YoVDO

Denial of Service with a Fistful of Packets - Exploiting Algorithmic Complexity Vulnerabilities

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Denial-of-Service Attacks Courses Enterprise Software Courses

Course Description

Overview

Explore algorithmic complexity (AC) vulnerabilities in this Black Hat conference talk. Learn how attackers can exploit algorithms to cause significant server workload with minimal input. Discover the mechanics behind decompression bombs and ASCII hex decoding attacks. Witness live demonstrations of unauthenticated vulnerabilities and their impacts on enterprise software. Understand the implications for password strength estimation tools. Gain insights into common themes in AC vulnerabilities and acquire tools to identify and mitigate these risks. Suitable for security professionals and developers interested in enhancing application resilience against denial-of-service attacks.

Syllabus

Introduction
What are algorithmic complexity vulnerabilities
Decompression bombs
ASCII hex decode
Demo
Impact
Unauthenticated Vulnerability
Demonstration
Bonus vulnerability
Impacts
Password Strength Estimation Tool
Impact on Enterprise Software
Demo of Attack
What You Can Do
Common Themes
Tools
Audience
Outro


Taught by

Black Hat

Related Courses

Computer Security
Stanford University via Coursera
Cryptography II
Stanford University via Coursera
Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera
Building an Information Risk Management Toolkit
University of Washington via Coursera
Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network