OWASP Automated Threats - OAT-015 Denial of Service
Introduction:
In this OWASP Automated Threat Article we'll be highlighting OAT-015 Denial of Service with some basic threat information as well as a recorded demo to dive into the concepts deeper. In our demo we'll explain how adversaries use DoS to impact applications and how a layered approach is what is required to protect your applications. We'll wrap it up by highlighting F5 Distributed Cloud Services to show how we solve this problem for our customers.
DoS Description:
Usage may resemble legitimate application usage, but leads to exhaustion of resources such as file system, memory, processes, threads, CPU, and human or financial resources. The resources might be related to web, application or databases servers or other services supporting the application, such as third party APIs, included third-party hosted content, or content delivery networks (CDNs). The application may be affected as a whole, or the attack may be against individual users such as account lockout.
OWASP Automated Threat (OAT) Identity Number
Threat Event Name
Denial of Service
Summary Defining Characteristics
Target resources of the application and database servers, or individual user accounts, to achieve denial of service (DoS).
OAT-015 Attack Demographics:
Sectors Targeted | Parties Affected | Data Commonly Misused | Other Names and Examples | Possible Symptoms |
Entertainment | Few Individual Users | Account Lockout |
Spikes in CPU, memory, network utilization |
|
Financial | Application Owner | App layer DDoS |
Unavailability of application |
|
Retail | Many Users | Forced Deadlock |
Rise in user account lockouts |
|
Government | ||||
Technology | Resource Depletion | |||
Social Networking |
Dos Presentation:
In this presentation we will be discussing how attackers leverage automation to execute sDos against applications. These attacks may be intentional or unintentional, however the consequences are the same. We'll then show you how to quickly protect your application with F5 Distributed Cloud Bot Defense.
In Conclusion:
DoS continues to be used to target adveraries and competitors. This can be scraping that is triggered too many times or something like a well crafted resource intensive SQL query. It is very preventable if appropriate anti-automation controls are put into place.
OWASP Links
- OWASP Automated Threats to Web Applications Home Page
- OWASP Automated Threats Identification Chart
- OWASP Automated Threats to Web Applications Handbook
F5 Related Content
- F5 Bot Defense Solutions
- The OWASP Automated Threats Project
- OWASP Automated Threats - CAPTCHA Defeat (OAT-009)
- OWASP Automated Threats - OAT-014 Vulnerability Scanning
- Operationlizing Online Fraud Detection, Prevention, and Response
- JavaScript Supply Chains, Magecart, and F5 XC Client-Side Defense (Demo)
- How Attacks Evolve From Bots to Fraud Part: 1
- How Attacks Evolve From Bots to Fraud Part: 2
- F5 Distributed Cloud Bot Defense