CAPEC-125: Flooding

Flooding

状态:Stable

Typical_Severify: Medium

攻击可能性:High

描述

An adversary consumes the resources of a target by rapidly engaging in a large number of interactions with the target. This type of attack generally exposes a weakness in rate limiting or flow. When successful this attack prevents legitimate users from accessing the service and can cause the target to crash. This attack differs from resource depletion through leaks or allocations in that the latter attacks do not rely on the volume of requests made to the target but instead focus on manipulation of the target's operations. The key factor in a flooding attack is the number of requests the adversary can make in a given period of time. The greater this number, the more likely an attack is to succeed against a given target.

相关攻击模式

ParentOf: CAPEC-482 | TCP Flood

ParentOf: CAPEC-486 | UDP Flood

ParentOf: CAPEC-487 | ICMP Flood

ParentOf: CAPEC-488 | HTTP Flood

ParentOf: CAPEC-489 | SSL Flood

ParentOf: CAPEC-490 | Amplification

ParentOf: CAPEC-528 | XML Flood

前置条件

Any target that services requests is vulnerable to this attack on some level of scale.

所需资源

A script or program capable of generating more requests than the target can handle, or a network or cluster of objects all capable of making simultaneous requests.

后果

Scope Impact Likelihood
A v a i l a b i l i t y ['Unreliable Execution', 'Resource Consumption']

缓解措施

Ensure that protocols have specific limits of scale configured.

Specify expectations for capabilities and dictate which behaviors are acceptable when resource allocation reaches limits.

Uniformly throttle all requests in order to make it more difficult to consume resources more quickly than they can again be freed.

实例

相关CWE

404 | 不恰当的资源关闭或释放

770 | 不加限制或调节的资源分配

内容历史记录

提交

2014-06-23 | CAPEC Content Team | The MITRE Corporation

修改

2017-05-01 | CAPEC Content Team | The MITRE Corporation

Updated Activation_Zone, Attack_Motivation-Consequences, Description Summary, Injection_Vector, Payload, Payload_Activation_Impact, Solutions_and_Mitigations, Typical_Likelihood_of_Exploit