Denial of Wallet: Analysis of a looming threat and novel solution for mitigation using image classification
Date
2023-08-22Author
Kelly, Daniel
Metadata
Show full item recordUsage
This item's downloads: 231 (view details)
Abstract
Serverless Computing is a powerful cloud-based architecture for the creation
of applications. It boasts incredible scalability by running processes on a vast
network of edge nodes. It decreases the time to deployment, as the developer
no longer needs to programme a traditional server-side back-end, only having
to focus on the application’s business logic. Serverless applications are billed by
counting the number of invocations a function receives in conjunction with its
memory allocation. This means that there is no need to pay for the provision of a
server that constantly runs in the background when it may only receive a small
number of requests per month. These unique selling points, when used in the
intended way, can drastically reduce operational costs. However, it has given rise
to a potential form of cyber attack that specifically seeks to cause inflated usage
bills through the abuse of serverless functions. This attack is called Denial of Wallet
(DoW). This thesis presents the first in depth investigation in academia on DoW,
comprising the formal definition of the attack, theorised attack vectors, a means
of safely recreating attacks for research purposes via synthetic data generation,
and a novel detection strategy utilising image classification that yields a detection
accuracy of 97.98%