Denial of Wallet: Analysis of a looming threat and novel solution for mitigation using image classification

Serverless Computing is a powerful cloud-based architecture for the creation of applications. It boasts incredible scalability by running processes on a vast network of edge nodes. It decreases the time to deployment, as the developer no longer needs to programme a traditional server-side back-end, only having to focus on the application’s business logic. Serverless applications are billed by counting the number of invocations a function receives in conjunction with its memory allocation. This means that there is no need to pay for the provision of a server that constantly runs in the background when it may only receive a small number of requests per month. These unique selling points, when used in the intended way, can drastically reduce operational costs. However, it has given rise to a potential form of cyber attack that specifically seeks to cause inflated usage bills through the abuse of serverless functions. This attack is called Denial of Wallet (DoW). This thesis presents the first in depth investigation in academia on DoW, comprising the formal definition of the attack, theorised attack vectors, a means of safely recreating attacks for research purposes via synthetic data generation, and a novel detection strategy utilising image classification that yields a detection accuracy of 97.98%

Funder

Irish Research Council

Publisher

NUI Galway

Rights

Attribution-NonCommercial-NoDerivs 3.0 Ireland
CC BY-NC-ND 3.0 IE

cbn

Collections

University of Galway Theses (PhD Theses)