Slashdot Mirror


Denial of Service via Algorithmic Complexity

dss902 writes "We (Department of Computer Science, Rice University) present a new class of low-bandwidth denial of service attacks that exploit algorithmic deficiencies in many common applications' data structures... Using bandwidth less than a typical dialup modem, we can bring a dedicated Bro server to its knees; after six minutes of carefully chosen packets, our Bro server was dropping as much as 71% of its traffic and consuming all of its CPU. We show how modern universal hashing techniques can yield performance comparable to commonplace hash functions while being provably secure against these attacks."

10 of 257 comments (clear)

  1. Denial of service? by cperciva · · Score: 4, Funny

    They claim to present a new method of low-bandwidth denial of service attack, but it looks like they're demonstrating quite an old, high-bandwidth, denial of service.

    1. Re:Denial of service? by SiMac · · Score: 5, Funny

      I think he means with the slashdotting.

  2. duh... by Anonymous Coward · · Score: 5, Funny

    you can use a modem to post a slashdot article with a link to the target computer...

  3. DOS attack by IO+ERROR · · Score: 4, Funny
    And by posting our links on /. we can bring our departmental WWW server to its knees with a single HTTP POST request.

    Anyone got mirrors yet?

    --
    How am I supposed to fit a pithy, relevant quote into 120 characters?
  4. Is it just me..? by fadeaway · · Score: 4, Funny

    This doesn't sit well with me. Should students at a University be studying, developing, and releasing improved methods with which to launch DOS attacks..?

  5. It's not a Bro by St.+Vitus · · Score: 4, Funny

    It's a Mansierre!

  6. Say what? by Znonymous+Coward · · Score: 4, Funny

    ...we can bring a dedicated _Bro_ server to its knees...

    Why they always trin' to bring the black man down?

    --

    Karma: The shiznight, mostly because I am the Drizzle.

  7. Re:Same Content / Two Links by hazem · · Score: 5, Funny

    You must be theonly slashdot reader who actually reads the articles. The submitter must have figured he would get away with it!

  8. glib example by spoonist · · Score: 5, Funny

    I skimmed the Project Page and aren't a couple of the examples awefully obvious?

    The following one line of code brings every UNIX system I've run it on TO ITS KNEES WITHIN MINUTES!! This is a major vulnerability in EVERY UNIX system! Something must be done!

    main() { while (1) if (fork() == 0) while(1); }
  9. Thankfully I�m really really stupid by Anonymous Coward · · Score: 5, Funny

    My brain is resistant to attacks using algorithmic complexity