Denial of service attacks attempt to make a computer resource unavailable or insufficiently available to its intended users. Such attacks are generally of greater concern for persistent, server-type systems than for desktop applications; nevertheless, denial of service issues can arise for all classes of application.
Denial of service can occur when resource usage is disproportionately large in comparison to the input data that causes the resource usage. Checking inputs for excessive resource consumption may be unjustified for client software that expects the user to handle resource-related problems. Even such client software, however, should check for inputs that could cause persistent denial of service, such as filling up the file system.
The _Secure Coding Guidelines for the Java Programming Language_ \[[SCG 2009|AA. References#SCG 09]\] lists some examples of possible attacks: |
Rules regarding prevention of denial of service attacks resulting from resource exhaustion include:
Some denial of service attacks operate by attempting to induce concurrency-related problems such as thread deadlock, thread starvation, and race conditions.
Rules regarding prevention of denial of service attacks resulting from concurrency issues include:
Additional rules regarding prevention of denial of service attacks include:
A number of additional rules address vulnerabilities that can enable denial of service attacks, but that are insufficient to cause denial of service on their own. These rules include: