R.U.D.Y., short for R U Dead yet, is an acronym used to describe a Denial of Service (DoS) tool used by hackers to perform slow-rate a.k.a. “Low and slow” attacks by directing long form fields to the targeted server. It is known to have an interactive console, thus making it a user-friendly tool. It opens fewer connections to the website being targeted for a long period and keeps the sessions open as long as it is feasible. The amount of open sessions overtires the server or website making it unavailable for the authentic visitors. The data is sent in small packs at an incredibly slow rate; normally there is a gap of ten seconds between each byte but these intervals are not definite and may vary to avert detection.
The victim servers of these types of attacks may face issues such as not being able to access a particular website, disrupt their connection, drastically slow network performance, etc.
Hackers can use such attacks for different purposes while targeting different servers or hosts; these purposes include, but are not limited to, blackmail, vengeance or sometimes even activism.
The RUDY attack opens concurrent POST HTTP connections to the HTTP server and delays sending the body of the POST request to the point that the server resources are saturated. This attack sends numerous small packets at a very slow rate to keep the connection open and the server busy. This low-and slow attack behavior makes it relatively difficult to detect, compared to flooding DoS attacks that raise the traffic volume abnormally.
- Poojary, Karthik (October 2, 2012). "Five DDoS attack tools that you should know about". Computer Weekly. Retrieved December 7, 2016.
- Maryam M. Najafabadi; Taghi M. Khoshgoftaar; Amri Napolitano; Charles Wheelus. "RUDY Attack: Detection at the Network Level and Its Important Features". Proceedings of the Twenty-Ninth International Florida Artificial Intelligence Research Society Conference. Retrieved December 7, 2016.