Denial of Wallet – Defining a Looming Threat to Serverless Computing

04/16/2021
by   Daniel Kelly, et al.
0

Serverless computing is the latest paradigm in cloud computing, offering a framework for the development of event driven, pay-as-you-go functions in a highly scalable environment. While these traits offer a powerful new development paradigm, they have also given rise to a new form of cyber-attack known as Denial of Wallet (forced financial exhaustion). In this work, we define and identify the threat of Denial of Wallet and its potential attack patterns. Also, we demonstrate how this new form of attack can potentially circumvent existing mitigation systems developed for a similar style of attack, Denial of Service. Our goal is twofold. Firstly, we will provide a concise and informative overview of this emerging attack paradigm. Secondly, we propose this paper as a starting point to enable researchers and service providers to create effective mitigation strategies. We include some simulated experiments to highlight the potential financial damage that such attacks can cause and the creation of an isolated test bed for continued safe research on these attacks.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
05/31/2019

Comparative Analysis of State-of-the-Art EDoS Mitigation Techniques in Cloud Computing Environment

A new variant of the DDoS attack, called Economic Denial of Sustainabili...
research
08/03/2018

An SDN-based Approach For Defending Against Reflective DDoS Attacks

Distributed Reflective Denial of Service (DRDoS) attacks are an immanent...
research
05/26/2022

DoS Attacks on Blockchain Ecosystem

Denial of Service (DoS) attacks are a growing threat in network services...
research
12/03/2020

Proactive DDoS Attack Mitigation in Cloud-Fog Environment using Moving Target Defense

Distributed Denial of Service (DDoS) attacks are serious cyber attacks a...
research
07/15/2023

Understanding Cyber Threats Against the Universities, Colleges, and Schools

Universities hold and process a vast amount of valuable user and researc...
research
11/01/2022

Looking Beyond IoCs: Automatically Extracting Attack Patterns from External CTI

Public and commercial companies extensively share cyber threat intellige...
research
08/02/2022

A Turning Point for Verified Spectre Sandboxing

Spectre attacks enable an attacker to access restricted data in an appli...

Please sign up or login with your details

Forgot password? Click here to reset