An algorithmic complexity attack (ACA) is a form of attack in which an attacker sends a pattern of requests to a computer system that triggers the worst-case performance of the algorithms it uses. In turn, this may exhaust the resources the system uses. Examples of such attacks include ReDOS, zip bombs and exponential entity expansion attacks.
References
- Crosby, Scott A.; Wallach, Dan S. (2003). "Denial of Service via Algorithmic Complexity Attacks". Proceedings of the 12th USENIX Security Symposium.
- "Regular expression Denial of Service - ReDoS | OWASP Foundation". owasp.org. Retrieved 2023-10-17.
Related works
- Grechishnikov, E V; Dobryshin, M M; Kochedykov, S S; Novoselcev, V I (April 2019). "Algorithmic model of functioning of the system to detect and counter cyber attacks on virtual private network". Journal of Physics: Conference Series. 1203 (1): 012064. Bibcode:2019JPhCS1203a2064G. doi:10.1088/1742-6596/1203/1/012064. S2CID 149475216. ProQuest 2566108871.
- Afek, Yehuda; Bremler-Barr, Anat; Harchol, Yotam; Hay, David; Koral, Yaron (December 2016). "Making DPI Engines Resilient to Algorithmic Complexity Attacks". IEEE/ACM Transactions on Networking. 24 (6): 3262–3275. doi:10.1109/TNET.2016.2518712. S2CID 14522075.
- Vahidi, Ardalan. “Crowdsourcing Phase and Timing of Pre-Timed Traffic Signals in the Presence of Queues: Algorithms and Back-End System Architecture.” Ieeexplore, 1 Nov. 2019, https://ieeexplore.ieee.org/abstract/document/7323843.
- Kiner, Emil, and Satya Konduru. “How Google Cloud Blocked the Largest Layer 7 DDoS Attack yet, 46 Million Rps.” Google Cloud Blog, 18 Aug. 2022, cloud.google.com/blog/products/identity-security/how-google-cloud-blocked-largest-layer-7-ddos-attack-at-46-million-rps.
 | This computer security article is a stub. You can help Misplaced Pages by expanding it. |