Thursday, December 15, 2011

Denial of Service attack in the cloud

IT companies bring their services into the cloud, such as the Amazon Web Services cloud or RackspaceCloud. Here, you pay per use. You can configure your service such that its resource usage grows or shrinks with demand. This can be set up automatically. And this is what you want, right? You want to serve a bigger audience.

You pay for resource usage, so upon high demand, you pay more to the cloud providers. This is very logical.

But a rotten neighbour (not mine!) could possibly set up some scripts which fire heavy load to your cloud-based service. Okay, he needs to be a bit clever to do this in such a way that Amazon and Rackspace don't recognize this as a "Denial of Service" attack.

The owner of the service may receive a large bill.

Can malign individuals use this to bomb their competitors out of business because they go broke due to heavy bills from the cloud providers?

You probably should not forget to set upper limits on the resource usage at the cloud providers, but then you are again susceptible to real Denial of Service attacks, just like when you run your own data centre.

2 comments:

  1. Hi Ignaz,

    some more info available here:

    http://www.reviewmylife.co.uk/blog/2011/05/19/amazon-cloudfront-and-s3-maximum-cost/

    merry Xmas!

    ReplyDelete
  2. Interesting article indeed. Good to see this is something known for quite some while, but it seems to be a real issue to this day.

    ReplyDelete