Dark Mode

Settings

Capec-490 Detail

Amplification

Standard Software

Parents: 125

Threats: T61 T64 T74 T77 T107 T264 T265 T269 T282 T285 T289 T308 T309 T335 T374 T401 T404

Description

An adversary may execute an amplification where the size of a response is far greater than that of the request that generates it. The goal of this attack is to use a relatively few resources to create a large amount of traffic against a target server. To execute this attack, an adversary send a request to a 3rd party service, spoofing the source address to be that of the target server. The larger response that is generated by the 3rd party service is then sent to the target server. By sending a large number of initial requests, the adversary can generate a tremendous amount of traffic directed at the target. The greater the discrepancy in size between the initial request and the final payload delivered to the target increased the effectiveness of this attack.

Not present

External ID Source Link Description
CAPEC-490 capec https://capec.mitre.org/data/definitions/490.html
CWE-770 cwe http://cwe.mitre.org/data/definitions/770.html
T1498.002 ATTACK https://attack.mitre.org/wiki/Technique/T1498/002 Network Denial of Service:Reflection Amplification

Not present

  1. This type of an attack requires the existence of a 3rd party service that generates a response that is significantly larger than the request that triggers it.

Not present

Not present

Not present

Not present

We use cookies to ensure you get the best experience on our website.