OWASP Periodic Table of Vulnerabilities - Denial of Service (Application Based)

Return to Periodic Table Working View

Root Cause Summary
The root cause of an Application Based denial of service is when an attacker uses/exhausts/depletes all of the resources (such as bandwidth, database connections, disk storage, CPU, memory, threads, or application specific resources) on a system preventing legitimate users from using the system. To prevent depletion of resources the application must restrict the size or amount of resources that are requested or used.

Browser / Standards Solution
None

Perimeter Solution
Perimeter anti-automation for application-based DoS is identical to Generic Brute Force.

Generic Framework Solution
None

Custom Framework Solution
None

Custom Code Solution
Profile resource-dependent transactions and build transaction queues and alerting when queues reach thresholds. Enforce transaction-based rate limits.

Discussion / Controversy
Denial of service vulnerabilities have other names including “resource exhaustion” and “resource depletion” and there are other types of denial of service attacks different from application including network and connection based.