Denial of Service

Availability attack

DoS attacks can exhaust resources (bandwidth, CPU, memory, connections) or exploit protocol/application weaknesses. Mitigations include rate limiting, filtering, and resilient architecture.

NIST CSRC Glossary

Bibliography

NIST CSRC Glossary
Accessed Jan 05, 2026Summarized
NIST CSRC Glossary — Denial of service
https://csrc.nist.gov/glossary/term/denial_of_service
NIST states most site information is public information and may be distributed or copied, except material marked as copyrighted; attribution requested. Verify per-document markings before quoting.
Source: NIST CSRC Glossary (csrc.nist.gov).

Sense 2

An attack that prevents or impairs the authorized use of information system resources or services.

NICCS (CISA) Cybersecurity Vocabulary

Bibliography

NICCS (CISA) Cybersecurity Vocabulary
Accessed Jan 06, 2026Quoted
NICCS glossary export (CSV)
https://niccs.cisa.gov/rest/vocab/export-csv
NICCS is a CISA (DHS) program. Individual glossary entries include a "From" attribution (e.g., CNSSI 4009, NIST SPs, NICE Framework). Treat "From" values as upstream provenance and verify before quoting large portions of text.
Source: NICCS (CISA) Cybersecurity Vocabulary (niccs.cisa.gov).

Sense 3

Adversaries may perform Denial of Service (DoS) attacks to disrupt expected device functionality. Examples of DoS attacks include overwhelming the target device with a high volume of requests in a short time period and sending the target device a request it does not know how to handle. Disrupting device state may temporarily render it unresponsive, possibly lasting until a reboot can occur. When placed in this state, devices may be unable to send and receive requests, and may not perform expected response functions in reaction to other events in the environment. Some ICS devices are particularly sensitive to DoS events, and may become unresponsive in reaction to even a simple ping sweep. Adversaries may also attempt to execute a Permanent Denial of Service (PDoS) against certain devices, such as in the case of the BrickerBot malware. (Citation: ICS CERT April 2017) Adversaries may exploit a software vulnerability to cause a denial of service by taking advantage of a programming error in a program, service, or within the operating system software or kernel itself to execute adversary controlled code. Vulnerabilities may exist in software that can be used to cause a denial of service condition. Adversaries may have prior knowledge about industrial protocols or control devices used in the environment through Remote System Information Discovery. There are examples of adversaries remotely causing a Device Restart/Shutdown by exploiting a vulnerability that induces uncontrolled resource consumption. (Citation: ICS CERT August 2018) (Citation: Common Weakness Enumeration January 2019) (Citation: MITRE March 2018)

Adversaries may perform Denial-of-Service (DoS) attacks to disrupt expected device functionality. Examples of DoS attacks include overwhelming the target device with a high volume of requests in a short time period and sending the target device a request it does not know how to handle. Disrupting device state may temporarily render it unresponsive, possibly lasting until a reboot can occur. When placed in this state, devices may be unable to send and receive requests, and may not perform expected response functions in reaction to other events in the environment.

Some ICS devices are particularly sensitive to DoS events, and may become unresponsive in reaction to even a simple ping sweep. Adversaries may also attempt to execute a Permanent Denial-of-Service (PDoS) against certain devices, such as in the case of the BrickerBot malware. (Citation: ICS-CERT April 2017)

(I)

The prevention of authorized access to a system resource or the delaying of system operations and functions. (See: availability, critical, flooding.) Tutorial: A denial of service attack can prevent the normal conduct of business on the Internet. There are four types of solutions to this security problem: Awareness: Maintaining cognizance of security threats and vulnerabilities. (See: CERT.) Detection: Finding attacks on end systems and subnetworks. (See: intrusion detection.) Prevention: Following defensive practices on network connected systems. (See: [R2827].) Response: Reacting effectively when attacks occur. (See: CSIRT, contingency plan.)

The prevention of authorized access to a system resource or the delaying of system operations and functions. (See: availability, critical, flooding.)

Tutorial: A denial-of-service attack can prevent the normal conduct of business on the Internet. There are four types of solutions to this security problem:

Awareness: Maintaining cognizance of security threats and vulnerabilities. (See: CERT.)
Detection: Finding attacks on end systems and subnetworks. (See: intrusion detection.)
Prevention: Following defensive practices on network-connected systems. (See: [R2827].)
Response: Reacting effectively when attacks occur. (See: CSIRT, contingency plan.)

IETF RFC 4949 (Internet Security Glossary)

Senses

Denial of Service

Senses