AE01 DDoS Attack To Cloud Application
| Context | Remote user interacts with a cloud application |
| Problem | DDoS/DoS attack against cloud application from the Internet |
| Solution | Ensure network and server capacity of cloud infrastructure; Apply Load Balancer; Apply Content Distribution Network (CDN); Apply packet filtering; Apply Access Control Lists (ACLs); Apply Web Application Firewall (WAF); Apply reputation-based blocking; Apply external DDoS protection; |
| References | BNA-2: Denial of Service (DoS) attack against the cloud infrastructure via the public network infrastructure [SECCRIT]; R.15: Distributed Denial Of Service (DDoS) [ENISA]; Distributed Denial of Service [QUIRC]; |
| Type | ns:type_ThreatPattern |
| Victim | su:comp_CloudApplication |
| Aggressor | su:comp_RemoteUser |
| Aggr. role | ns:role_Client |
| STRIDE | ns:STRIDE_Denial_of_Service |
| Threat | ns:threat_txTargetedProcessCrashing; ns:threat_txResourceExhaustion |