Jump to content

Algorithmic complexity attack

Edit links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by JunosTopHat (talk | contribs) at 18:59, 28 November 2022 (introdution). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

      An Algorithmic complexity Attack (ACA) is a form of attack in which the system is attacked by an exhaustion resource to take advantage of worst-case performance.  Worst-case performance through a back-end algorithm results in the exhaustion of the server, this creates algorithmic complexity vulnerabilities. According to Adam Jacobson and Dr. David Renardy, research scientists from Two Six Labs,  “An AC Time vulnerability causes denial of service by exhausting CPU while AC Space vulnerabilities exhaust RAM or disk space.” [1]Examples of ACA attacks are zip-bombs, billion laughs, and ReDoS which are Malicious files aimed to render a program useless. Additionally, as stated by the Cybersecurity and Infrastructure Security Agency, a department within the Department of Homeland Security, “A denial-of-service (DoS) attack occurs when legitimate users are unable to access information systems, devices, or other network resources due to the actions of a malicious cyber threat actor. Services affected may include email, websites, online accounts (e.g., banking), or other services that rely on the affected computer or network.”[2] In other words, DoS attacks are a form of an attack in which a hacker can flood a server which outputs a denial of service error. ACA and DDoS attacks are forms of denial of service attacks in which the hacker can gain information through the Schemas files and its structure. On October 2022, Google released that they experienced the largest DDoS attack to date that took place in September of 2017. Algorithmic complexity and its vulnerabilities are the main components that have given hackers ways to attack algorithms and its servers.

Examples

See also

  • Adversarial input
  • Quicksort - popular and fast in-place sorting algorithm, running on average, but having behaviour if implemented naïvely.

Further reading

  • M. D. McIlroy (1999). "A Killer Adversary for Quicksort" (PDF). Archived (PDF) from the original on 2010-07-14. Retrieved 2010-06-16.
  • Scott A Crosby; Dan S Wallach (2003). "Denial of Service via Algorithmic Complexity Attacks". Archived from the original on 2007-02-02. Retrieved 2010-06-16.


Stub icon

This computer security article is a stub. You can help Wikipedia by expanding it.

  1. ^ "Algorithmic Complexity Vulnerabilities: An Introduction".
  2. ^ "(ST04-015) Understanding Denial-of-Service Attacks". {{cite web}}: line feed character in |title= at position 11 (help)
Retrieved from "https://en.wikipedia.org/w/index.php?title=Algorithmic_complexity_attack&oldid=1124401726"