Time Complexity: Attack surfaces and vectors
O(n)
0
0
Attack surfaces and vectors in Cybersecurity - Time & Space Complexity
Understanding Time Complexity
When studying attack surfaces and vectors, it helps to understand how the effort to find and exploit weaknesses grows as systems get bigger or more complex.
We want to know: how does the number of possible attack points increase as the system expands?
Scenario Under Consideration
Analyze the time complexity of the following code snippet.
// Example: Checking all open ports on a server
for (int port = 1; port <= 65535; port++) {
if (isPortOpen(server, port)) {
logOpenPort(port);
}
}
This code scans every possible port on a server to find which ones are open and logs them.
Identify Repeating Operations
Identify the loops, recursion, array traversals that repeat.
- Primary operation: Checking each port one by one.
- How many times: Once for every port from 1 to 65535 (all possible ports).
How Execution Grows With Input
As the number of ports to check grows, the total checks grow at the same rate.
| Input Size (n) | Approx. Operations |
|---|---|
| 10 | 10 checks |
| 100 | 100 checks |
| 1000 | 1000 checks |
Pattern observation: Doubling the number of ports doubles the work needed.
Final Time Complexity
Time Complexity: O(n)
This means the time to check grows directly in proportion to the number of ports or attack points.
Common Mistake
[X] Wrong: "Checking more ports won't take much longer because many ports are closed anyway."
[OK] Correct: Even if ports are closed, the code still checks each one, so the total time depends on how many ports are scanned, not how many are open.
Interview Connect
Understanding how attack surface size affects scanning time helps you explain how attackers might prioritize targets and how defenders can reduce exposure.
Self-Check
"What if we only scanned a list of known common ports instead of all ports? How would the time complexity change?"