Denial of Service via Algorithmic Complexity

dss902 writes "We (Department of Computer Science, Rice University) present a new class of low-bandwidth denial of service attacks that exploit algorithmic deficiencies in many common applications' data structures... Using bandwidth less than a typical dialup modem, we can bring a dedicated Bro server to its knees; after six minutes of carefully chosen packets, our Bro server was dropping as much as 71% of its traffic and consuming all of its CPU. We show how modern universal hashing techniques can yield performance comparable to commonplace hash functions while being provably secure against these attacks."

Same Content / Two Links

[Zach+Garner]

I hate to ruin it for everyone, but the second link has the same content as the first, only in PDF format.

Re:Same Content / Two Links

[hazem]

You must be theonly slashdot reader who actually reads the articles. The submitter must have figured he would get away with it!

I've seen this before

[jeffy124]

Several years ago Apache had a function that ran in O(n^2) time, and a HTTP GET request was capable of throwing that function into taking a very long time to process, making it easy to DoS an Apache httpd. The interesting part is that the same function could have been done in O(n) time, but wasnt. The Apache team fixed this by substituting the O(n) algorithm.

Re:I've seen this before

[weezel]

I also remember that problem with Apache. Here's the report and the code change involved for that particular bug.

Re:I've seen this before

[kazad]

For those too lazy to click:

Problem: remove excess slashes from a URL, so /d1///d2////d3/test.html becomes /d1/d2/d3/test.html

Original Algorithm:

If an additional slash is found, copy the remainder of the string over. So

a///b => a//b => a/b

This copying, an inner loop, makes the algorithm O(n^2).

New algorithm:

Have 2 pointers, and copy from one to the other. One pointer skips additional slashes. At the end, throw on a "\0" to terminate the string.

a///b => a/b

The second pointer has a loop to skip over additional slashes, and each slash is only visited once. Thus, the algorithm is O(n).

Cool stuff ... imagine an input like

a///...{500 slashes later}...///b

It could really do some damage to the first algorithm.

duh...

you can use a modem to post a slashdot article with a link to the target computer...

The project page (the one with the details)

[Convergence]

The project page is http://www.cs.rice.edu/~scrosby/hash/ and actually has details about individual vulnerable applications and test files for several systems. (And is kinder on the server for those who don't want to download the whole paper.)

I hope this isn't news to anyone...

[cperciva]

Basically, the paper says this: If you have a hash table into which attackers can insert arbitrary keys, you'd better be using a hash function for which they cannot easily generate collisions.

I don't know if anyone has *published* this before, but it's certainly not new.

Re:I hope this isn't news to anyone...

[KrispyKringle]

It's obvious that there is already plenty of incentive to use a good hash function simply to improve performance, even if people didn't worry about intentional DOS attacks. And of course, using a better hash function is not a solution to the attack per se, any more than getting a fatter pipe is a solution to a traditional DDOS.

The issue is that even the best hash functions perform worse under very specific circumstances, i.e. high numbers of hash collisions. An earlier poster mentioned quicksort; the quicksort algorithm, while being the most (or one of the most) efficient sorting algorithms, is extremely inefficient if given an ordered set already. Obviously, a check can be added to make sure you are not sorting an already sorted algorithm.

Presumably, the same could be done for hash functions, in which, by having a bunch of different hash functions available, the software could revert to an alternate if the primary function appeared to be generating way too many collisions. Just because people hadn't thought about this much or designed software to cope doesn't mean it would be very hard to prevent against.

Re:This just proves that a little finesse still be

[bobthemonkey13]

I agree that DoS attacks are really lame, but at least this is fairly complex and has some interesting technological implications. Most DoS attacks are just floods of packets, and can't really be defended against. This attack can be prevented, and maybe will help improve security in other ways. I'd rather see 10 people who can pull off a preventable algorithmic complexity attack than 10,000 who just packet a server to death. People will write tools, but they'll still remain too hard for moron DDoSer script kiddies to pull off.

Mirror mirror on the wall

[Adam9]

Since you asked nicely..

This is the HTML version (with lots of images not mirrored, sorry) and this is the PDF version.

If the PDF starts hogging the pipe, don't be surprised if it gets symlinked to the HTML version.

Re:Is it just me..?

well, maybe they're figuring out how to fix them. Would you rather a University figuring out how to do it, or some random black hat/chinese hacker?

With this information it shouldn't be too big of a deal to redesign the software to not be vulnerable anymore.

What they did is little more than algorithm analysis. They looked at all the different links in the chain then merely decided which algorithms were the weakest links and exploited them.

This is good because we can now fix those. Robustness abound.

Credits

[alain1234]

Reading the paper which begins with "We present a new class of ..." it sounds like these students discovered a new concept from nowhere.
Maybe their genius has been triggered by the recent advisory about a DOS exploiting hash collisions in netfilter.
They analyzed some softwares but no word about this known vulnerability. Still a good summary but not a discovery.

