TY - GEN
T1 - Failure or denial of service? A rethink of the cloud recovery model
AU - Abdulazeez, Muhammed Bello
AU - Kowalski, Dariusz
AU - Lisista, Alexei
AU - Alshamrani, Sultan
PY - 2016
Y1 - 2016
N2 - One of the dominant paradigms of cloud computing is infrastructure as a service (IaaS), which allows organizations to outsource computing equipment and resources such as servers, storage, networking, as well as services such as load balancing and content delivery networks. For vendors offering IaaS, load balancing is a critical aspect and selling point. One component of load balancing is auto-scaling. This feature allows applications to scale up and down dynamically based on load, performance and 'health' of a virtual machine (VM). It used to take years to grow businesses to millions of customers but now this can happen in months or even days, therefore the ability to access a seemingly infinite amount of resources on demand is very appealing to businesses. The entire cloud model relies on dynamic scalability and configurability because it is not practical to manually configure on-demand services. In this paper we reconsider the scaling of services on the cloud, and consider the definition of 'healthy' scaling, a concept vendors do not formally define. We also look at application layer denial of service (DOS) attacks on application servers running compute services. While there have been extensive efforts to defend the cloud against volumetric DOS using network layer defences, detecting and preventing application layer DOS attacks on the cloud is non-trivial due to the size of cloud and the heterogeneity of applications running. We surveyed some of the key cloud providers that offer IaaS such as Amazon Web Services, Windows Azure, Google Compute Engine, Rack Space Open Cloud, and IBM Smart Cloud Enterprise. We specifically analysed their auto-scaling features and looked at the cost implications for customers. We ask the question, does the monitoring feature of these services differentiate between load increase and Application Layer DOS when making the decision to scale up its services VM?.
AB - One of the dominant paradigms of cloud computing is infrastructure as a service (IaaS), which allows organizations to outsource computing equipment and resources such as servers, storage, networking, as well as services such as load balancing and content delivery networks. For vendors offering IaaS, load balancing is a critical aspect and selling point. One component of load balancing is auto-scaling. This feature allows applications to scale up and down dynamically based on load, performance and 'health' of a virtual machine (VM). It used to take years to grow businesses to millions of customers but now this can happen in months or even days, therefore the ability to access a seemingly infinite amount of resources on demand is very appealing to businesses. The entire cloud model relies on dynamic scalability and configurability because it is not practical to manually configure on-demand services. In this paper we reconsider the scaling of services on the cloud, and consider the definition of 'healthy' scaling, a concept vendors do not formally define. We also look at application layer denial of service (DOS) attacks on application servers running compute services. While there have been extensive efforts to defend the cloud against volumetric DOS using network layer defences, detecting and preventing application layer DOS attacks on the cloud is non-trivial due to the size of cloud and the heterogeneity of applications running. We surveyed some of the key cloud providers that offer IaaS such as Amazon Web Services, Windows Azure, Google Compute Engine, Rack Space Open Cloud, and IBM Smart Cloud Enterprise. We specifically analysed their auto-scaling features and looked at the cost implications for customers. We ask the question, does the monitoring feature of these services differentiate between load increase and Application Layer DOS when making the decision to scale up its services VM?.
KW - Auto scaling
KW - Cloud monitoring
KW - DOS
KW - Denial of service
KW - IaaS
UR - http://www.scopus.com/inward/record.url?scp=84979248551&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84979248551&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:84979248551
T3 - European Conference on Information Warfare and Security, ECCWS
SP - 1
EP - 8
BT - Proceedings of the 15th European Conference on Cyber Warfare and Security, ECCWS 2016
A2 - Koch, Robert
A2 - Rodosek, Gabi Dreo
PB - Curran Associates Inc.
T2 - 15th European Conference on Cyber Warfare and Security, ECCWS 2016
Y2 - 7 July 2016 through 8 July 2016
ER -