The effects of energy-related Denial of Service (DoS) attacks on modern large-scale cloud data centers may involve not only the availability or quality of the service delivered through these infrastructures, but also their operational costs in terms of energy bill. Specifically, the longer is the time needed to detect the attack, the higher is the impact on the overall energy consumption and hence on the related expenses. Therefore, particular attention has to be paid for low-rate DoS attacks. They aim at minimizing their visibility, and at the same time, can be as harmful as the more traditional DoSs or even worse. These sophisticated attacks are tailored to induce the worst-case energy demands on the target system by leveraging properly crafted low-rate traffic patterns. In this work, we introduce a strategy for orchestrating adaptive variable-rate attacks that dynamically change their offending patterns and packet rate in order to minimize their detectability and maximize their energy-related impact, by wasting as much energy as possible. We describe both the details behind the proposed strategy, and analyze its potential effects on typical servers operating within large-scale cloud data center infrastructures.
Adaptive Stealth Energy-related DoS Attacks Against Cloud Data Centers
FICCO, Massimo;
2014
Abstract
The effects of energy-related Denial of Service (DoS) attacks on modern large-scale cloud data centers may involve not only the availability or quality of the service delivered through these infrastructures, but also their operational costs in terms of energy bill. Specifically, the longer is the time needed to detect the attack, the higher is the impact on the overall energy consumption and hence on the related expenses. Therefore, particular attention has to be paid for low-rate DoS attacks. They aim at minimizing their visibility, and at the same time, can be as harmful as the more traditional DoSs or even worse. These sophisticated attacks are tailored to induce the worst-case energy demands on the target system by leveraging properly crafted low-rate traffic patterns. In this work, we introduce a strategy for orchestrating adaptive variable-rate attacks that dynamically change their offending patterns and packet rate in order to minimize their detectability and maximize their energy-related impact, by wasting as much energy as possible. We describe both the details behind the proposed strategy, and analyze its potential effects on typical servers operating within large-scale cloud data center infrastructures.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.