Exploiting Miscoordination of Microservices in Tandem for Effective DDoS Attacks

Anat Bremler-Barr, Michael Czeizler, Hanoch Levy, Jhonatan Tavori

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Today's software development landscape has witnessed a shift towards microservices based architectures. Using this approach, large software systems are implemented by combining loosely-coupled services, each responsible for specific task and defined with separate scaling properties. Auto-scaling is a primary capability of cloud computing which allows systems to adapt to fluctuating traffic loads by dynamically increasing (scale-up) and decreasing (scale-down) the number of resources used.We observe that when microservices which utilize separate auto-scaling mechanisms operate in tandem to process traffic, they may perform ineffectively, especially under overload conditions, due to DDoS attacks. This can result in throttling (Denial of service - DoS) and over-provisioning of resources (Economic Denial of Sustainability - EDoS).This paper demonstrates how an attacker can exploit the tandem behavior of microservices with different auto-scaling mechanisms to create an attack we denote as the Tandem Attack. We demonstrate the attack on a typical Serverless architecture and analyze its economical and performance damages. One intriguing finding is that some attacks may make a cloud customer paying for service denied requests.We conclude that independent scaling of loosely coupled components might form an inherent difficulty and end-to-end controls might be needed.

Original languageEnglish
Title of host publicationIEEE INFOCOM 2024 - IEEE Conference on Computer Communications
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages231-240
Number of pages10
ISBN (Electronic)9798350383508
DOIs
StatePublished - 2024
Event2024 IEEE Conference on Computer Communications, INFOCOM 2024 - Vancouver, Canada
Duration: 20 May 202423 May 2024

Publication series

NameProceedings - IEEE INFOCOM

Conference

Conference2024 IEEE Conference on Computer Communications, INFOCOM 2024
Country/TerritoryCanada
CityVancouver
Period20/05/2423/05/24

Keywords

  • Auto-scaling
  • Cloud security
  • Denial of service (DDoS) attacks
  • Economic Denial of Sustainability
  • Microservices architecture

All Science Journal Classification (ASJC) codes

  • General Computer Science
  • Electrical and Electronic Engineering

Cite this