1. Home
  2. ATT&CK Techniques
  3. T1499.003 Application Exhaustion Flood

T1499.003 Application Exhaustion Flood Mappings

Adversaries may target resource intensive features of applications to cause a denial of service (DoS), denying availability to those applications. For example, specific features in web applications may be highly resource intensive. Repeated requests to those features may be able to exhaust system resources and deny access to the application or the server itself.(Citation: Arbor AnnualDoSreport Jan 2018)

View in MITRE ATT&CK®

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
AC-3 Access Enforcement Protects T1499.003 Application Exhaustion Flood
AC-4 Information Flow Enforcement Protects T1499.003 Application Exhaustion Flood
CA-7 Continuous Monitoring Protects T1499.003 Application Exhaustion Flood
CM-6 Configuration Settings Protects T1499.003 Application Exhaustion Flood
CM-7 Least Functionality Protects T1499.003 Application Exhaustion Flood
SC-7 Boundary Protection Protects T1499.003 Application Exhaustion Flood
SI-10 Information Input Validation Protects T1499.003 Application Exhaustion Flood
SI-15 Information Output Filtering Protects T1499.003 Application Exhaustion Flood
SI-4 System Monitoring Protects T1499.003 Application Exhaustion Flood
action.hacking.variety.DoS Denial of service related-to T1499.003 Endpoint Denial of Service: Application Exhaustion Flood
action.malware.variety.DoS DoS attack related-to T1499.003 Endpoint Denial of Service: Application Exhaustion Flood
attribute.availability.variety.Degradation Performance degradation related-to T1499.003 Endpoint Denial of Service: Application Exhaustion Flood
attribute.availability.variety.Loss Loss related-to T1499.003 Endpoint Denial of Service: Application Exhaustion Flood