DeepAI AI Chat
Log In Sign Up

Guarding Serverless Applications with SecLambda

by   Deepak Sirone Jegan, et al.

As an emerging application paradigm, serverless computing attracts attention from more and more attackers. Unfortunately, security tools for conventional applications cannot be easily ported to serverless, and existing serverless security solutions are inadequate. In this paper, we present SecLambda, an extensible security framework that leverages local function state and global application state to perform sophisticated security tasks to protect an application. We show how SecLambda can be used to achieve control flow integrity, credential protection, and rate limiting in serverless applications. We evaluate the performance overhead and security of SecLambda using realistic open-source applications, and our results suggest that SecLambda can mitigate several attacks while introducing relatively low performance overhead.


page 1

page 2

page 3

page 4


SIP Shaker: Software Integrity Protection Composition

Man-At-The-End (MATE) attackers are almighty adversaries against whom th...

TEEMon: A continuous performance monitoring framework for TEEs

Trusted Execution Environments (TEEs), such as Intel Software Guard eXte...

Shining Light On Shadow Stacks

Control-Flow Hijacking attacks are the dominant attack vector to comprom...

InversOS: Efficient Control-Flow Protection for AArch64 Applications with Privilege Inversion

With the increasing popularity of AArch64 processors in general-purpose ...

Stopping Silent Sneaks: Defending against Malicious Mixes with Topological Engineering

Mixnets are a fundamental type of anonymous communication system and rec...

Lic-Sec: an enhanced AppArmor Docker security profile generator

Along with the rapid development of cloud computing technology, containe...

The Taint Rabbit: Optimizing Generic Taint Analysis with Dynamic Fast Path Generation

Generic taint analysis is a pivotal technique in software security. Howe...