URI: H.O.HP-iT.0
Package: Network
< prev | next >
Description: Effect of overload at process Process on Host: if the process Process is overloaded, it may cause an overload on its host Host.
Threat Type: Secondary Threat
Matching Pattern:
Finds a non-trivial Process and its Host, and optionally the host manager and the interactive user of the process.
Data service Process overloaded by decryption of data Data for Service: since data Data stored on Host is encrypted with keys from Vault, query processing by Service will require decryption of a large volume of data. The resulting computational overhead may overload the data server Process.
Data service Process overloaded by decryption of data Data for Service: since data Data stored on Host is encrypted, query processing by Service will require decryption of a large volume of data. The resulting computational overhead may overload the data server Process.
Encrypted processing of input Data by Process causes overload: if Process performs calculations in the encrypted domain, the performance overhead will be significant.
Software bug overloads Process: a software bug in process Process causes it to become overlaoded.
Distributed DoS attack on service Process from subnet LogicalSubnet: an attacker with control over multiple vulnerable systems connected to LogicalSubnet can use them to send excessive messages via a privileged network paths through firewalls and overload service Process. The best defence is to arrange with your ISP to manage and restrict the traffic sent from the Internet (check threat causes for an unrestricted network interface).
DoS attack on service Process from subnet LogicalSubnet: an attacker with access to LogicalSubnetcan exploit a privileged network path through firewalls allowing access to service Process, sending too many messages and overloading Process. The best defence is to manage and restrict the traffic sent to the service at one of the inbound network interfaces (check threat causes for unrestricted network interfaces).
SLA constrained virtual host Host becomes unavailable: if clusterable virtual host Host running in data centre DataCentre becomes overloaded, and it is limited by an SLA from scaling up its use of resources at DataCentre, then it may become unavailable.
Effect of overload at Host on SHost: if virtual host Host is overloaded, and allowed to scale up via elastic hosting on cluster SHost, the overload may propagate to SHost if not managed to prevent this by a Data Centre.
Effect of overload at Host on DataCentre: if physical host Host at DataCentre is overloaded, then DataCentre as a whole may become subject to high total load.
Loss of availability at overloaded host Host: if Host is overloaded, then it will be unable to fulfil its function and become effectively unavailable.
(empty)
CSG-DeprioritisedProcess-Runtime
The process Process is configured to run with low priority, so it cannot overload its host Host, although this means if overloaded it will likely become unavailable instead. This can be configured in advance to block the threat, or implemented as a run-time response to an overload by signalling the manager HostManager of the process host Host.