Bug ID 687984: Attacks with randomization of HTTP headers parameters generates too many signatures

Last Modified: Oct 01, 2018

Bug Tracker

Affected Product:  See more info
BIG-IP AFM, ASM(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1

Fixed In:
13.1.0.2

Opened: Oct 10, 2017
Severity: 3-Major

Symptoms

When attackers randomize HTTP headers parameters, Behavioral DoS (BADoS) might generate too many signatures.

Impact

The list of generated signatures is too long. It produces unnecessary CPU utilization for attack mitigation.

Conditions

Attacks with randomization of HTTP headers parameters.

Workaround

None.

Fix Information

Improved algorithm that detects a randomization.

Behavior Change