A Study of Very Short Intermittent DDoS Attacks on the Performance of Web Services in Clouds

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v CHAPTER

[1]  Jie Yu,et al.  A Detection and Offense Mechanism to Defend Against Application Layer DDoS Attacks , 2007, International Conference on Networking and Services (ICNS '07).

[2]  G. J. A. Stern,et al.  Queueing Systems, Volume 2: Computer Applications , 1976 .

[3]  Ali A. Ghorbani,et al.  Application-layer denial of service attacks: taxonomy and survey , 2015, Int. J. Inf. Comput. Secur..

[4]  Zhenyu Wu,et al.  A Measurement Study on Co-residence Threat inside the Cloud , 2015, USENIX Security Symposium.

[5]  Calton Pu,et al.  Detecting Transient Bottlenecks in n-Tier Applications through Fine-Grained Analysis , 2013, 2013 IEEE 33rd International Conference on Distributed Computing Systems.

[6]  Giuseppe Serazzi,et al.  Java Modelling Tools: an Open Source Suite for Queueing Network Modelling andWorkload Analysis , 2006, Third International Conference on the Quantitative Evaluation of Systems - (QEST'06).

[7]  Patrick P. C. Lee,et al.  An experimental study of cascading performance interference in a virtualized environment , 2013, PERV.

[8]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[9]  D. Kendall Stochastic Processes Occurring in the Theory of Queues and their Analysis by the Method of the Imbedded Markov Chain , 1953 .

[10]  Michael M. Swift,et al.  A Placement Vulnerability Study in Multi-Tenant Public Clouds , 2015, USENIX Security Symposium.

[11]  Ricardo Bianchini,et al.  DeepDive: Transparently Identifying and Managing Performance Interference in Virtualized Environments , 2013, USENIX Annual Technical Conference.

[12]  Jialin Li,et al.  Tales of the Tail: Hardware, OS, and Application-level Sources of Tail Latency , 2014, SoCC.

[13]  Gorka Irazoqui Apecechea,et al.  Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud , 2015, IACR Cryptol. ePrint Arch..

[14]  James B. Rawlings,et al.  A new autocovariance least-squares method for estimating noise covariances , 2006, Autom..

[15]  Kotagiri Ramamohanarao,et al.  Survey of network-based defense mechanisms countering the DoS and DDoS problems , 2007, CSUR.

[16]  Abdelkader H. Ouda,et al.  Cloud-based DDoS attacks and defenses , 2013, International Conference on Information Society (i-Society 2013).

[17]  Calton Pu,et al.  milliScope: A Fine-Grained Monitoring Framework for Performance Debugging of n-Tier Web Services , 2017, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).

[18]  Anshul Gandhi,et al.  DIAL: Reducing Tail Latencies for Cloud Applications via Dynamic Interference-aware Load Balancing , 2017, 2017 IEEE International Conference on Autonomic Computing (ICAC).

[19]  Chih-Wei Chen,et al.  CICADAS: Congesting the Internet with Coordinated and Decentralized Pulsating Attacks , 2016, AsiaCCS.

[20]  Arnold O. Allen Probability, Statistics, and Queueing Theory , 1978 .

[21]  Stefan Savage,et al.  Inferring Internet denial-of-service activity , 2001, TOCS.

[22]  Amir Herzberg,et al.  Socket overloading for fun and cache-poisoning , 2013, ACSAC.

[23]  Luiz André Barroso,et al.  The tail at scale , 2013, CACM.

[24]  Xiapu Luo,et al.  On a New Class of Pulsing Denial-of-Service Attacks and the Defense , 2005, NDSS.

[25]  Salman Baset,et al.  Cloud SLAs: present and future , 2012, OPSR.

[26]  Jelena Mirkovic,et al.  Modeling Human Behavior for Defense Against Flash-Crowd Attacks , 2009, 2009 IEEE International Conference on Communications.

[27]  Ron Kohavi,et al.  Online Experiments: Lessons Learned , 2007, Computer.

