CISPA Discovers Loop DoS: New UDP-based Application Layer Denial-of-Service Attack

Key Information 1. Vulnerability Type: - Name: Loop DoS (Loop Denial-of-Service) - Description: A new type of DoS attack that exploits UDP protocol for end-to-end communication to target application layer protocols. 2. Affected Protocols: - Type: Application layer protocols - Examples: QOTD, Chargen, Echo, DNS, NTP, TFTP 3. Attack Mechanism: - Principle: Exploits pairing of two network services to create an infinite loop of mutual responses, generating massive traffic and causing service disruption. - Trigger Condition: Requires trigger injection; once triggered, the attacker cannot stop it. 4. Impact Scope: - Estimated Number of Affected Internet Hosts: 300,000 - Affected Protocols: TFTP, DNS, NTP, Daytime, Time, Active Users, Echo, Chargen, QOTD 5. Discoverers: - Institution: CISPA Helmholtz-Center for Information Security - Researchers: Yepeng Pan, Anna Ascheman, Christian Rossow 6. Exploitation: - Trigger Method: Uses IP spoofing, triggered by a single spoofed host. - Attack Vectors: TFTP, DNS, NTP, and other protocols. 7. Ease of Exploitation: - Description: This type of attack has not yet been observed in the wild, but once exploited, attackers can easily leverage this vulnerability. 8. Mitigation Measures: - Timeline: Starting March 19, 2024, specific attack alerts will be published at the following link: - https://cispa.saarland/group/rossow/Loop-DoS Summary New Vulnerability: Loop DoS attacks exploit UDP for end-to-end communication to target application layer protocols. Wide Impact: Estimated to affect 300,000 internet hosts. Discoverers: Researchers from CISPA. Ease of Exploitation: Can be triggered by a single spoofed host. Mitigation: Specific attack alerts will be available starting March 19, 2024.

Goal Reached Thanks to every supporter — we hit 100%!

CISPA Discovers Loop DoS: New UDP-based Application Layer Denial-of-Service Attack