Universidade de Lisboa
Systems connected to the Internet are highly susceptible to denial of service attacks that can compromise service availability, causing damage to customers and providers. Due to errors at the design or coding phases, particular client-server interactions can consume much more resources than necessary easing its exploitation. To address this issue we propose a new methodology for the detection and identification of local resource exhaustion vulnerabilities. The methodology also gives a prediction on the necessary effort to exploit a specific vulnerability, useful to support decisions regarding the configuration of a system in order to sustain a certain attack magnitude. The methodology was implemented in a tool called PREDATOR that is able to automatically generate malicious traffic and to perform post-processing analysis to build accurate resource usage projections on a given target server. The validity of the approach was demonstrated with several synthetic programs and well-known DNS servers.