Dailydave mailing list archives

Re: Algorithmic Bugs

From: Matt Beaumont <mattb () cs ucla edu>
Date: Wed, 10 Jan 2007 12:51:48 -0800

On Wed, Jan 10, 2007 at 12:37:11 -0500, Dave Aitel wrote:

You can send a remarkably small stream of data at a NIDS and cause it
to go to 100% CPU and stop doing analysis if you send the RIGHT stream
of data.


The canonical paper is Rice and Wallach's "Denial of Service via Algorithmic
Complexity Attacks" [1], from USENIX Security '03. They also have a page [2]
with some followup work identifying specific vulnerabilities.

Cheers,
Matt

[1] http://www.cs.rice.edu/~scrosby/hash/CrosbyWallach_UsenixSec2003.pdf
[2] http://www.cs.rice.edu/~scrosby/hash/
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Algorithmic Bugs Dave Aitel (Jan 10)
- Re: Algorithmic Bugs Randy Smith (Jan 10)
- Re: Algorithmic Bugs Thomas Ptacek (Jan 10)
  - Re: Algorithmic Bugs Randy Smith (Jan 10)
    - Re: Algorithmic Bugs Matt (Jan 10)
- Re: Algorithmic Bugs Matt Beaumont (Jan 10)
- <Possible follow-ups>
- Re: Algorithmic Bugs Steven M. Christey (Jan 10)