Denial of Services (DoS) attacks aimed at disrupting network services range
from simple bandwidth exhaustion attacks and those targeted at flaws in commercial
software to complex distributed attacks exploiting specific COTS software flaws.
These types of attack are not new and have been used to devastating effect to
prevent normal operation of the victim sites. Historically, these attacks by
hacktivists and extortionists alike have targeted companies as diverse as eBay
and Microsoft, the RIAA and SCO, and a plethora of online gambling companies.
Attackers have not, as yet, exploited the full range of vulnerabilities present
in many online services - particularly attacks aimed at the application and
data processing layer. With the rise of increasingly targeted and motivated
attacks and attackers, these application level DoS attacks will inevitably be
exploited for nefarious gains.
This paper gives an insight into application level Dos attacks and draws conclusions
This paper is in pdf format. To
view it click here.