Exploiting the Transients of Adaptation for RoQ Attacks on Internet Resources
Azer Bestavros
Over the past few years, Denial of Service (DoS) attacks have emerged
as a serious vulnerability for almost every Internet service. An
adversary bent on limiting access to a network resource could simply
marshal enough client machines to bring down an Internet service by
subjecting it to sustained levels of demand that far exceed its
capacity, making that service incapable of adequately responding to
legitimate requests. In this talk I will expose a different, but
potentially more malignant adversarial attack that exploits the
transients of a system's adaptive behavior, as opposed to its limited
steady-state capacity. In particular, I will show that a determined
adversary could bleed an adaptive system's capacity or significantly
reduce its service quality by subjecting it to an unsuspicious,
low-intensity (but well orchestrated and timed) request stream that
causes the system to become very inefficient, or unstable. I will
give examples of such "Reduction of Quality" (RoQ) attacks on a number
of common adaptive components in modern computing and networking
systems. RoQ attacks stand in sharp contrast to traditional
brute-force, sustained high-rate DoS attacks, as well as recently
proposed "shrew" attacks that exploit specific protocol settings. I
will present numerical and simulation results, which are validated
with observations from real Internet experiments.
This work was done in collaboration with Mina Guirguis and
Ibrahim
Matta.
http://www.cs.bu.edu/~best/
|