DoWNet 对无服务器应用程序流量中的拒绝钱包攻击进行分类

IF 2.9 Q1 SOCIAL SCIENCES, INTERDISCIPLINARY

Journal of Cybersecurity Pub Date : 2024-03-23 DOI:10.1093/cybsec/tyae004

Daniel Kelly, Frank G Glavin, Enda Barrett

{"title":"DoWNet 对无服务器应用程序流量中的拒绝钱包攻击进行分类","authors":"Daniel Kelly, Frank G Glavin, Enda Barrett","doi":"10.1093/cybsec/tyae004","DOIUrl":null,"url":null,"abstract":"Serverless computing is an ever-growing programming paradigm being adopted by developers all over the world. Its highly scalable, automatic load balancing, and pay for what you use design is a powerful tool that can also greatly reduce operational costs. However, these advantages also leave serverless computing open to a unique threat, Denial-of-Wallet (DoW). It is the intentional targeting of serverless function endpoints with request traffic in order to artificially raise the usage bills for the application owner. A subset of these attacks are leeches. They perform DoW at a rate that could go undetected as it is not a sudden violent influx of requests. We devise a means of detecting such attacks by utilizing a novel approach of representing request traffic as heat maps and training an image classification algorithm to distinguish between normal and malicious traffic behaviour. Our classifier utilizes convolutional neural networks and achieves 97.98% accuracy. We then design a system for the implementation of this model that would allow application owners to monitor their traffic in real time for suspicious behaviour.","PeriodicalId":44310,"journal":{"name":"Journal of Cybersecurity","volume":null,"pages":null},"PeriodicalIF":2.9000,"publicationDate":"2024-03-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"DoWNet—classification of Denial-of-Wallet attacks on serverless application traffic\",\"authors\":\"Daniel Kelly, Frank G Glavin, Enda Barrett\",\"doi\":\"10.1093/cybsec/tyae004\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Serverless computing is an ever-growing programming paradigm being adopted by developers all over the world. Its highly scalable, automatic load balancing, and pay for what you use design is a powerful tool that can also greatly reduce operational costs. However, these advantages also leave serverless computing open to a unique threat, Denial-of-Wallet (DoW). It is the intentional targeting of serverless function endpoints with request traffic in order to artificially raise the usage bills for the application owner. A subset of these attacks are leeches. They perform DoW at a rate that could go undetected as it is not a sudden violent influx of requests. We devise a means of detecting such attacks by utilizing a novel approach of representing request traffic as heat maps and training an image classification algorithm to distinguish between normal and malicious traffic behaviour. Our classifier utilizes convolutional neural networks and achieves 97.98% accuracy. We then design a system for the implementation of this model that would allow application owners to monitor their traffic in real time for suspicious behaviour.\",\"PeriodicalId\":44310,\"journal\":{\"name\":\"Journal of Cybersecurity\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":2.9000,\"publicationDate\":\"2024-03-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Cybersecurity\",\"FirstCategoryId\":\"1093\",\"ListUrlMain\":\"https://doi.org/10.1093/cybsec/tyae004\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"SOCIAL SCIENCES, INTERDISCIPLINARY\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cybersecurity","FirstCategoryId":"1093","ListUrlMain":"https://doi.org/10.1093/cybsec/tyae004","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"SOCIAL SCIENCES, INTERDISCIPLINARY","Score":null,"Total":0}

引用次数: 0

摘要

无服务器计算是一种不断发展的编程范式，正被世界各地的开发人员所采用。它具有高度可扩展性、自动负载平衡和按使用付费的设计，是一种强大的工具，还能大大降低运营成本。然而，这些优势也使无服务器计算面临一种独特的威胁，即拒绝钱包（DoW）。这是一种故意针对无服务器功能端点的请求流量攻击，目的是人为提高应用程序所有者的使用费用。这些攻击的一个子集是 "水蛭"。它们执行 DoW 的速度可能不会被发现，因为它不是请求的突然猛烈涌入。我们设计了一种检测此类攻击的方法，利用一种新颖的方法将请求流量表示为热图，并训练一种图像分类算法来区分正常和恶意流量行为。我们的分类器利用卷积神经网络，准确率达到 97.98%。然后，我们为这一模型的实施设计了一个系统，允许应用程序所有者实时监控其流量中的可疑行为。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

DoWNet—classification of Denial-of-Wallet attacks on serverless application traffic

Serverless computing is an ever-growing programming paradigm being adopted by developers all over the world. Its highly scalable, automatic load balancing, and pay for what you use design is a powerful tool that can also greatly reduce operational costs. However, these advantages also leave serverless computing open to a unique threat, Denial-of-Wallet (DoW). It is the intentional targeting of serverless function endpoints with request traffic in order to artificially raise the usage bills for the application owner. A subset of these attacks are leeches. They perform DoW at a rate that could go undetected as it is not a sudden violent influx of requests. We devise a means of detecting such attacks by utilizing a novel approach of representing request traffic as heat maps and training an image classification algorithm to distinguish between normal and malicious traffic behaviour. Our classifier utilizes convolutional neural networks and achieves 97.98% accuracy. We then design a system for the implementation of this model that would allow application owners to monitor their traffic in real time for suspicious behaviour.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Cybersecurity SOCIAL SCIENCES, INTERDISCIPLINARY-

CiteScore

6.20

自引率

2.60%

发文量

审稿时长

18 weeks

期刊介绍： Journal of Cybersecurity provides a hub around which the interdisciplinary cybersecurity community can form. The journal is committed to providing quality empirical research, as well as scholarship, that is grounded in real-world implications and solutions. Journal of Cybersecurity solicits articles adhering to the following, broadly constructed and interpreted, aspects of cybersecurity: anthropological and cultural studies; computer science and security; security and crime science; cryptography and associated topics; security economics; human factors and psychology; legal aspects of information security; political and policy perspectives; strategy and international relations; and privacy.