Cloud Auto-scaling Mechanism Under DDoS Attacks: Yo-Yo Attack and Tandem Attack
Protecting dynamic cloud applications from DDoS attacks requires an in-depth understanding of infrastructure layers and their vulnerabilities. Join this session for useful insights from a team studying real-world attacks and mitigations in Amazon EC2, Kubernetes and serverless environments. Anat Bremler-Barr, Tel Aviv University, and Michael Czeizler, Reichman University, will be our speakers and Jeremey Eder, Red Hat, will lead the conversation.
Abstract
It is a common belief that Auto-scaling mechanisms serve as a mitigation for Distributed Denial of Service (DDoS) attacks on cloud computing infrastructures by dynamically adding machines to cope with the additional load. Intuitively, such attacks are mostly associated with Economic Denial of Sustainability (EDoS) derived from paying for the extra resources required to process the malicious incoming traffic.
Contrary to this belief, we present and analyze the Yo-Yo attack, a new attack against the auto-scaling mechanism that can cause significant performance degradation in addition to economic damage. We demonstrate the attack on Amazon EC2, Kubernetes, and serverless architecture. We then present and analyze Tandem Attack, a new attack on Microservices architecture. In this attack, the attacker exploits the tandem behavior of services with different auto-scaling mechanisms, causing both economic and performance damage.
Speakers:
Prof. Anat Bremler-Barr, Tel Aviv University (currently transitioning from Reichman University)
Michael Czeizler, Reichman University
Conversation Leader:
Jeremy Eder, Red Hat
Visit the DDoS Attacks on Cloud Auto-scaling Mechanisms project page to learn more.
The recording and materials will be available following the talk. Learn more about Red Hat Research Days Events and watch the recordings from previous events at research.redhat.com/research-talks
Session Recording and Materials