Here’s an interesting project on an innovative denial of service attack which relies on the fact that underlying data structures in many common programs are often poorly implemented. This poor implementation can give rise to worst-case performance which is much worse than average-case performance. The attacker can use this fact to construct “worst-case” input, allowing him or her to crash the victim’s machine with only a low-bandwidth connection. [via IP]