Finding Local Resource Exhaustion Vulnerabilities

Computer systems connected to the Internet are highly susceptible to hackers that can compromise the service availability through denial of service attacks, causing damage to customers and service providers. Our work focuses on using the attack injection methodology with some advanced monitoring capabilities to detect and identify local resource exhaustion vulnerabilities. It goes even further by providing valuable insight about the effort necessary for an attacker to exploit them and for the target system to be able to sustain the attacks.

[1]  Barton P. Miller,et al.  An empirical study of the reliability of UNIX utilities , 1990, Commun. ACM.

[2]  Jean Arlat,et al.  Fault injection for dependability validation of fault-tolerant computing systems , 1989, [1989] The Nineteenth International Symposium on Fault-Tolerant Computing. Digest of Papers.

[3]  Henrique Madeira,et al.  Xception: Software Fault Injection and Monitoring in Processor Functional Units1 , 1995 .

[4]  Miguel Correia,et al.  Using Attack Injection to Discover New Vulnerabilities , 2006, International Conference on Dependable Systems and Networks (DSN'06).

[5]  Ravishankar K. Iyer,et al.  Measuring Fault Tolerance with the FTAPE Fault Injection Tool , 1995, MMB.