Summary: | Made available in DSpace on 2015-04-14T14:50:17Z (GMT). No. of bitstreams: 1
465167.pdf: 2214524 bytes, checksum: e60f67caab1af9647d1f2863d4e2d64e (MD5)
Previous issue date: 2015-01-22 === Computer systems available on the Internet are used for, basically, everyone. This
widespread use has facilitated their exposure to several different types of attacks. These
attacks are intended to, for example, steal information, deploy malicious code and even to
make a system slow to respond, or worst, to become completely offline.
Denial of service attacks is a type of attack that, currently, needs a special attention,
since they may be performed for different reasons, such as political purposes, industrial
competition, protests or even just for fun. This kind of attack has as its main purpose to slow
response time or even to make a computer system unavailable, for example, consuming all
target computational resources.
When a denial of service attack targets a cloud environment, it could compromise
not only one system, but also all systems that are hosted in the cloud. Therefore, a cloud
environment is a convenient target for malicious users, since that with a single attack they
are able to hit multiple systems.
A cloud environment usually exposes, through a REST architecture model, an API
to allow its users to write their own service to be integrated with the cloud environment.
Hence, this exposed REST API becomes a potential threat to the cloud environment. In order
to reduce the risk of attacks, usually a cloud environment uses an authentication mechanism
to allow only legitimate users to access the system. Despite that, some attacks may
still be possible.
This research is focused on the analysis of denial of service attacks that exploit the
authentication mechanism through REST API calls in a cloud environment. In this work, we
propose a solution that works in the application level. Our solution creates client profiles in
order to verify whether a client is posing any threat to the cloud or not. When a threat is
detected, then our solution starts to filter calls from users that were identified as malicious. We applied our solution to Openstack, an open cloud management system, and showed that
we have improved response time for legitimate users when the cloud is under attack. === Nos dias de hoje sistemas dispon?veis na Internet est?o expostos aos mais diversos
tipos de ataques. Estes ataques t?m diferentes finalidades tais como roubar dados dos
sistemas e implanta??o de c?digos maliciosos, podendo at? mesmo deixar um sistema totalmente
indispon?vel, o que em sistemas de alta disponibilidade seria um grande problema.
Ataques de nega??o de servi?o merecem uma aten??o especial, pois atualmente
vemos muitos ataques sendo executados por diferentes raz?es, como: pol?tica, concorr?ncia
industrial, protestos ou at? mesmo apenas por divers?o. Esse tipo de ataque consiste
em esgotar os recursos computacionais do seu alvo, deixando-o lento ou at? mesmo indispon?vel.
Quando o alvo de um ataque de nega??o de servi?o ? um ambiente de nuvem,
n?o apenas um sistema pode ser comprometido, mas sim todos os sistemas que est?o
dispon?veis no ambiente em quest?o. Desse modo, um ambiente de nuvem ? um bom alvo
para que usu?rios mal intencionados, atrav?s de um ataque ao mesmo, comprometam um
grande n?mero de sistemas nele rodando.
Ambientes de nuvem costumam expor, atrav?s do modelo arquitetural de REST,
uma API para que usu?rios do seu servi?o possam, programaticamente, integrar seus sistemas.
Sabendo disso, essa REST API exposta acaba por se tornar um potencial vetor
de ataques aos ambientes de nuvem. Com isso, faz-se necess?rio a utiliza??o de um mecanismo
de autentica??o, com intuito de permitir acesso apenas aos usu?rios leg?timos.
Assim, o presente trabalho foca em analisar o problema de ataque de nega??o de servi?o
que explora o mecanismo de autentica??o de REST API de ambientes de nuvem. A este
problema, ser? proposta uma solu??o que atua em n?vel de aplica??o, tra?ando um perfil dos clientes que fazem uso desta REST, e desse modo evitando que o ambiente de nuvem
seja sobrecarregado com opera??es desnecess?rias.
|