An XML denial-of-service attack (XDoS attack) is a content-borne
denial-of-service attack
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host conn ...
whose purpose is to shut down a web service or system running that service. A common XDoS attack occurs when an
XML
Extensible Markup Language (XML) is a markup language and file format for storing, transmitting, and reconstructing arbitrary data. It defines a set of rules for encoding documents in a format that is both human-readable and machine-readable ...
message is sent with a multitude of
digital signatures
A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very high confidence that the message was created b ...
and a naive
parser
Parsing, syntax analysis, or syntactic analysis is the process of analyzing a string of symbols, either in natural language, computer languages or data structures, conforming to the rules of a formal grammar. The term ''parsing'' comes from Lat ...
would look at each signature and use all the
CPU cycles, eating up all resources. These are less common than inadvertent XDoS attacks which occur when a programming error by a trusted customer causes a handshake to go into an infinite loop.
See also
*
Denial-of-service attack
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host conn ...
*
Application layer DDoS attack
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connec ...
*
Billion laughs
In computer security, a billion laughs attack is a type of denial-of-service (DoS) attack which is aimed at parsers of XML documents.
It is also referred to as an XML bomb or as an exponential entity expansion attack.
Details
The example attac ...
*
Command and control (malware)
A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its conn ...
*
DDoS mitigation
*
Fork bomb
In computing, a fork bomb (also called rabbit virus or wabbit) is a denial-of-service attack
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unav ...
*
High Orbit Ion Cannon
High Orbit Ion Cannon (HOIC) is an open-source network stress testing and denial-of-service attack application designed to attack as many as 256 URLs at the same time. It was designed to replace the Low Orbit Ion Cannon which was developed by ...
(HOIC)
*
Hit-and-run DDoS
Hit-and-run DDoS is a type of denial-of-service (DDoS) attack that uses short bursts of high volume attacks in random intervals, spanning a time frame of days or weeks. The purpose of a hit-and-run DDoS is to prevent a user of a service from usi ...
*
Industrial espionage
*
Infinite loop
In computer programming, an infinite loop (or endless loop) is a sequence of instructions that, as written, will continue endlessly, unless an external intervention occurs ("pull the plug"). It may be intentional.
Overview
This differs from:
* ...
*
Intrusion detection system
An intrusion detection system (IDS; also intrusion prevention system or IPS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically rep ...
*
Low Orbit Ion Cannon
Low Orbit Ion Cannon (LOIC) is an open-source network stress testing and denial-of-service attack application written in C#. LOIC was initially developed by Praetox Technologies, however it was later released into the public domain and is cur ...
(LOIC)
*
Network intrusion detection system
An intrusion detection system (IDS; also intrusion prevention system or IPS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically rep ...
*
ReDoS A regular expression denial of service (ReDoS)
is an algorithmic complexity attack that produces a denial-of-service by providing a regular expression and/or an input that takes a long time to evaluate. The attack exploits the fact that many reg ...
*
SlowDroid
SlowDroid is the firstAlturki, A. A. U. M. A., Vivek, T. B. K. M. K., & Talcott, N. A. S. C. (2019). Resource-Bounded Intruders in Denial of Service Attacks. denial of service attack which allows a single mobile device to take down a network ser ...
*
Slowloris (computer security)
Slowloris is a type of denial of service attack tool which allows a single machine to take down another machine's web server with minimal bandwidth and side effects on unrelated services and ports.
Slowloris tries to keep many connections to th ...
*
Zombie (computer science)
In computing, a zombie is a computer connected to the Internet that has been computer security, compromised by a Hacker (computer security), hacker via a computer virus, computer worm, or Trojan horse (computing), trojan horse program and can b ...
XML
{{malware-stub