Towards Yo-Yo attack mitigation in cloud auto-scaling mechanism  

作　　者：Xiaoqiong Xu Jin Li Hongfang Yu Long Luo Xuetao Wei Gang Sun 

机构地区：[1]Key Lab of Optical Fiber Sensing and Communications(Ministry of Education),University of Electronic Science and Technology of China,Chengdu,611731,China [2]National Key Laboratory of Science and Technology on Information System Security,Beijing,100101,China [3]Center for Cyber Security,University of Electronic Science and Technology of China,Chengdu,611731,China [4]University of Cincinnati,Cincinnati,OH,45220,USA

出　　处：《Digital Communications and Networks》2020年第3期369-376,共8页数字通信与网络（英文版）

基　　金：This research was partially supported by the Natural Science Foundation of China(61571098);Open Foundation of State Key Laboratory of Networking and Switching Technology(Beijing University of Posts and Telecommunications)(SKLNST-2016-2-24).

摘　　要：Cloud platforms could automatically scale underlying network resources up and down in response to changes in the traffic load.Such an auto-scaling mechanism can largely enhance the elasticity and scalability of cloud platforms.However,it may introduce new security threats.For example,the Yo-Yo attack is a newly disclosed attack against the cloud auto-scaling mechanism.Attackers periodically send bursts of traffic to cause the autoscaling mechanism to oscillate between the scale-up process and the scale-down process,which may result in significant performance degradation and economic loss.None of the prior work addressed the problem of mitigating such an attack.In this paper,we propose a Trust-based Adversarial Scanner Delaying(TASD)approach to effectively and proactively mitigate the Yo-Yo attack on the cloud auto-scaling mechanism.In TASD,we first propose to use the trust-based scheme to establish trust values for users,which is leveraged to identify adversarial requests.Trust values are updated by jointly considering the request mode and the auto-scaling status.Then,we aim to disable the condition under which the Yo-Yo attack takes effect by injecting certain delay,under the QoS constraints,to manipulate the response time of suspicious requests and deceive the attackers.Our extensive evaluation demonstrates that our approach achieves promising results,e.g.,it can detect at least 80%Yo-Yo adversarial users and reduce more than 41%malicious scale-ups.

关 键 词：Cloud computing Auto-scaling mechanism Yo-yo attack Attack detection Attack defense 

分 类 号：TN91[电子电信—通信与信息系统]