cti-ATT-CK-v13.1/capec/2.1/attack-pattern/attack-pattern--172e2289-333b-4796-9afd-94140c9480e8.json

{
    "id": "bundle--fb632286-bed0-4a74-ae90-e9ec86832c47",
    "objects": [
        {
            "created": "2014-06-23T00:00:00.000Z",
            "created_by_ref": "identity--e50ab59c-5c4f-4d40-bf6a-d58418d89bcd",
            "description": "An adversary may execute a flooding attack using the TCP protocol with the intent to deny legitimate users access to a service. These attacks exploit the weakness within the TCP protocol where there is some state information for the connection the server needs to maintain. This often involves the use of TCP SYN messages.",
            "external_references": [
                {
                    "external_id": "CAPEC-482",
                    "source_name": "capec",
                    "url": "https://capec.mitre.org/data/definitions/482.html"
                },
                {
                    "external_id": "CWE-770",
                    "source_name": "cwe",
                    "url": "http://cwe.mitre.org/data/definitions/770.html"
                },
                {
                    "description": "Network Denial of Service: Direct Network Flood",
                    "external_id": "T1498.001",
                    "source_name": "ATTACK",
                    "url": "https://attack.mitre.org/wiki/Technique/T1498/001"
                },
                {
                    "description": "Endpoint Denial of Service: OS Exhaustion Flood",
                    "external_id": "T1499.001",
                    "source_name": "ATTACK",
                    "url": "https://attack.mitre.org/wiki/Technique/T1499/001"
                },
                {
                    "description": "Endpoint Denial of Service: Service Exhaustion Flood",
                    "external_id": "T1499.002",
                    "source_name": "ATTACK",
                    "url": "https://attack.mitre.org/wiki/Technique/T1499/002"
                }
            ],
            "id": "attack-pattern--172e2289-333b-4796-9afd-94140c9480e8",
            "modified": "2022-09-29T00:00:00.000Z",
            "name": "TCP Flood",
            "object_marking_refs": [
                "marking-definition--17d82bb2-eeeb-4898-bda5-3ddbcd2b799d"
            ],
            "spec_version": "2.1",
            "type": "attack-pattern",
            "x_capec_abstraction": "Standard",
            "x_capec_child_of_refs": [
                "attack-pattern--6854fe89-0829-429f-a95c-89e77ab6c8ed"
            ],
            "x_capec_domains": [
                "Communications",
                "Software"
            ],
            "x_capec_prerequisites": [
                "This type of an attack requires the ability to generate a large amount of TCP traffic to send to the target port of a functioning server."
            ],
            "x_capec_status": "Draft",
            "x_capec_version": "3.9"
        }
    ],
    "type": "bundle"
}