Europe Research Interest Group Meeting [November 2022]
Date: November 10, 2022
DDoS Attack on Cloud Auto-scaling Mechanisms by Anat Bremler-Barr
Auto-scaling mechanisms are an important line of defense against Distributed Denial of Service (DDoS) in the cloud. Using auto-scaling, machines can be added and removed in an online manner to respond to fluctuating load. It is commonly believed that the auto-scaling mechanism casts DDoS attacks into Economic Denial of Sustainability (EDoS) attacks. Rather than suffering from performance degradation up to a total denial of service, the victim suffers from the economic damage incurred by paying for the extra resources required to process the bogus traffic of the attack. Contrary to this belief, we present and analyze the Yo-Yo attack, a new attack against the auto-scaling mechanism, that can cause significant performance degradation in addition to economic damage. We demonstrate the attack on Amazon EC2, on Kubernetes, and on serverless architecture.
Anat Bremler-Barr is a Professor at Reichman University. Anat is currently on a sabbatical at Red Hat. In 2001, she co-founded Riverhead Networks Inc., a company that provides systems to protect from Denial of Service attacks. The company was acquired by Cisco Systems in 2004. She then joined the Efi Arazi School of Computer Science at Reichman University. She is the founder and director of the Deepness Lab, which focuses on designing reliable and efficient networks and network devices. Her research interests are in computer networks and network security. Her recent research works are focused on DNS security, Cloud security, IoT security, DDoS mitigation, and CVEs analysis.
Join the RIG meeting with Google meet: https://meet.google.com/arv-uggu-xmr