T1499.003SubTechniqueimpactagent-callable

T1499.003Application Exhaustion Flood

Sub-technique of T1499

Platforms: Windows · Azure AD · Office 365 · SaaS · IaaS · Linux · macOS · Google Workspace

ATT&CK version: 14.1

What it is

Adversaries may target resource intensive features of applications to cause a denial of service (DoS), denying availability to those applications. For example, specific features in web applications may be highly resource intensive. Repeated requests to those features may be able to exhaust system resources and deny access to the application or the server itself.(Citation: Arbor AnnualDoSreport Jan 2018)

ATT&CK tactics· 1

Impact

References

  1. https://attack.mitre.org/techniques/T1499/003
  2. https://pages.arbornetworks.com/rs/082-KNA-087/images/13th_Worldwide_Infrastructure_Security_Report.pdf
  3. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/netflow/configuration/15-mt/nf-15-mt-book/nf-detct-analy-thrts.pdf
Sourced from MITRE ATT&CK Enterprise v14.1. Curated and contextualized for EU compliance use cases by Adam Lundqvist, Founder at SQUR.