skip to main content
10.1145/3092627.3092630acmotherconferencesArticle/Chapter ViewAbstractPublication PageshaspConference Proceedingsconference-collections
research-article
Public Access

Host-Based Dos Attacks and Defense in the Cloud

Published: 25 June 2017 Publication History

Abstract

We explore host-based DoS attacks, which exploit the shared computing resources in a multi-tenant cloud server to compromise the server's resource availability. We first present a set of attack techniques targeting different types of resources. We show such attacks can significantly affect the performance of co-located VMs, as well as the cloud provider's management services. Then we propose an attack strategy to compromise the availability of the entire datacenter. We show how power-aware optimization techniques can help the attacker achieve his goal faster, with low cost.
We design an effective general-purpose method to defeat memory, network and disk DoS attacks. We use a statistical method to detect changes in the usage of different resources. Once an attack happens, we use resource throttling techniques to identify and thwart the malicious VMs. Our evaluation shows that this defense method can effectively defeat these DoS attacks with negligible performance overhead. We alert the computer architecture community to these catastrophic attacks on the availability of cloud computing resources, to encourage building in better defenses at both the hardware and software levels.

References

[1]
Intel 64 and IA-32 architectures software developer's manual, volume 3: System programming guide. http://www.intel.com/content/www/us/en/processors/architectures-software-developer-manuals.html.
[2]
Lmbench - tools for performance analysis. http://www.bitmover.com/lmbench/.
[3]
Openstack cloud software. http://www.openstack.org/.
[4]
Planetlab. https://www.planet-lab.org/.
[5]
Welcome to the httperf homepage. http://www.hpl.hp.com/research/linux/httperf/.
[6]
S. Alarifi and S. D. Wolthusen. Robust coordination of cloud-internal denial of service attacks. In Intl. Conf. on Cloud and Green Computing, 2013.
[7]
H. S. Bedi and S. Shiva. Securing cloud infrastructure against co-resident DoS attacks using game theoretic defense mechanisms. In Intl. Conf. on Advances in Computing, Communications and Informatics, 2012.
[8]
A. Beloglazov and R. Buyya. Optimal online deterministic algorithms and adaptive heuristics for energy and performance efficient dynamic consolidation of virtual machines in cloud data centers. Concurrency and Computation: Practice and Experience, 2012.
[9]
R. N. Calheiros, R. Ranjan, A. Beloglazov, C. A. F. De Rose, and R. Buyya. Cloudsim: A toolkit for modeling and simulation of cloud computing environments and evaluation of resource provisioning algorithms. Softw. Pract. Exper., 2011.
[10]
R. Chiang, S. Rajasekaran, N. Zhang, and H. Huang. Swiper: Exploiting virtual machine vulnerability in third-party clouds with competition for i/o resources. IEEE Trans. on Parallel and Distributed Systems, 2015.
[11]
D. Grunwald and S. Ghiasi. Microarchitectural denial of service: Insuring microarchitectural fairness. In ACM/IEEE Intl. Symp. on Microarchitecture, 2002.
[12]
Q. Huang and P. P. Lee. An experimental study of cascading performance interference in a virtualized environment. SIGMETRICS Perf. Eval. Rev., 2013.
[13]
J. Idziorek, M. Tannian, and D. Jacobson. Detecting fraudulent use of cloud resources. In ACM Workshop on Cloud Computing Security, 2011.
[14]
F. J. Massey Jr. The kolmogorov-smirnov test for goodness of fit. Journal of the American statistical Association, 1951.
[15]
R. Miao, R. Potharaju, M. Yu, and N. Jain. The dark menace: Characterizing network-based attacks in the cloud. In ACM Conference on Internet Measurement Conference, 2015.
[16]
T. Moscibroda and O. Mutlu. Memory performance attacks: Denial of memory service in multi-core systems. In USENIX Security Symp., 2007.
[17]
R. Sandberg, D. Goldberg, S. Kleiman, D. Walsh, and B. Lyon. Design and implementation of the sun network filesystem, 1985.
[18]
P. Shamsolmoali and M. Zareapoor. Statistical-based filtering system against ddos attacks in cloud computing. In Intl. Conf. on Advances in Computing, Communications and Informatics, 2014.
[19]
Top Threats Working Group. The treacherous 12 cloud computing top threats in 2016. In Cloud Security Alliance, 2016.
[20]
D. H. Woo and H.-H. S. Lee. Analyzing performance vulnerability due to resource denial-of-service attack on chip multiprocessors. In Workshop on Chip Multiprocessor Memory Systems and Interconnects, 2007.
[21]
Z. Wu, Z. Xu, and H. Wang. Whispers in the hyper-space: High-speed covert channel attacks in the cloud. In USENIX Security Symp., 2012.
[22]
Z. Yang, H. Fang, Y. Wu, C. Li, B. Zhao, and H. Huang. Understanding the effects of hypervisor i/o scheduling for virtual machine performance interference. In IEEE Intl. Conf. on Cloud Computing Technology and Science, 2012.
[23]
T. Zhang, Y. Zhang, and R. B. Lee. Dos attacks on your memory in the cloud. In ACM Asia Conference on Computer and Communications Security, 2017.

