Assessment of a vulnerability in iterative servers enabling low-rate DoS attacks

Gabriel Maciá-Fernández; Jesús Esteban Díaz Verdejo; Pedro García-Teodoro

Abstract:

In this work, a vulnerability in iterative servers is described and exploited. The vulnerability is related to the possibility of acquiring some statistics about the time between two consecutive service responses generated by the server under the condition that the server has always requests to serve. By exploiting this knowledge, an intruder is able to carry out a DoS attack characterized by a relatively low-rate traffic destined to the server. Besides the presentation of the vulnerability, an implementation of the attack has been simulated and tested in a real environment. The results obtained show an important impact in the performance of the service provided by the server to legitimate users (DoS attack) while a low effort, in terms of volume of generated traffic, is necessary for the attacker. Besides, this attack compares favourably with a naive (bruteforce) attack with the same traffic rate. Therefore, the proposed attack would easily pass through most of current IDSs, designed to detect high volumes of traffic.

Research areas:

• Ethical hacking and digital forensics

Year:

2006

Type of Publication:

Article

Journal:

Lect. Notes in Computer Science

Volume:

4189

Number:

512-526

ISSN:

0302-9743