Paper Info
Title
Host-Based Dos Attacks and Defense in the Cloud
Abstract
We explore host-based DoS attacks, which exploit the shared computing resources in a multi-tenant cloud server to compromise the server's resource availability. We first present a set of attack techniques targeting different types of resources. We show such attacks can significantly affect the performance of co-located VMs, as well as the cloud provider's management services. Then we propose an attack strategy to compromise the availability of the entire datacenter. We show how power-aware optimization techniques can help the attacker achieve his goal faster, with low cost. We design an effective general-purpose method to defeat memory, network and disk DoS attacks. We use a statistical method to detect changes in the usage of different resources. Once an attack happens, we use resource throttling techniques to identify and thwart the malicious VMs. Our evaluation shows that this defense method can effectively defeat these DoS attacks with negligible performance overhead. We alert the computer architecture community to these catastrophic attacks on the availability of cloud computing resources, to encourage building in better defenses at both the hardware and software levels.
Year
DOI
Venue
2017
10.1145/3092627.3092630
HASP@ISCA
Field
DocType
ISBN
Denial-of-service attack,Robust random early detection,Computer science,Computer security,Exploit,Software,Compromise,Tagged architecture,Cloud computing,Buffer overflow
Conference
978-1-4503-5266-6
Citations 
PageRank 
References 
2
0.38
14
Authors
2
Name
Order
Citations
PageRank
Tianwei Zhang1346.63
Ruby Lee22460261.28