The term slow DoS attack (SDA) was introduced in 2013,[1] to clearly define a specific category of denial-of-service attacks which make use of low-bandwidth rate to accomplish their purpose. Similar terms can be found in literature, such as:
application layer DoS,[2] focusing on attacks targeting the application layer only, while a slow DoS attack may exploit lower-layers of the ISO/OSI stack
low-rate DoS,[3] focusing on the characteristics of using a limited amount of attack bandwidth, hence, for instance, including also exploit-based threats
Particularly, in order to reduce bandwidth, a slow DoS attack often acts at the application layer of the ISO/OSI stack (e.g. in case of timeout exploiting threats[4]), although this is not a requirement.[5] Such layer is however easier to exploit in order to successfully attack a victim even by sending it few bytes of malicious requests.
The purpose of a slow DoS attack is (often, but not always[4]) to cause unavailability of a network service, by seizing all the connections the daemon is able to concurrently manage, at the application layer. Under such conditions, any new incoming connection, even from potentially legitimate clients, will not be accepted by the daemon, hence leading to a denial of service. In addition, once a connection is established/sized by the attacker, the adversary would keep it alive as long as possible (hence, avoiding connection closures, which could potentially free-up resources for legitimate clients). In order to keep connections alive, reducing at the same time the attack bandwidth, considering a single connection, data are sent to the target service only at specific times, by exploiting the so-called Wait Timeout parameter,[1] scheduling a periodic data sending activity (at the application layer): once the timeout expires, a specific payload (depending on the attack type and the approach used by the malicious user) is sent to the targeted daemon. While at lower layers of the ISO/OSI stack, timeouts may be relatively short, in this case, it may assume particularly long values, in the order of minutes.
^ abCambiaso, Enrico; Papaleo, Gianluca; Chiola, Giovanni; Aiello, Maurizio (2013). "Slow DoS attacks: definition and categorisation". International Journal of Trust Management in Computing and Communications. 1 (3/4): 300–319. doi:10.1504/IJTMCC.2013.056440. hdl:11567/571723.
^Mantas, Georgios; Stakhanova, Natalia; Gonzales, Hugo; Hadian Jazi, Hossein; Ghorbani, Ali A. (2015). "Application-layer denial of service attacks: taxonomy and survey" (PDF). International Journal of Information and Computer Security. 7 (2–4): 216–239. doi:10.1504/IJICS.2015.073028. S2CID 3384390.
^Wu, Zhijun; Zhang, Liyuan; Yue, Meng (2015). "Low-Rate DoS Attacks Detection Based on Network Multifractal". IEEE Transactions on Dependable and Secure Computing. 13 (5): 559–567. doi:10.1109/TDSC.2015.2443807. S2CID 14728946.
^ abCambiaso, Enrico; Papaleo, Gianluca; Chiola, Giovanni; Aiello, Maurizio (2015). "Designing and modeling the slow next DoS attack". Computational Intelligence in Security for Information Systems Conference (CISIS 2015). 249-259. Springer.
The term slowDoSattack (SDA) was introduced in 2013, to clearly define a specific category of denial-of-service attacks which make use of low-bandwidth...
memory card standards Serial Data Signal of an I²C electronic bus SlowDoSattack Symbolic data analysis Sabouraud dextrose agar , microbiological media...
a denial-of-service (DoS) attack wherein a process continually replicates itself to deplete available system resources, slowing down or crashing the system...
Slow Horses is a British spy thriller television series based on the Slough House series of novels by Mick Herron. The series premiered on Apple TV+ on...
protocol was compromised in 2020 by Italian researchers, executing SlowDoSAttacks on such protocol (see CVE-2020-13849). MQTT clustering is a technique...
A regular expression denial of service (ReDoS) is an algorithmic complexity attack that produces a denial-of-service by providing a regular expression...
SlowAttack is the third solo album by the English singer Brett Anderson, and released in 2009. This is Anderson's last solo album before Suede's reformation...
Italy and released as an Android application. SlowDroid behavior is similar to other SlowDoSAttacks such as Slowloris, since it creates many connections...
such an attack, the attacker sends the server multiple pieces of data that hash to the same value and then tries to get the server to perform slow lookups...
A replay attack (also known as a repeat attack or playback attack) is a form of network attack in which valid data transmission is maliciously or fraudulently...
have been tailored toward DoSattack detection. Such solutions require high numbers of packets to converge on the attack path(s). Savage et al. suggested...
The September 11 attacks, commonly known as 9/11, were four coordinated Islamist suicide terrorist attacks carried out by al-Qaeda against the United...
Chanarin for the song "Saturday Come Slow", featuring Albarn, drew attention to the use of music in torture. Massive Attack donated all proceeds from their...
attack three months before. The attack received widespread condemnation around the world. The Tunisian government later "acknowledged fault" for slow...
The fourth and final season of the Attack on Titan anime television series, titled Attack on Titan: The Final Season, was produced by MAPPA, chief directed...
This can slow down the victim's computer to the point where it becomes impossible to work on. The original tool for creating a Smurf attack was written...
sinking. The vessel's crew evacuated after the attack. Ambrey said the attack made the ship briefly slow down and deviate from her course, before contacting...
several open-source platforms. LOIC performs a DoSattack (or, when used by multiple individuals, a DDoSattack) on a target site by flooding the server with...
longitudinal axis). Some authors do not use an arbitrary chord line but use the zero lift axis where, by definition, zero angle of attack corresponds to zero coefficient...
2017. Newman, Lily Hay. "How an Accidental 'Kill Switch' Slowed Friday's Massive Ransomware Attack". Wired Security. Archived from the original on 14 May...
very slow to deploy during U.S. military involvement in Kosovo. According to the Army Times, the Army is shifting its doctrine to favor ground-attack aircraft...
ships of the Kido Butai), with the attack on Kaneohe. A total of 353 Japanese planes reached Oahu in two waves. Slow, vulnerable torpedo bombers led the...
Panic attacks are sudden periods of intense fear and discomfort that may include palpitations, sweating, chest pain or chest discomfort, shortness of...
Bombay attack return home]. El País (in Spanish). 30 November 2008. Archived from the original on 20 May 2011. Retrieved 22 October 2015. "Los dos españoles...