Resource Exhaustion

Category: Economic & Infrastructure Abuse
Severity: High
MITRE ATT&CK Mapping: T1499 (Endpoint Denial of Service)

Description

Consuming excessive system resources (CPU, memory, storage, network) to degrade system performance, cause service disruption, or increase operational costs.

Technical Details

Attack Vector

• Resource consumption attacks
• Memory exhaustion
• CPU overload
• Storage depletion
• Network bandwidth abuse

Common Techniques

• Infinite loops and recursive calls
• Memory leaks and allocation bombs
• Large file operations
• Network flooding
• Database query abuse

Impact

• Service Degradation: Reduced system performance and responsiveness
• Service Unavailability: System crashes and service outages
• Financial Impact: Increased infrastructure costs
• User Experience: Poor user experience and system instability

Detection Methods

Resource Monitoring

• Monitor CPU, memory, and storage usage
• Track resource consumption patterns
• Detect resource exhaustion attacks
• Monitor system performance metrics

Performance Analysis

• Analyze system performance
• Track response times
• Monitor resource allocation
• Detect performance anomalies

Mitigation Strategies

Resource Management

• Implement resource limits and quotas
• Use resource monitoring systems
• Deploy auto-scaling mechanisms
• Monitor resource usage patterns

Performance Protection

• Implement rate limiting
• Use circuit breakers
• Deploy load balancing
• Monitor system health

Real-World Examples

Example 1: Memory Exhaustion Attack

# Vulnerable memory allocation
def process_large_data(data_size):
    # No memory limits
    large_buffer = bytearray(data_size)
    
    # Attacker requests huge buffer
    # data_size = 10 * 1024 * 1024 * 1024  # 10 GB
    
    # System runs out of memory
    return large_buffer

Example 2: CPU Exhaustion Through Infinite Loop

# Vulnerable processing function
def process_user_input(user_input):
    # No input validation
    iterations = int(user_input)
    
    result = 0
    for i in range(iterations):
        result += complex_calculation(i)
    
    # Attacker provides huge number
    # user_input = "999999999999"
    # Causes CPU exhaustion
    return result

Example 3: Storage Exhaustion

# Vulnerable file storage
def store_file(filename, content):
    # No size limits
    with open(f"/tmp/{filename}", "wb") as f:
        f.write(content)
    
    # Attacker uploads massive files
    # content = b"A" * (10 * 1024 * 1024 * 1024)  # 10 GB
    # Fills up storage

References & Sources

• Red Hat - “Model Context Protocol (MCP): Understanding security risks and controls”
• Cisco - “AI Model Context Protocol (MCP) and Security”

Related TTPs

• API Rate Limit Bypass
• Computational Resource Abuse
• Denial of Service

---

Resource exhaustion attacks can cause significant system degradation and financial impact through excessive resource consumption.