OWASP Automated Threat (OAT– 015) Denial of Service

Denial of Service – Target resources of the application and database servers or individual user accounts, to achieve denial of service (DoS)

What is Denial of Service?

Denial of Service is an online security threat in which attacker aims to make systems, applications or networks unavailable to their intended users by temporarily or indefinitely disrupting the services of a host connected to the internet.

Usage may resemble legitimate application usage but leads to exhaustion of resources such as file system, memory, processes, threads, CPU, and human or financial resources. The resources might be related to web, application or databases servers or other services supporting the application, such as third-party APIs, included third-party hosted content, or content delivery networks. The application may be affected as a whole, or the attack may be against individual users such as account lockout.

Denial of Service is usually achieved by flooding the targeted resource with superfluous requests in an attempt to overload systems and block some/all requests from being fulfilled. These attacks are characterized by an attempt to prevent legitimate users of a service from using that service.

In such cases, the incoming traffic can originate from various sources, possibly thousands or more which effectively makes it impossible to stop the attack by blocking a single IP address. There are two main types of Denial of Service (DoS), those that crash services and those that flood them. With distributed DoS (DDoS) attacks, an attacker uses more than one unique IP address.

Denial of Service is also known by the terms such as account lockout, App layer DDoS, asymmetric resource consumption, business logic DDoS, cash overflow, forced deadlock, hash DoS, inefficient code, indexer DoS, large files DoS, resource depletion, locking or exhaustion and sustained client engagement.

The Symptoms of Denial of Service

OWASP, the worldwide not-for-profit charitable organization focused on improving the security of software, notes that there are several possible symptoms of denial of service. These include,

  1. Spikes in CPU, memory and network utilization

  2. Unavailability of part or all of the application

  3. A rise in user account lockouts

  4. Increase in complaints about poor performance

  5. Reduced website performance and service degradation

Sectors Targeted by Denial of Service

Denial of service attacks is aimed at a variety of industries including entertainment, financial, government, retail, technology and social networking industries.

OWASP, the worldwide not-for-profit charitable organization focused on improving the security of software, says denial of service which targets resources of the application and database servers or individual user accounts.

Ways to Prevent Denial of Service Security Threat

OWASP suggests possible countermeasures to address the threat of denial of service, which include,

Organisations should adopt robust security solutions that defend against application DDoS attacks. Also, prevent bad bots used by fraudsters

Online businesses can also opt for a bot mitigation solution that prevents carding and other OWASP automated threats in real-time without affecting any legitimate visitors. They harden web application security by eliminating malicious bots. Bot mitigation is probably the most accurate solution for preventing OWASP Automated Threats and also ensure real-time protection against malicious bots.

Protect your website from denial of service and other OWASP automated threats by adopting these security measures and prevent all types of bad bots from your website.