Denial of Service with a Fistful of Packets - Exploiting Algorithmic Complexity Vulnerabilities
Offered By: Black Hat via YouTube
Course Description
Overview
Explore algorithmic complexity (AC) vulnerabilities in this Black Hat conference talk. Learn how attackers can exploit algorithms to cause significant server workload with minimal input. Discover the mechanics behind decompression bombs and ASCII hex decoding attacks. Witness live demonstrations of unauthenticated vulnerabilities and their impacts on enterprise software. Understand the implications for password strength estimation tools. Gain insights into common themes in AC vulnerabilities and acquire tools to identify and mitigate these risks. Suitable for security professionals and developers interested in enhancing application resilience against denial-of-service attacks.
Syllabus
Introduction
What are algorithmic complexity vulnerabilities
Decompression bombs
ASCII hex decode
Demo
Impact
Unauthenticated Vulnerability
Demonstration
Bonus vulnerability
Impacts
Password Strength Estimation Tool
Impact on Enterprise Software
Demo of Attack
What You Can Do
Common Themes
Tools
Audience
Outro
Taught by
Black Hat
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network