Evaluation of Application Layer DDoS Attack Effect in Cloud Native Applications
Cloud native application is especially susceptible to application layer DDoS attack. This attributes to the internal service calls, by which microservices cooperate and communicate with each other, amplifying the effect of application layer DDoS attack. Since different services have varying degrees...
Gespeichert in:
| Veröffentlicht in: | IEEE transactions on cloud computing 2024-04, Vol.12 (2), p.522-538 |
|---|---|
| Hauptverfasser: | , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 538 |
|---|---|
| container_issue | 2 |
| container_start_page | 522 |
| container_title | IEEE transactions on cloud computing |
| container_volume | 12 |
| creator | Wang, Kewei Hu, Changzhen Shan, Chun |
| description | Cloud native application is especially susceptible to application layer DDoS attack. This attributes to the internal service calls, by which microservices cooperate and communicate with each other, amplifying the effect of application layer DDoS attack. Since different services have varying degrees of sensitivity to an attack, a sophisticated attacker can take advantage of those especially expensive API calls to produce serious damage to the availability of services and applications with ease. To better analyze the severity of and mitigate application layer DDoS attacks in cloud native applications, we propose a novel method to evaluate the effect of application layer DDoS attack, that is able to quantitatively characterize the amplifying effect introduced by the complex structure of application system. We first present the descriptive model of the scenario. Then, Riemannian manifolds are constructed as the state spaces of the attack scenarios, in which attacks are described as homeomorphisms. Finally, we apply differential geometry principles to quantitatively calculate the attack effect, which is derived from the action of an attack and the movement it produces in the state spaces. The proposed method is validated in various application scenarios. We show that our approach provides accurate evaluation results, and outperforms existing solutions. |
| doi_str_mv | 10.1109/TCC.2024.3374798 |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_ieee_primary_10466506</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10466506</ieee_id><sourcerecordid>3065464806</sourcerecordid><originalsourceid>FETCH-LOGICAL-c245t-9dad590bcbb8f7c1d00d83fcb194d91cdd737bc514addc7138d0d14729ddc33f3</originalsourceid><addsrcrecordid>eNpNkEtrwzAQhEVpoSHNvYceBD071VqyZB2D4z4gNIemZyHrAU7dyPUjkH9fBeeQvewOzMzCh9AjkCUAkS-7olimJGVLSgUTMr9BsxR4ngjgcHt136NF3-9JnDwDCXKGtuVRN6Me6nDAweNV2za1meRGn1yH1-vwhVfDoM0PLr13ZsD1ARdNGC3-jMajuw71D-jO66Z3i8ueo-_Xcle8J5vt20ex2iQmZdmQSKttJkllqir3woAlxObUmwoksxKMtYKKymTAtLVGAM0tscBEKqOk1NM5ep562y78ja4f1D6M3SG-VJTwjHGWEx5dZHKZLvR957xqu_pXdycFRJ3JqUhOncmpC7kYeZoitXPuys44z2LjP-uxaYE</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>3065464806</pqid></control><display><type>article</type><title>Evaluation of Application Layer DDoS Attack Effect in Cloud Native Applications</title><source>IEEE Electronic Library (IEL)</source><creator>Wang, Kewei ; Hu, Changzhen ; Shan, Chun</creator><creatorcontrib>Wang, Kewei ; Hu, Changzhen ; Shan, Chun</creatorcontrib><description>Cloud native application is especially susceptible to application layer DDoS attack. This attributes to the internal service calls, by which microservices cooperate and communicate with each other, amplifying the effect of application layer DDoS attack. Since different services have varying degrees of sensitivity to an attack, a sophisticated attacker can take advantage of those especially expensive API calls to produce serious damage to the availability of services and applications with ease. To better analyze the severity of and mitigate application layer DDoS attacks in cloud native applications, we propose a novel method to evaluate the effect of application layer DDoS attack, that is able to quantitatively characterize the amplifying effect introduced by the complex structure of application system. We first present the descriptive model of the scenario. Then, Riemannian manifolds are constructed as the state spaces of the attack scenarios, in which attacks are described as homeomorphisms. Finally, we apply differential geometry principles to quantitatively calculate the attack effect, which is derived from the action of an attack and the movement it produces in the state spaces. The proposed method is validated in various application scenarios. We show that our approach provides accurate evaluation results, and outperforms existing solutions.