ABS AI Engine detects attack based on client activity using a Cookie. The following table lists the attacks detected on a single API or across multiple APIs.

Detected attacks based on cookie activity

Attack Type Description id Single or Across APIs
Data Exfiltration Attack Type 1 Data is being extracted via a REST API service. 1 Single API
Stolen Cookie Attack A stolen cookie is being used to attack an API service. 4 Single API
API Memory Attack Type 1 Flooding of an API service with data or code. 5 Single API
API Memory Attack Type 2 6 Single API
Cookie DoS Attack Client attacking session management service with a high volume of cookies. 7 Single API
API Probing Replay Attack Probing or breach attempts on an API service – also called fuzzing. 8 Single API
API DDoS Attack Type 1 A DDoS or distributed attack is disrupting an API service. 9 Single API
Extreme Client Activity Attack Extreme client request activity on an API service. 10 Single API
Extreme App Activity Extreme App Activity may indicate an injection or other CPU intensive attack. 11 Single API
Data Deletion Excessive data deletion activity on an API service. 14 Single API
Data Poisoning Extreme create or update activity received on an API service. 15 Single API
Stolen Cookie Attack Type 2 A stolen cookie is being used to attack an API service. 17 Across APIs
API Probing Replay Attack Type 2 Probing an API service over an extended time period - Cookie 18 Across APIs
Data Exfiltration Attack Type 2 Data is being extracted via a REST API service over an extended time period. 21 Single API
Excessive Client Connections
Note: The Excessive Client Connections attack type is disabled by default. For more information, see REST API attack types.
Client is establishing an excessive number of TCP connections. 22 Across APIs
Content Scraping Type 1 Client abnormally accessing API content 25 Across APIs
Content Scraping Type 2 Client abnormally accessing API content over an extended time period 28 Single API
Header Manipulation Probing an API using malicious headers 37 Single API
Query Manipulation Attack Modifying query string to inject malicious content or impact API service 41 Single API

.