An attacker initiates a resource depletion attack where a large number of
small XML messages are delivered at a sufficiently rapid rate to cause a
denial of service or crash of the target. Transactions such as repetitive
SOAP transactions can deplete resources faster than a simple flooding attack
because of the additional resources used by the SOAP protocol and the
resources necessary to process SOAP messages. The transactions used are
immaterial as long as they cause resource utilization on the target. In
other words, this is a normal flooding attack augmented by using messages
that will require extra processing on the target.
Attack Prerequisites
The target must receive and process XML transactions
Resources Required
Transaction generator(s)/source(s) and ability to cause arrival of messages at
the target with sufficient rapidity overload target. Larger targets may be able
to handle large volumes of requests so the attacker may require significant
resources (such as a distributed bot network) to affect the target. However, the
resources required of the attacker would be less than in the case of a simple
flooding attack against the same target.
Vision and Technical Leadership provided by Cigital, Inc.
This Web site is hosted by The MITRE Corporation.
Copyright 2009, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation.
Description
