Service Denied! Understanding How Regex DoS Attacks Work
Offered By: Ruby Central via YouTube
Course Description
Overview
Explore the inner workings of regex denial of service (DoS) attacks in this 31-minute RailsConf 2022 talk. Dive into the CRuby regex engine to understand how regular expressions function and why certain string inputs can overwhelm your Rails application. Learn to identify vulnerable regex patterns, comprehend the CPU-intensive nature of these attacks, and discover effective strategies to protect your application from potential threats. Gain valuable insights into algorithmic complexity, state machines, NFA vs DFA, and backtracking to enhance your understanding of regex security in Rails development.
Syllabus
Introduction
Rails Infrastructure Team
Context
Denial of Service
Benchmarks
Algorithmic Complexity
Regex Example
Regular Expressions
State Machines
NFA vs DFA
Backtracking
How to Avoid
Outro
Taught by
Ruby Central
Related Courses
Authentication & Authorization: OAuthUdacity Desarrollo de Aplicaciones Web: Seguridad
University of New Mexico via Coursera Web Application Development: Security
University of New Mexico via Coursera Hacking and Patching
University of Colorado System via Coursera Fundamentals of Computer Network Security
University of Colorado System via Coursera