Host-based DoS attacks and defense in the cloud

Tianwei Zhang, Ruby B. Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

We explore host-based DoS attacks, which exploit the shared computing resources in a multi-Tenant cloud server to com-promise the server's resource availability. We first present a set of attack techniques targeting different types of re-sources. We show such attacks can significantly affect the performance of co-located VMs, as well as the cloud provider's management services. Then we propose an attack strategy to compromise the availability of the entire datacenter. We show how power-Aware optimization techniques can help the attacker achieve his goal faster, with low cost. We design an effective general-purpose method to defeat memory, network and disk DoS attacks. We use a statis-tical method to detect changes in the usage of different re-sources. Once an attack happens, we use resource throttling techniques to identify and thwart the malicious VMs. Our evaluation shows that this defense method can effectively defeat these DoS attacks with negligible performance over-head. We alert the computer architecture community to these catastrophic attacks on the availability of cloud com-puting resources, to encourage building in better defenses at both the hardware and software levels.

Original languageEnglish (US)
Title of host publicationHardware and Architectural Support for Security and Privacy, HASP 2017
PublisherAssociation for Computing Machinery
ISBN (Electronic)9781450352666
DOIs
StatePublished - Jun 25 2017
Event6th International Workshop on Hardware and Architectural Support for Security and Privacy, HASP 2017 - Toronto, Canada
Duration: Jun 25 2017 → …

Publication series

NameACM International Conference Proceeding Series
VolumePart F128533

Other

Other6th International Workshop on Hardware and Architectural Support for Security and Privacy, HASP 2017
CountryCanada
CityToronto
Period6/25/17 → …

All Science Journal Classification (ASJC) codes

  • Software
  • Human-Computer Interaction
  • Computer Vision and Pattern Recognition
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Host-based DoS attacks and defense in the cloud'. Together they form a unique fingerprint.

  • Cite this

    Zhang, T., & Lee, R. B. (2017). Host-based DoS attacks and defense in the cloud. In Hardware and Architectural Support for Security and Privacy, HASP 2017 [3092630] (ACM International Conference Proceeding Series; Vol. Part F128533). Association for Computing Machinery. https://doi.org/10.1145/3092627.3092630