Re:Credits

We cite Florian's attack in the paper, predate it by several months. And, had you read the actual advisory, you'd already have seen our paper, we're on his highly reccomended reading list on his advisory for the last 2 weeks.

Scott

Re:Credits

[The+Madpostal+Worker]

If you scroll down to the bottom of the advisory you'll see a link to orginal advisory. Here's the begining of the message:

List: linux-kernel
Subject: Route cache performance under stress
From: Florian Weimer <fw () deneb ! enyo ! de>
Date: 2003-04-05 16:37:43
Please read the following paper:

<http://www.cs.rice.edu/~scrosby/tr/HashAttack.pdf >

Then look at the 2.4 route cache implementation.

Short summary: It is possible to freeze machines with 1 GB of RAM and more with a stream of 400 packets per second with carefully chosen source addresses. Not good.

It seems the advisory stems from the paper, not the other way around.

Bugtraq Post

Hello. This is to announce a new class of attack which we have named 'Algorithmic Complexity Attack'. These attacks can perform denial of service and/or cause the victim to consume more CPU time than expected. We have a website for our research paper and project and tentative source code illustrating the solution, universal hashing, available at http://www.cs.rice.edu/~scrosby/hash/

They exploit the difference between 'typical case' behavior versus worst-case behavior. For instance, in a hash table, the performance is usually O(1) for all operations. However in an adversarial environment, the attacker constructs carefully chosen input such that large number of 'hash collisions' occur. Suitable collisions can be computed even when the attacker is limited to as little as 48 or 32 bits.

These attacks can occur over a very wide gamut of software, with impacts ranging from devestating to innocious.

We have studied and found the following applications possibly vulnerable to a greater or lesser degree:

• Mozilla 1.3.1
• DJBDNS 1.05
• TCL 8.4.3
• GLIB 2.2.1
• Python 2.3b1

For the last two, we have a tentative attack file, but have not constructed a test program to confirm the attack.

We have constructed attacks and confirmed the degradation on these:

• Perl 5.6.1
• Perl 5.8.0
• Linux 2.4.20 directory cache (dcache)
• Squid 2.5STABLE1
• Bro IDS 0.8a20

Also related is the recent linux 2.4.20 route cache attack by Florian Weimer. David Miller is working on a patch that fixes other similar issues in other places of the networking stack.

Our paper discusses a new class of denial of service attacks that work by exploiting the difference between average case performance and worst-case performance. In an adversarial environment, the data structures used by an application may be forced to experience their worst case performance. For instance, hash tables are usually thought of as being constant time operations, but with large numbers of collisions will degrade to a linked list and may lead to a 100-10,000 times performance degradation. Because of the widespread use of hash tables, the potential for attack is extremely widespread. Fortunately, in many cases, other limits on the system limit the impact of these attacks.

To be attackable, an application must have a deterministic or predictable hash function and accept untrusted input. In general, for the attack to be signifigant, the applications must be willing and able to accept hundreds to tens of thousands of 'attack inputs'. Because of that requirement, it is difficult to judge the impact of these attack without knowing the source code extremely well, and knowing all ways in which a program is used.

The solution for these attacks on hash tables is to make the hash function unpredictable via a technique known as universal hashing. Universal hashing is a keyed hash function where, based on the key, one of a large set hash functions is chosen. When benchmarking, we observe that for short or medium length inputs, it is comparable in performance to simple predictable hash functions such as the ones in Python or Perl.

I highly advise using a universal hashing library, either our own or someone elses. As is historically seen, it is very easy to make silly mistakes when attempting to implement your own 'secure' algorithm.

The abstract, paper, and a library implementing universal hashing is available at http://www.cs.rice.edu/~scrosby/hash/.

Scott

** Affected Products: Extremely widespread. Confirmed vulnerable applications include Perl, the Linux kernel, the Bro IDS, and the Squid HTTP proxy cache. Although unconfirmed, vulnerablities appear to be in the GLIB utility library, the OpenBSD kernel, DJBDNS cache, TCL, Python, and Mozilla.

We conjecture that many implementations of hash tables in both closed source and open source software, unless specifically designed to be immune, may be subject to attack. It is likely

glib example

[spoonist]

I skimmed the Project Page and aren't a couple of the examples awefully obvious?

The following one line of code brings every UNIX system I've run it on TO ITS KNEES WITHIN MINUTES!! This is a major vulnerability in EVERY UNIX system! Something must be done!

main() { while (1) if (fork() == 0) while(1); }

Re:Denial of service?

[SiMac]

I think he means with the slashdotting.

Thankfully I�m really really stupid

My brain is resistant to attacks using algorithmic complexity