TY - GEN
T1 - Exploiting Miscoordination of Microservices in Tandem for Effective DDoS Attacks
AU - Bremler-Barr, Anat
AU - Czeizler, Michael
AU - Levy, Hanoch
AU - Tavori, Jhonatan
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - Today's software development landscape has witnessed a shift towards microservices based architectures. Using this approach, large software systems are implemented by combining loosely-coupled services, each responsible for specific task and defined with separate scaling properties. Auto-scaling is a primary capability of cloud computing which allows systems to adapt to fluctuating traffic loads by dynamically increasing (scale-up) and decreasing (scale-down) the number of resources used.We observe that when microservices which utilize separate auto-scaling mechanisms operate in tandem to process traffic, they may perform ineffectively, especially under overload conditions, due to DDoS attacks. This can result in throttling (Denial of service - DoS) and over-provisioning of resources (Economic Denial of Sustainability - EDoS).This paper demonstrates how an attacker can exploit the tandem behavior of microservices with different auto-scaling mechanisms to create an attack we denote as the Tandem Attack. We demonstrate the attack on a typical Serverless architecture and analyze its economical and performance damages. One intriguing finding is that some attacks may make a cloud customer paying for service denied requests.We conclude that independent scaling of loosely coupled components might form an inherent difficulty and end-to-end controls might be needed.
AB - Today's software development landscape has witnessed a shift towards microservices based architectures. Using this approach, large software systems are implemented by combining loosely-coupled services, each responsible for specific task and defined with separate scaling properties. Auto-scaling is a primary capability of cloud computing which allows systems to adapt to fluctuating traffic loads by dynamically increasing (scale-up) and decreasing (scale-down) the number of resources used.We observe that when microservices which utilize separate auto-scaling mechanisms operate in tandem to process traffic, they may perform ineffectively, especially under overload conditions, due to DDoS attacks. This can result in throttling (Denial of service - DoS) and over-provisioning of resources (Economic Denial of Sustainability - EDoS).This paper demonstrates how an attacker can exploit the tandem behavior of microservices with different auto-scaling mechanisms to create an attack we denote as the Tandem Attack. We demonstrate the attack on a typical Serverless architecture and analyze its economical and performance damages. One intriguing finding is that some attacks may make a cloud customer paying for service denied requests.We conclude that independent scaling of loosely coupled components might form an inherent difficulty and end-to-end controls might be needed.
KW - Auto-scaling
KW - Cloud security
KW - Denial of service (DDoS) attacks
KW - Economic Denial of Sustainability
KW - Microservices architecture
UR - http://www.scopus.com/inward/record.url?scp=85201795545&partnerID=8YFLogxK
U2 - 10.1109/INFOCOM52122.2024.10621335
DO - 10.1109/INFOCOM52122.2024.10621335
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:85201795545
T3 - Proceedings - IEEE INFOCOM
SP - 231
EP - 240
BT - IEEE INFOCOM 2024 - IEEE Conference on Computer Communications
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 43rd IEEE Conference on Computer Communications, INFOCOM 2024
Y2 - 20 May 2024 through 23 May 2024
ER -