|04 May 2010||#1|
| || |
Regular Expression Denial of Service Attacks.....
MSDN Magazine > Issues > 2010 > May 2010 Issue.
Regular Expression Denial of Service Attacks and Defenses.
In the November 2009 issue, I wrote an article titled “XML Denial of Service Attacks and Defenses” (msdn.microsoft.com/magazine/ee335713), in which I described some particularly effective denial of service (DoS) attack techniques against XML parsers. I received a lot of e-mail about this article from readers wanting to know more, which really encourages me that people understand how serious DoS attacks can be.
I believe that in the next four to five years, as privilege escalation attacks become more difficult to execute due to increased adoption of memory protections such as Data Execution Prevention (DEP), Address Space Layout Randomization (ASLR), and isolation and privilege reduction techniques, attackers will shift their focus to DoS blackmail attacks. Developers can continue to protect their applications by staying ahead of the attack trend curve and addressing potential future DoS vectors today.
One of those potential future DoS vectors is the regular expression DoS. At the Open Web Application Security Project (OWASP) Israel Conference 2009, Checkmarx Chief Architect Alex Roichman and Senior Programmer Adar Weidman presented some excellent research on the topic of regular expression DoS, or “ReDoS.” Their research revealed that a poorly written regular expression can be exploited so that a relatively short attack string (fewer than 50 characters) can take hours or more to evaluate. In the worst-case scenario, the processing time is actually exponential to the number of characters in the input string, meaning that adding a single character to the string doubles the processing time.
In this article, I will describe what makes a regex vulnerable to these attacks. I will also present code for a Regex Fuzzer, a test utility designed to identify vulnerable regexes by evaluating them against thousands of random inputs and flagging whether any of the inputs take an unacceptably long time to complete processing.
Security Briefs - Regular Expression Denial of Service Attacks and Defenses
|My System Specs|
|Similar help and support threads for2: Regular Expression Denial of Service Attacks.....|
|Suggest a simple regular expression html fetching tray app||Software|
|Regular BSODS - During regular use and gaming||BSOD Help and Support|
|Expression Design 4||Software|
|Expression Web 3 Problem||Software|
|MS Warns of Attacks Targeting the Windows Service Isolation Feature||News|
|Sumatra PDF Denial Of Service Vulnerability||System Security|
|Service Pack 2 for Expression Web 3.||Software|
|Our Sites ||Site Links ||About Us ||Find Us |
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd
All times are GMT -5. The time now is 03:32 AM.