Part of the Attack.tex database ()

Focused On Your Success

The All.Net Security Database

Generated Fri Jun 27 09:58:50 PDT 2003 by fc@red.a.net

Cause/Mechanism: Threat Profiles Attack Methods Defense Methods Process: Prevention Detection Reaction Impact: Integrity Availability Confidential Use Control	Other: Risk Management Database Description Domain: Physical Informational Systemic Sophistication: Theoretical Demonstrated Widespread	Perspectives: Management Policy Standards Procedures Documentation Audit Testing Technical Safeguards Personnel Incident Handling Legal Physical Awareness Training Education Organization
Brekne's Mechanistic: Input Output Storage Processing Transmission	Brekne's Causal: Accidental Malicious	Brekne's Method: Leakage Masquerade Denial Corruption Usage Mental

Attack69:

Name:induced stress failures

Stresses induced on a system cause it to fail. Examples include paging monsters that result in excessive paging and reduced performance, process viruses that consume various system resources, and large numbers of network packets per unit time which tie up systems by forcing excessive high-priority network interrupt processing. Complexity: Although some attacks of this sort appear to be available without substantial effort, in general, understanding the implications of stress on multiprocessing systems is beyond the current theory. It appears from a cursory examination that this is at least as complex as the interrupt sequence problem which appears to be factorial in the number of instructions in each of the simultaneous processes.

fc@red.a.net

Related Database Material

[TBVProcessing - Relates to Processing]
[TBVAccidental - Relates to Accidental]
[TBVMalicious - Relates to Malicious]
[PDRIntegrity - Relates to Integrity]
[PDRAvailability - Relates to Availability]
[PDRUse - Relates to Use]
[PDRDemonstrated - Relates to Demonstrated]
[PLSSystemic - Relates to Systemic]
[Threat1 - insiders]
[Threat2 - private investigators]
[Threat6 - customers]
[Threat7 - Fraudsters]
[Threat11 - crackers]
[Threat13 - cyber-gangs]
[Threat14 - tiger teams]
[Threat16 - professional thieves]
[Threat18 - vandals]
[Threat19 - activists]
[Threat20 - crackers for hire]
[Threat24 - terrorists]
[Threat26 - foreign agents and spies]
[Threat28 - government agencies]
[Threat29 - infrastructure warriors]
[Threat30 - economic rivals]
[Threat31 - nation states]
[Threat32 - global coalitions]
[Threat33 - military organizations]
[Threat34 - paramilitary groups]
[Threat35 - information warriors]
[Threat36 - extortionists]
[Defense131 - adversary principle (GASSP)]
[Defense135 - alarms]
[Defense32 - anomaly detection]
[Defense30 - audit analysis]
[Defense35 - awareness of implications]
[Defense58 - configuration management]
[Defense91 - conservative resource allocation]
[Defense132 - continuity principle (GASSP)]
[Defense99 - deceptions]
[Defense13 - detection before failure]
[Defense87 - disable unsafe features]
[Defense76 - effective protection mind-set]
[Defense21 - fault isolation]
[Defense6 - feeding false information]
[Defense138 - filtering devices]
[Defense14 - human intervention after detection]
[Defense65 - increased or enhanced perimeters]
[Defense67 - jamming]
[Defense59 - lockouts]
[Defense31 - misuse detection]
[Defense19 - over-damped protocols]
[Defense69 - path diversity]
[Defense16 - redundancy]
[Defense26 - rerouting attacks]
[Defense4 - sensors]
[Defense115 - separation of equipment so as to limit damage from local events]
[Defense103 - standby equipment]
[Defense20 - temporary blindness]
[Defense125 - time, location, function, and other similar access limitations]
[Defense128 - timeliness principle (GASSP)]