A prevention model for algorithmic complexity attacks

Abstract

Denial of Service (DoS) attack has been identified in security surveys as the second largest cause of monetary loss. Hence, DoS is a very important problem that needs to be dealt with seriously. Many DoS attacks are conducted by generating extremely high rate traffic; these are classified as flooding attacks. Other DoS attacks, which are caused by resource consumption, belong to the so-called logic attacks category, one such example is algorithmic complexity attack. Complexity attacks generate traffic containing data, which exploits the working principle of the algorithms running on a machine. In such an attack, a request imposes worst-case execution time on a resource and repeatedly reuses the same resource for further services. In this paper, we propose a regression analysis based model that can prevent algorithmic complexity attacks. We demonstrate our model on quick-sort algorithm. © Springer-Verlag Berlin Heidelberg 2005.