OWASP Automated Threats - OAT-015 Denial of Service

Introduction:

In this OWASP Automated Threat Article we'll be highlighting OAT-015 Denial of Service  with some basic threat information as well as a recorded demo to dive into the concepts deeper. In our demo we'll explain how adversaries use DoS to impact applications and how a layered approach is what is required to protect your applications. We'll wrap it up by highlighting F5 Distributed Cloud Services to show how we solve this problem for our customers.

DoS Description:

Usage may resemble legitimate application usage, but leads to exhaustion of resources such as file system, memory, processes, threads, CPU, and human or financial resources. The resources might be related to web, application or databases servers or other services supporting the application, such as third party APIs, included third-party hosted content, or content delivery networks (CDNs). The application may be affected as a whole, or the attack may be against individual users such as account lockout.

OWASP Automated Threat (OAT) Identity Number

OAT-015

Threat Event Name

Denial of Service

Summary Defining Characteristics

Target resources of the application and database servers, or individual user accounts, to achieve denial of service (DoS).

OAT-015 Attack Demographics:

 

Sectors Targeted Parties Affected Data Commonly Misused Other Names and Examples Possible Symptoms
Entertainment Few Individual Users   Account Lockout

Spikes in CPU, memory, network utilization

Financial Application Owner   App layer DDoS

Unavailability of application

Retail Many Users   Forced Deadlock

Rise in user account lockouts

Government        
Technology       Resource Depletion
Social Networking        

 

Dos Presentation:

In this presentation we will be discussing how attackers leverage automation to execute sDos against applications.  These attacks may be intentional or unintentional, however the consequences are the same. We'll then show you how to quickly protect your application with F5 Distributed Cloud Bot Defense.

 

In Conclusion:

DoS continues to be used to target adveraries and competitors.  This can be scraping that is triggered too many times or something like a well crafted resource intensive SQL query. It is very preventable if appropriate anti-automation controls are put into place.

OWASP Links

F5 Related Content

Updated Apr 27, 2023
Version 2.0
No CommentsBe the first to comment