DocumentCode :
1727582
Title :
Detection and Prediction of Resource-Exhaustion Vulnerabilities
Author :
Antunes, João ; Neves, Nuno Ferreira ; Verissimo, P.J.
Author_Institution :
Fac. of Sci., Univ. of Lisboa, Lisbon
fYear :
2008
Firstpage :
87
Lastpage :
96
Abstract :
Systems connected to the Internet are highly susceptible to denial-of-service attacks that can compromise service availability, causing damage to customers and providers. Due to errors in the design or coding phases, particular client-server interactions can be made to consume much more resources than necessary easing the success of this kind of attack.To address this issue we propose a new methodology for the detection and identification of local resource-exhaustion vulnerabilities. The methodology also gives a prediction on the necessary effort to exploit a specific vulnerability, useful to support decisions regarding the configuration of a system, in order to sustain a certain attack magnitude.The methodology was implemented in a tool called PREDATOR that is able to automatically generate malicious traffic and to perform post-processing analysis to build accurate resource usage projections on a given target server.The validity of the approach was demonstrated with several synthetic programs and well-known DNS servers.
Keywords :
Internet; client-server systems; security of data; telecommunication traffic; DNS servers; Internet; PREDATOR; attack magnitude; client-server interactions; denial-of-service attacks; local resource-exhaustion vulnerability; malicious traffic; post-processing analysis; resource usage projections; service availability; target server; Availability; Bandwidth; Computer crime; Delay effects; Network servers; Performance analysis; Reliability engineering; Software design; Software reliability; Web and internet services; attack injection; denial-of-service; resource-exhaustion vulnerabilities; vulnerability detection;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Software Reliability Engineering, 2008. ISSRE 2008. 19th International Symposium on
Conference_Location :
Seattle, WA
ISSN :
1071-9458
Print_ISBN :
978-0-7695-3405-3
Electronic_ISBN :
1071-9458
Type :
conf
DOI :
10.1109/ISSRE.2008.47
Filename :
4700313
Link To Document :
بازگشت