{"title":"DoWNet 对无服务器应用程序流量中的拒绝钱包攻击进行分类","authors":"Daniel Kelly, Frank G Glavin, Enda Barrett","doi":"10.1093/cybsec/tyae004","DOIUrl":null,"url":null,"abstract":"Serverless computing is an ever-growing programming paradigm being adopted by developers all over the world. Its highly scalable, automatic load balancing, and pay for what you use design is a powerful tool that can also greatly reduce operational costs. However, these advantages also leave serverless computing open to a unique threat, Denial-of-Wallet (DoW). It is the intentional targeting of serverless function endpoints with request traffic in order to artificially raise the usage bills for the application owner. A subset of these attacks are leeches. They perform DoW at a rate that could go undetected as it is not a sudden violent influx of requests. We devise a means of detecting such attacks by utilizing a novel approach of representing request traffic as heat maps and training an image classification algorithm to distinguish between normal and malicious traffic behaviour. Our classifier utilizes convolutional neural networks and achieves 97.98% accuracy. We then design a system for the implementation of this model that would allow application owners to monitor their traffic in real time for suspicious behaviour.","PeriodicalId":44310,"journal":{"name":"Journal of Cybersecurity","volume":"309 1","pages":""},"PeriodicalIF":2.9000,"publicationDate":"2024-03-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"DoWNet—classification of Denial-of-Wallet attacks on serverless application traffic\",\"authors\":\"Daniel Kelly, Frank G Glavin, Enda Barrett\",\"doi\":\"10.1093/cybsec/tyae004\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Serverless computing is an ever-growing programming paradigm being adopted by developers all over the world. Its highly scalable, automatic load balancing, and pay for what you use design is a powerful tool that can also greatly reduce operational costs. However, these advantages also leave serverless computing open to a unique threat, Denial-of-Wallet (DoW). It is the intentional targeting of serverless function endpoints with request traffic in order to artificially raise the usage bills for the application owner. A subset of these attacks are leeches. They perform DoW at a rate that could go undetected as it is not a sudden violent influx of requests. We devise a means of detecting such attacks by utilizing a novel approach of representing request traffic as heat maps and training an image classification algorithm to distinguish between normal and malicious traffic behaviour. Our classifier utilizes convolutional neural networks and achieves 97.98% accuracy. We then design a system for the implementation of this model that would allow application owners to monitor their traffic in real time for suspicious behaviour.\",\"PeriodicalId\":44310,\"journal\":{\"name\":\"Journal of Cybersecurity\",\"volume\":\"309 1\",\"pages\":\"\"},\"PeriodicalIF\":2.9000,\"publicationDate\":\"2024-03-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Cybersecurity\",\"FirstCategoryId\":\"1093\",\"ListUrlMain\":\"https://doi.org/10.1093/cybsec/tyae004\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"SOCIAL SCIENCES, INTERDISCIPLINARY\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cybersecurity","FirstCategoryId":"1093","ListUrlMain":"https://doi.org/10.1093/cybsec/tyae004","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"SOCIAL SCIENCES, INTERDISCIPLINARY","Score":null,"Total":0}
DoWNet—classification of Denial-of-Wallet attacks on serverless application traffic
Serverless computing is an ever-growing programming paradigm being adopted by developers all over the world. Its highly scalable, automatic load balancing, and pay for what you use design is a powerful tool that can also greatly reduce operational costs. However, these advantages also leave serverless computing open to a unique threat, Denial-of-Wallet (DoW). It is the intentional targeting of serverless function endpoints with request traffic in order to artificially raise the usage bills for the application owner. A subset of these attacks are leeches. They perform DoW at a rate that could go undetected as it is not a sudden violent influx of requests. We devise a means of detecting such attacks by utilizing a novel approach of representing request traffic as heat maps and training an image classification algorithm to distinguish between normal and malicious traffic behaviour. Our classifier utilizes convolutional neural networks and achieves 97.98% accuracy. We then design a system for the implementation of this model that would allow application owners to monitor their traffic in real time for suspicious behaviour.
期刊介绍:
Journal of Cybersecurity provides a hub around which the interdisciplinary cybersecurity community can form. The journal is committed to providing quality empirical research, as well as scholarship, that is grounded in real-world implications and solutions. Journal of Cybersecurity solicits articles adhering to the following, broadly constructed and interpreted, aspects of cybersecurity: anthropological and cultural studies; computer science and security; security and crime science; cryptography and associated topics; security economics; human factors and psychology; legal aspects of information security; political and policy perspectives; strategy and international relations; and privacy.