| Title | VM Migration Scheduling as Moving Target Defense against Memory DoS Attacks: An Empirical Study |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Torquato, Matheus, Vieira, Marco |
| Conference Name | 2021 IEEE Symposium on Computers and Communications (ISCC) |
| Keywords | Benchmark testing, codes, Computers, denial of service, Dynamic platform technique, machine learning, Memory DoS, Metrics, moving target defense, pubcrawl, resilience, Resiliency, Scalability, Systems architecture, Tools, Virtual machining, VM migration |
| Abstract | Memory Denial of Service (DoS) attacks are easy-to-launch, hard to detect, and significantly impact their targets. In memory DoS, the attacker targets the memory of his Virtual Machine (VM) and, due to hardware isolation issues, the attack affects the co-resident VMs. Theoretically, we can deploy VM migration as Moving Target Defense (MTD) against memory DoS. However, the current literature lacks empirical evidence supporting this hypothesis. Moreover, there is a need to evaluate how the VM migration timing impacts the potential MTD protection. This practical experience report presents an experiment on VM migration-based MTD against memory DoS. We evaluate the impact of memory DoS attacks in the context of two applications running in co-hosted VMs: machine learning and OLTP. The results highlight that the memory DoS attacks lead to more than 70% reduction in the applications' performance. Nevertheless, timely VM migrations can significantly mitigate the attack effects in both considered applications. |
| DOI | 10.1109/ISCC53001.2021.9631397 |
| Citation Key | torquato_vm_2021 |
VM Migration Scheduling as Moving Target Defense against Memory DoS Attacks: An Empirical Study