[28]  Ruby B. Lee,et al.  DoS Attacks on Your Memory in Cloud , 2017, AsiaCCS.

[29]  Anees Shaikh,et al.  Remote Profiling of Resource Constraints of Web Servers Using Mini-Flash Crowds , 2008, USENIX Annual Technical Conference.

[30]  Virgil D. Gligor,et al.  The Crossfire Attack , 2013, 2013 IEEE Symposium on Security and Privacy.

[31]  Cheng-Zhong Xu,et al.  Interference and locality-aware task scheduling for MapReduce applications in virtual clusters , 2013, HPDC.

[32]  Wouter Joosen,et al.  Maneuvering Around Clouds: Bypassing Cloud-based Security Providers , 2015, CCS.

[33]  Anshul Gandhi,et al.  Modeling and Analysis of Performance Under Interference in the Cloud , 2017, 2017 IEEE 25th International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS).

[34]  Xiao Zhang,et al.  CPI2: CPU performance isolation for shared compute clusters , 2013, EuroSys '13.

[35]  Huan Liu,et al.  A new form of DOS attack in a cloud and its avoidance mechanism , 2010, CCSW '10.

[36]  Saurabh Bagchi,et al.  ICE: An Integrated Configuration Engine for Interference Mitigation in Cloud Services , 2015, 2015 IEEE International Conference on Autonomic Computing.

[37]  T. Başar,et al.  A New Approach to Linear Filtering and Prediction Problems , 2001 .

[38]  Guofei Gu,et al.  BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic , 2008, NDSS.

[39]  Peter Reiher,et al.  A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.

[40]  Qiben Yan,et al.  Very Short Intermittent DDoS Attacks in an Unsaturated System , 2017, SecureComm.

[41]  Shunzheng Yu,et al.  Monitoring the Application-Layer DDoS Attacks for Popular Websites , 2009, IEEE/ACM Transactions on Networking.

[42]  Thomas Eisenbarth,et al.  Hit by the Bus: QoS Degradation Attack on Android , 2017, AsiaCCS.

[43]  Marshall Copeland,et al.  Microsoft Azure , 2015, Apress.

[44]  Hwanju Kim,et al.  TPC: Target-Driven Parallelism Combining Prediction and Correction to Reduce Tail Latency in Interactive Services , 2016, ASPLOS.

[45]  Balachander Krishnamurthy,et al.  Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites , 2002, WWW.

[46]  Benjamin Farley,et al.  Resource-freeing attacks: improve your cloud performance (at your neighbor's expense) , 2012, CCS.

[47]  Christina Delimitrou,et al.  Paragon: QoS-aware scheduling for heterogeneous datacenters , 2013, ASPLOS '13.

[48]  Brian D. Noble,et al.  Bobtail: Avoiding Long Tails in the Cloud , 2013, NSDI.

[49]  Ying Zhang,et al.  Low-Rate TCP-Targeted DoS Attack Disrupts Internet Routing , 2007, NDSS.

[50]  Keqiang He,et al.  Next stop, the cloud: understanding modern web service deployment in EC2 and azure , 2013, Internet Measurement Conference.

[51]  Bowen Zhou,et al.  Mitigating interference in cloud services by middleware reconfiguration , 2014, Middleware.

[52]  Tipp Moseley,et al.  Measuring interference between live datacenter applications , 2012, 2012 International Conference for High Performance Computing, Networking, Storage and Analysis.

[53]  Chengxu Ye,et al.  Detection of application layer distributed denial of service , 2011, Proceedings of 2011 International Conference on Computer Science and Network Technology.

[54]  Vern Paxson,et al.  Temporal Lensing and Its Application in Pulsing Denial-of-Service Attacks , 2015, 2015 IEEE Symposium on Security and Privacy.

[55]  Maurizio Aiello,et al.  Taxonomy of Slow DoS Attacks to Web Applications , 2012, SNDS.

