denial of Service] | |
− | + | [http://cwe.mitre.org/data/definitions/400.html CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')] | |
[http://capec.mitre.org/data/definitions/119.html CAPEC -119: Resource Depletion] | [http://capec.mitre.org/data/definitions/119.html CAPEC -119: Resource Depletion] |
Latest revision as of 18:11, 21 July 2013
Return to Periodic Table Working View
Denial of Service (Application Based)
Root Cause Summary
The root cause of an Application Based denial of service is when an attacker uses/exhausts/depletes all of the resources (such as bandwidth, database connections, disk storage, CPU, memory, threads, or application specific resources) on a system preventing legitimate users from using the system. To prevent depletion of resources the application must restrict the size or amount of resources that are requested or used.
Browser / Standards Solution
None
Perimeter Solution
Perimeter anti-automation for application-based DoS is identical to Generic Brute Force.
Generic Framework Solution
None
Custom Framework Solution
None
Custom Code Solution
Profile resource-dependent transactions and build transaction queues and alerting when queues reach thresholds. Enforce transaction-based rate limits.
Discussion / Controversy
Denial of service vulnerabilities have other names including “resource exhaustion” and “resource depletion” and there are other types of denial of service attacks different from application including network and connection based.
References
OWASP - Application Denial of Service
CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')