Cited By

View all
  • (2025)Evaluation of time-based virtual machine migration as moving target defense against host-based attacksJournal of Systems and Software10.1016/j.jss.2024.112222219:COnline publication date: 1-Jan-2025
  • (2025)Privacy and security vulnerabilities in edge intelligence: An analysis and countermeasuresComputers and Electrical Engineering10.1016/j.compeleceng.2025.110146123(110146)Online publication date: Apr-2025
  • (2024)A Survey of Edge Computing Privacy and Security Threats and Their Countermeasures2024 IEEE Computer Society Annual Symposium on VLSI (ISVLSI)10.1109/ISVLSI61997.2024.00093(484-489)Online publication date: 1-Jul-2024
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
HASP '17: Proceedings of the Hardware and Architectural Support for Security and Privacy
June 2017
68 pages
ISBN:9781450352666
DOI:10.1145/3092627
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

  • Intel: Intel
  • University of Houston

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 June 2017

Permissions

Request permissions for this article.

Check for updates

Qualifiers

  • Research-article
  • Research
  • Refereed limited

Funding Sources

Conference

HASP '17

Acceptance Rates

Overall Acceptance Rate 9 of 13 submissions, 69%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)117
  • Downloads (Last 6 weeks)14
Reflects downloads up to 19 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2025)Evaluation of time-based virtual machine migration as moving target defense against host-based attacksJournal of Systems and Software10.1016/j.jss.2024.112222219:COnline publication date: 1-Jan-2025
  • (2025)Privacy and security vulnerabilities in edge intelligence: An analysis and countermeasuresComputers and Electrical Engineering10.1016/j.compeleceng.2025.110146123(110146)Online publication date: Apr-2025
  • (2024)A Survey of Edge Computing Privacy and Security Threats and Their Countermeasures2024 IEEE Computer Society Annual Symposium on VLSI (ISVLSI)10.1109/ISVLSI61997.2024.00093(484-489)Online publication date: 1-Jul-2024
  • (2023)A Security Survey of NFV: From Causes to Practices2023 3rd International Conference on Consumer Electronics and Computer Engineering (ICCECE)10.1109/ICCECE58074.2023.10135454(624-628)Online publication date: 6-Jan-2023
  • (2023)Security and Privacy on 6G Network Edge: A SurveyIEEE Communications Surveys & Tutorials10.1109/COMST.2023.324467425:2(1095-1127)Online publication date: Oct-2024
  • (2022)A Study on the Impact of Memory DoS Attacks on Cloud Applications and Exploring Real-Time Detection SchemesIEEE/ACM Transactions on Networking10.1109/TNET.2022.314489530:4(1644-1658)Online publication date: Aug-2022
  • (2022)PolyRhythm: Adaptive Tuning of a Multi-Channel Attack Template for Timing Interference2022 IEEE Real-Time Systems Symposium (RTSS)10.1109/RTSS55097.2022.00028(225-239)Online publication date: Dec-2022
  • (2022)Towards Securing Availability in 5G: Analyzing the Injection Attack Impact on Core NetworkSilicon Valley Cybersecurity Conference10.1007/978-3-030-96057-5_10(143-154)Online publication date: 10-Feb-2022
  • (2021)Secure and Efficient Allocation of Virtual Machines in Cloud Data Center2021 IEEE Symposium on Computers and Communications (ISCC)10.1109/ISCC53001.2021.9631399(1-7)Online publication date: 5-Sep-2021
  • (2020)Impact of Memory DoS Attacks on Cloud Applications and Real-Time Detection SchemesProceedings of the 49th International Conference on Parallel Processing10.1145/3404397.3404465(1-11)Online publication date: 17-Aug-2020
  • Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media