| dc.description.abstract | Denial-of-Service (DoS) attacks are an ever persistent treath to IT environ-ments and it occurs today at an ever-increasing rate from year to year. Asthe world develops and companies migrate their systems from private loc-ations to public clouds, cyber criminals continue to use their classic DoSmethods on cloud networks. Some clever cyber criminals also come upwith new ways of rendering services unavailable for the intended users byexploring vulnerabilities in novel technologies such as clouds are. Still, typ-ical attacks such as SYN floods and amplification attacks are the most popu-lar attack vectors. There have been a big number of research on these classicDoS approaches, but security firms that operate DoS mitigation solutionscontinue to observe new trends in the DoS environment. More novel trendsdiffers from the classic attacks by utilizing multiple attack vectors at thesame time, hoarding big botnets and low-and-slow attacks among other. Anovel DoS attack is the Yo-Yo attack which sends bursts of traffic in orderto exploit cloud provider’s auto-scaling functionalities. Auto-scaling is avery important line of defense against DoS attacks, but the Yo-Yo attack isspecialized at exploiting a mechanism that we first thought only as an ad-vantage that now could be a concern for cloud providers. The Yo-Yo attackis able to impact the victims web server with performance degradation aswell as economic loss. This research will try to contribute with a detectionmechanism against the Yo-Yo attack, as well as doing so in a container-based environment. This research has not been conducted earlier with acontainer-based environment as far as the author can tell, and it is highlyrelevant for the time being as more and more users are choosing contain-ers for their web services, due to their lightweight being. The hypothesisis that (a) the Yo-Yo attack will not be able to determine the scaling phaseor scaling policy due to rapid deployment of container instances or (b) thatthe Yo-Yo attack will induct rapid scaling of container instances and causefurther economic loss than previously. | en_US |