</description><identifier>ISSN: 2168-7161</identifier><identifier>EISSN: 2168-7161</identifier><identifier>EISSN: 2372-0018</identifier><identifier>DOI: 10.1109/TCC.2024.3374798</identifier><identifier>CODEN: ITCCF6</identifier><language>eng</language><publisher>Piscataway: IEEE</publisher><subject>Amplification ; Cloud computing ; Cloud native applications ; Computer crime ; Denial of service attacks ; Denial-of-service attack ; Differential geometry ; distributed denial-of-service ; distributed systems ; effect evaluation ; Measurement ; Microservice architectures ; Riemann manifold ; Security ; Software ; Topology</subject><ispartof>IEEE transactions on cloud computing, 2024-04, Vol.12 (2), p.522-538</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2024</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c245t-9dad590bcbb8f7c1d00d83fcb194d91cdd737bc514addc7138d0d14729ddc33f3</cites><orcidid>0000-0002-1197-2038 ; 0000-0002-1090-026X</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10466506$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,780,784,796,27924,27925,54758</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/10466506$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Wang, Kewei</creatorcontrib><creatorcontrib>Hu, Changzhen</creatorcontrib><creatorcontrib>Shan, Chun</creatorcontrib><title>Evaluation of Application Layer DDoS Attack Effect in Cloud Native Applications</title><title>IEEE transactions on cloud computing</title><addtitle>TCC</addtitle><description>Cloud native application is especially susceptible to application layer DDoS attack. This attributes to the internal service calls, by which microservices cooperate and communicate with each other, amplifying the effect of application layer DDoS attack. Since different services have varying degrees of sensitivity to an attack, a sophisticated attacker can take advantage of those especially expensive API calls to produce serious damage to the availability of services and applications with ease. To better analyze the severity of and mitigate application layer DDoS attacks in cloud native applications, we propose a novel method to evaluate the effect of application layer DDoS attack, that is able to quantitatively characterize the amplifying effect introduced by the complex structure of application system. We first present the descriptive model of the scenario. Then, Riemannian manifolds are constructed as the state spaces of the attack scenarios, in which attacks are described as homeomorphisms. Finally, we apply differential geometry principles to quantitatively calculate the attack effect, which is derived from the action of an attack and the movement it produces in the state spaces. The proposed method is validated in various application scenarios. We show that our approach provides accurate evaluation results, and outperforms existing solutions.</description><subject>Amplification</subject><subject>Cloud computing</subject><subject>Cloud native applications</subject><subject>Computer crime</subject><subject>Denial of service attacks</subject><subject>Denial-of-service attack</subject><subject>Differential geometry</subject><subject>distributed denial-of-service</subject><subject>distributed systems</subject><subject>effect evaluation</subject><subject>Measurement</subject><subject>Microservice architectures</subject><subject>Riemann manifold</subject><subject>Security</subject><subject>Software</subject><subject>Topology</subject><issn>2168-7161</issn><issn>2168-7161</issn><issn>2372-0018</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNpNkEtrwzAQhEVpoSHNvYceBD071VqyZB2D4z4gNIemZyHrAU7dyPUjkH9fBeeQvewOzMzCh9AjkCUAkS-7olimJGVLSgUTMr9BsxR4ngjgcHt136NF3-9JnDwDCXKGtuVRN6Me6nDAweNV2za1meRGn1yH1-vwhVfDoM0PLr13ZsD1ARdNGC3-jMajuw71D-jO66Z3i8ueo-_Xcle8J5vt20ex2iQmZdmQSKttJkllqir3woAlxObUmwoksxKMtYKKymTAtLVGAM0tscBEKqOk1NM5ep562y78ja4f1D6M3SG-VJTwjHGWEx5dZHKZLvR957xqu_pXdycFRJ3JqUhOncmpC7kYeZoitXPuys44z2LjP-uxaYE</recordid><startdate>20240401</startdate><enddate>20240401</enddate><creator>Wang, Kewei</creator><creator>Hu, Changzhen</creator><creator>Shan, Chun</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0002-1197-2038</orcidid><orcidid>https://orcid.org/0000-0002-1090-026X</orcidid></search><sort><creationdate>20240401</creationdate><title>Evaluation of Application Layer DDoS