[56]  Aditya Akella,et al.  WhoWas: A Platform for Measuring Web Deployments on IaaS Clouds , 2014, Internet Measurement Conference.

[57]  Calton Pu,et al.  Variations in Performance and Scalability When Migrating n-Tier Applications to Different Clouds , 2011, 2011 IEEE 4th International Conference on Cloud Computing.

[58]  Mor Harchol-Balter,et al.  Performance Modeling and Design of Computer Systems: Queueing Theory in Action , 2013 .

[59]  David Lie,et al.  Computer Meteorology: Monitoring Compute Clouds , 2009, HotOS.

[60]  Calton Pu,et al.  Tail Attacks on Web Applications , 2017, CCS.

[61]  Onur Mutlu,et al.  Memory Performance Attacks: Denial of Memory Service in Multi-Core Systems , 2007, USENIX Security Symposium.

[62]  Christoforos E. Kozyrakis,et al.  Heracles: Improving resource efficiency at scale , 2015, 2015 ACM/IEEE 42nd Annual International Symposium on Computer Architecture (ISCA).

[63]  David M. Nicol,et al.  Denial-of-Service Threat to Hadoop/YARN Clusters with Multi-tenancy , 2014, 2014 IEEE International Congress on Big Data.

[64]  Brian D. Noble,et al.  Small is better: avoiding latency traps in virtualized data centers , 2013, SoCC.

[65]  George Kesidis,et al.  Effective Capacity Modulation as an Explicit Control Knob for Public Cloud Profitability , 2016, 2016 IEEE International Conference on Autonomic Computing (ICAC).

[66]  R. Chitra,et al.  Securing cloud from ddos attacks using intrusion detection system in virtual machine , 2013 .

[67]  Taieb Znati,et al.  Detecting Application Denial-of-Service Attacks: A Group-Testing-Based Approach , 2010, IEEE Transactions on Parallel and Distributed Systems.

[68]  Harkeerat Singh Bedi,et al.  Securing cloud infrastructure against co-resident DoS attacks using game theoretic defense mechanisms , 2012, ICACCI '12.

[69]  Calton Pu,et al.  A Study of Long-Tail Latency in n-Tier Systems: RPC vs. Asynchronous Invocations , 2017, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).

[70]  Peter Desnoyers,et al.  Scheduler Vulnerabilities and Coordinated Attacks in Cloud Computing , 2011, 2011 IEEE 10th International Symposium on Network Computing and Applications.

[71]  Vyas Sekar,et al.  Bohatei: Flexible and Elastic DDoS Defense , 2015, USENIX Security Symposium.

[72]  Christina Delimitrou,et al.  Bolt: I Know What You Did Last Summer... In The Cloud , 2017, ASPLOS.

[73]  Saman Taghavi Zargar,et al.  A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks , 2013, IEEE Communications Surveys & Tutorials.

[74]  Ravi Iyer,et al.  Cache QoS: From concept to reality in the Intel® Xeon® processor E5-2600 v3 product family , 2016, 2016 IEEE International Symposium on High Performance Computer Architecture (HPCA).

[75]  Mina Guirguis,et al.  Exploiting the transients of adaptation for RoQ attacks on Internet resources , 2004, Proceedings of the 12th IEEE International Conference on Network Protocols, 2004. ICNP 2004..

[76]  M. Uysal,et al.  DDoS-Shield: DDoS-Resilient Scheduling to Counter Application Layer Attacks , 2009, IEEE/ACM Transactions on Networking.

[77]  Gabriel Maciá-Fernández,et al.  LoRDAS: A Low-Rate DoS Attack against Application Servers , 2007, CRITIS.

[78]  Calton Pu,et al.  Lightning in the cloud: a study of very short bottlenecks on n-tierweb application performance , 2014 .

[79]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[80]  Kevin Skadron,et al.  Bubble-up: Increasing utilization in modern warehouse scale computers via sensible co-locations , 2011, 2011 44th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO).