Skip to main content
SpringerLink
Log in

A Prevention Model for Algorithmic Complexity Attacks

  • Conference paper
Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3548))

Abstract

Denial of Service (DoS) attack has been identified in security surveys as the second largest cause of monetary loss. Hence, DoS is a very important problem that needs to be dealt with seriously. Many DoS attacks are conducted by generating extremely high rate traffic; these are classified as flooding attacks. Other DoS attacks, which are caused by resource consumption, belong to the so-called logic attacks category, one such example is algorithmic complexity attack. Complexity attacks generate traffic containing data, which exploits the working principle of the algorithms running on a machine. In such an attack, a request imposes worst-case execution time on a resource and repeatedly re-uses the same resource for further services. In this paper, we propose a regression analysis based model that can prevent algorithmic complexity attacks. We demonstrate our model on quick-sort algorithm.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Crosby, S.A., Wallach, D.S.: Denial of Service via Algorithmic Complexity Attacks. In: 12th USENIX Security Symposium (August 2003)

    Google Scholar 

  2. Mcilroy, M.D.: A Killer Adversary for Quicksort. Software –Practice and Experience 29, 1–4 (1999)

    Article  Google Scholar 

  3. Gligor, V.D.: A note on the denial-of-service problem. In: IEEE Symposium on Security and Privacy, pp. 139–149 (1983)

    Google Scholar 

  4. Gal, A., Probst, C.W., Franz, M.: Complexity-Based Denial-of-Service Attacks on Mobile Code Systems. ICS technical report 04-09, department of Computer Science, University of California, Irvine

    Google Scholar 

  5. Czajkowski, G., Eicken, T.V.: JRes: A Resource Accounting Interface for Java. In: Proceedings of the 1998 ACM OOPSLA Conference, Vancouver, BC (October 1998)

    Google Scholar 

  6. Spatscheck, O., Peterson, L.: Defending against denial-of-service attacks in Scout. In: Proceedings of the 1999 USENIX/ACM Symposium on Operating System Design and Implementation (February 1999)

    Google Scholar 

  7. Fisk, M., Varghese, G.: Fast Content-Based Packet Handling for Intrusion Detection. Technical Report, UCSD Computer Science and Engineering, CS2001-0670 (May 7, 2001)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Electrical and Computer Engineering, University of Victoria,STN CSC, PO Box 3055, Victoria, BC, V8W 3P6, Canada

    Suraiya Khan & Issa Traore

Authors
  1. Suraiya Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Issa Traore
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. IBM Research GmbH, Säumerstr. 4, 8803, Rüschlikon, Switzerland

    Klaus Julisch

  2. Secure Systems Lab, Technical University of Vienna, 1040, Vienna, Austria

    Christopher Kruegel

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Khan, S., Traore, I. (2005). A Prevention Model for Algorithmic Complexity Attacks. In: Julisch, K., Kruegel, C. (eds) Detection of Intrusions and Malware, and Vulnerability Assessment. DIMVA 2005. Lecture Notes in Computer Science, vol 3548. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11506881_10

Download citation

  • DOI: https://doi.org/10.1007/11506881_10

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-26613-6

  • Online ISBN: 978-3-540-31645-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation