Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CAPEC-125:Flooding
Attack Pattern ID:125
Version:v3.9
Attack Pattern Name:Flooding
Abstraction:Meta
Status:Stable
Likelihood of Attack:High
Typical Severity:Medium
DetailsContent HistoryRelated WeaknessesReports
▼Description
An adversary consumes the resources of a target by rapidly engaging in a large number of interactions with the target. This type of attack generally exposes a weakness in rate limiting or flow. When successful this attack prevents legitimate users from accessing the service and can cause the target to crash. This attack differs from resource depletion through leaks or allocations in that the latter attacks do not rely on the volume of requests made to the target but instead focus on manipulation of the target's operations. The key factor in a flooding attack is the number of requests the adversary can make in a given period of time. The greater this number, the more likely an attack is to succeed against a given target.
▼Extended Description
▼Alternate Terms
▼Relationships
NatureTypeIDName
ParentOfS482TCP Flood
ParentOfS486UDP Flood
ParentOfS487ICMP Flood
ParentOfS488HTTP Flood
ParentOfS489SSL Flood
ParentOfS490Amplification
ParentOfS528XML Flood
ParentOfS666BlueSmacking
Nature: ParentOf
Type: Standard
ID: 482
Name: TCP Flood
Nature: ParentOf
Type: Standard
ID: 486
Name: UDP Flood
Nature: ParentOf
Type: Standard
ID: 487
Name: ICMP Flood
Nature: ParentOf
Type: Standard
ID: 488
Name: HTTP Flood
Nature: ParentOf
Type: Standard
ID: 489
Name: SSL Flood
Nature: ParentOf
Type: Standard
ID: 490
Name: Amplification
Nature: ParentOf
Type: Standard
ID: 528
Name: XML Flood
Nature: ParentOf
Type: Standard
ID: 666
Name: BlueSmacking
▼Execution Flow
▼Prerequisites
Any target that services requests is vulnerable to this attack on some level of scale.
▼Skills Required
▼Resources Required
A script or program capable of generating more requests than the target can handle, or a network or cluster of objects all capable of making simultaneous requests.
▼Indicators
▼Consequences
ScopeLikelihoodImpactNote
AvailabilityN/AUnreliable ExecutionResource ConsumptionA successful flooding attack compromises the availability of the target system's service by exhausting its available resources.
Scope: Availability
Likelihood: N/A
Impact: Unreliable Execution, Resource Consumption
Note: A successful flooding attack compromises the availability of the target system's service by exhausting its available resources.
▼Mitigations
Ensure that protocols have specific limits of scale configured.
Specify expectations for capabilities and dictate which behaviors are acceptable when resource allocation reaches limits.
Uniformly throttle all requests in order to make it more difficult to consume resources more quickly than they can again be freed.
▼Example Instances
▼Related Weaknesses
IDName
CWE-404Improper Resource Shutdown or Release
CWE-770Allocation of Resources Without Limits or Throttling
ID: CWE-404
Name: Improper Resource Shutdown or Release
ID: CWE-770
Name: Allocation of Resources Without Limits or Throttling
▼Taxonomy Mappings
Taxonomy NameEntry IDEntry Name
ATTACK1498.001Network Denial of Service: Direct Network Flood
ATTACK1499Endpoint Denial of Service
WASC10Denial of Service
OWASP AttacksN/ATraffic flood
Taxonomy Name: ATTACK
Entry ID: 1498.001
Entry Name: Network Denial of Service: Direct Network Flood
Taxonomy Name: ATTACK
Entry ID: 1499
Entry Name: Endpoint Denial of Service
Taxonomy Name: WASC
Entry ID: 10
Entry Name: Denial of Service
Taxonomy Name: OWASP Attacks
Entry ID: N/A
Entry Name: Traffic flood
▼Notes
▼References
Details not found