KIT | KIT-Bibliothek | Impressum | Datenschutz

Mitigating Internal, Stealthy DoS Attacks in Microservice Networks

Osman, Amr; Born, Jeannine; Strufe, Thorsten

Abstract (englisch):

The advent of Microservice (MS) architectures has led to increasingly complex communication patterns between distributed web applications in the cloud. In order to process an incoming request, each MS must invoke multiple remote API calls to the MSes that it is connected to along a service dependency graph. This allows attackers to exploit long-running remote API calls along the performance-critical path to cause application DoS, and potentially amplify subsequent inter-MS communication. This paper focuses on mitigating a class of stealthy, low-volume DDoS attacks that are launched internally from within and exploit this. The attacker uses the MSes under its control to disguise then send and resource-heavy requests to target MSes in a way that is indistinguishable from benign requests. We propose a probabilistic algorithm to proactively identify MSes involved in DDoS, and mitigate the attack in real-time.

Zugehörige Institution(en) am KIT Institut für Telematik (TM)
Kompetenzzentrum für angewandte Sicherheitstechnologie (KASTEL)
Publikationstyp Proceedingsbeitrag
Publikationsjahr 2021
Sprache Englisch
Identifikator ISBN: 978-3-030-91080-8
KITopen-ID: 1000140315
Erschienen in Stabilization, Safety, and Security of Distributed Systems : 23rd International Symposium, SSS 2021, Virtual Event, November 17–20, 2021, Proceedings. Ed.: C. Johnen
Veranstaltung 23rd Stabilization, Safety, and Security of Distributed Systems : International Symposium (SSS 2021), Online, 17.11.2021 – 20.11.2021
Auflage 1. ed.
Verlag Springer
Seiten 500–504
Serie Theoretical Computer Science and General Issues ; 13046 ; 13046
Vorab online veröffentlicht am 09.11.2021
Externe Relationen Siehe auch
Schlagwörter Microservice architectures, communication patterns, networks, API
Nachgewiesen in Dimensions
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page