Difference between revisions of "Cash Overflow"

From OWASP
Jump to: navigation, search
(Updated grammar, risk factors, threat agents)
 
Line 8: Line 8:
  
 
==Description==
 
==Description==
A Cash Overflow attack is a [[Denial of Service]] attack specifically aimed at exceeding the hosting costs for a cloud application, either essentially bankrupting the service owner or exceeding the application cost limits leading the Cloud Service Provider disabling the application.
+
A Cash Overflow attack is a [[Denial of Service]] attack specifically aimed at exceeding the hosting costs for a cloud application, either essentially bankrupting the service owner or exceeding the application cost limits, leading the cloud service provider to disable the application.
  
 
==Risk Factors==
 
==Risk Factors==
TBD
+
* Given enough resources, fairly easy to launch attack
[[Category:FIXME|need content]]
+
* Quickly detected due to immediate downtime/resources consumption/logging
 +
* Impact usually limited to loss of availability
  
 
==Related [[Threat Agents]]==
 
==Related [[Threat Agents]]==
* [[:Category:Logical Attacks]]
+
* Most likely an [[:Category:Internet_attacker]]
[[Category:FIXME|not a threat agent]]
+
  
 
==Related [[Attacks]]==
 
==Related [[Attacks]]==
Line 26: Line 26:
  
 
==Related [[Controls]]==
 
==Related [[Controls]]==
* TBD
+
* DoS Prevention Techniques
[[Category:FIXME|need links]]
+
  
 
==References==
 
==References==

Latest revision as of 17:31, 30 December 2013

This is an Attack. To view all attacks, please see the Attack Category page.




Last revision (mm/dd/yy): 12/30/2013


Description

A Cash Overflow attack is a Denial of Service attack specifically aimed at exceeding the hosting costs for a cloud application, either essentially bankrupting the service owner or exceeding the application cost limits, leading the cloud service provider to disable the application.

Risk Factors

  • Given enough resources, fairly easy to launch attack
  • Quickly detected due to immediate downtime/resources consumption/logging
  • Impact usually limited to loss of availability

Related Threat Agents

Related Attacks

Related Vulnerabilities

Related Controls

  • DoS Prevention Techniques

References