Denial of Service via Algorithmic Complexity

Posted by michael on Saturday May 31, 2003 @11:56AM from the advanced-topics dept.

dss902 writes "We (Department of Computer Science, Rice University) present a new class of low-bandwidth denial of service attacks that exploit algorithmic deficiencies in many common applications' data structures... Using bandwidth less than a typical dialup modem, we can bring a dedicated Bro server to its knees; after six minutes of carefully chosen packets, our Bro server was dropping as much as 71% of its traffic and consuming all of its CPU. We show how modern universal hashing techniques can yield performance comparable to commonplace hash functions while being provably secure against these attacks."

1 of 257 comments (clear)

Min score:

Reason:

Sort:

Re:Is it just me..? by fadeaway · 2003-05-31 12:18 · Score: 0, Flamebait

How about if they are researching computer security?

Fine. Identify the problem, come up with a solution, then release THAT to the public.. at the very least to render yourself immune from any future legal reprocussions, however misguided they may be.

If I discovered a new poison that could be easily replicated with over the counter products, do I protect the public by releasing the recipie for it, or for the antidote?