Attack Effect in Cloud Native Applications</title><author>Wang, Kewei ; Hu, Changzhen ; Shan, Chun</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c245t-9dad590bcbb8f7c1d00d83fcb194d91cdd737bc514addc7138d0d14729ddc33f3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Amplification</topic><topic>Cloud computing</topic><topic>Cloud native applications</topic><topic>Computer crime</topic><topic>Denial of service attacks</topic><topic>Denial-of-service attack</topic><topic>Differential geometry</topic><topic>distributed denial-of-service</topic><topic>distributed systems</topic><topic>effect evaluation</topic><topic>Measurement</topic><topic>Microservice architectures</topic><topic>Riemann manifold</topic><topic>Security</topic><topic>Software</topic><topic>Topology</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Wang, Kewei</creatorcontrib><creatorcontrib>Hu, Changzhen</creatorcontrib><creatorcontrib>Shan, Chun</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE transactions on cloud computing</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Wang, Kewei</au><au>Hu, Changzhen</au><au>Shan, Chun</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Evaluation of Application Layer DDoS Attack Effect in Cloud Native Applications</atitle><jtitle>IEEE transactions on cloud computing</jtitle><stitle>TCC</stitle><date>2024-04-01</date><risdate>2024</risdate><volume>12</volume><issue>2</issue><spage>522</spage><epage>538</epage><pages>522-538</pages><issn>2168-7161</issn><eissn>2168-7161</eissn><eissn>2372-0018</eissn><coden>ITCCF6</coden><abstract>Cloud native application is especially susceptible to application layer DDoS attack. This attributes to the internal service calls, by which microservices cooperate and communicate with each other, amplifying the effect of application layer DDoS attack. Since different services have varying degrees of sensitivity to an attack, a sophisticated attacker can take advantage of those especially expensive API calls to produce serious damage to the availability of services and applications with ease. To better analyze the severity of and mitigate application layer DDoS attacks in cloud native applications, we propose a novel method to evaluate the effect of application layer DDoS attack, that is able to quantitatively characterize the amplifying effect introduced by the complex structure of application system. We first present the descriptive model of the scenario. Then, Riemannian manifolds are constructed as the state spaces of the attack scenarios, in which attacks are described as homeomorphisms. Finally, we apply differential geometry principles to quantitatively calculate the attack effect, which is derived from the action of an attack and the movement it produces in the state spaces. The proposed method is validated in various application scenarios. We show that our approach provides accurate evaluation results, and outperforms existing solutions.</abstract><cop>Piscataway</cop><pub>IEEE</pub><doi>10.1109/TCC.2024.3374798</doi><tpages>17</tpages><orcidid>https://orcid.org/0000-0002-1197-2038</orcidid><orcidid>https://orcid.org/0000-0002-1090-026X</orcidid></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | ISSN: 2168-7161 |
| ispartof | IEEE transactions on cloud computing, 2024-04, Vol.12 (2), p.522-538 |
| issn | 2168-7161 2168-7161 2372-0018 |
| language | eng |
| recordid | cdi_ieee_primary_10466506 |
| source | IEEE Electronic Library (IEL) |
| subjects | Amplification Cloud computing Cloud native applications Computer crime Denial of service attacks Denial-of-service attack Differential geometry distributed denial-of-service distributed systems effect evaluation Measurement Microservice architectures Riemann manifold Security Software Topology |
| title | Evaluation of Application Layer DDoS Attack Effect in Cloud Native Applications |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-27T19%3A01%3A53IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Evaluation%20of%20Application%20Layer%20DDoS%20Attack%20Effect%20in%20Cloud%20Native%20Applications&rft.jtitle=IEEE%20transactions%20on%20cloud%20computing&rft.au=Wang,%20Kewei&rft.date=2024-04-01&rft.volume=12&rft.issue=2&rft.spage=522&rft.epage=538&rft.pages=522-538&rft.issn=2168-7161&rft.eissn=2168-7161&rft.coden=ITCCF6&rft_id=info:doi/10.1109/TCC.2024.3374798&rft_dat=%3Cproquest_RIE%3E3065464806%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=3065464806&rft_id=info:pmid/&rft_ieee_id=10466506&rfr_iscdi=true |