Repttack: Exploiting Cloud Schedulers to Guide Co-Location Attacks

Fang, Chongzhou; Wang, Han; Nazari, Najmeh; Omidi, Behnam; Sasan, Avesta; Khasawneh, Khaled N.; Rafatirad, Setareh; Homayoun, Houman

doi:10.14722/ndss.2022.23149

Cited by 10 publications

(2 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The goal of such attacks is to distribute malicious container images by exploiting the potential typos made by container users. Similarly, there exist attacks whereby the goal of adversaries is to influence the scheduler to co-locate the attacker's application with a targeted victim applications [28,29]. It is worth mentioning that co-location is an important prerequisite to perform certain attacks like Rowhammer [30], Spectre [31] or Meltdown [32].…”

Section: Threat Modelmentioning

confidence: 99%

Serverless computing: a security perspective

2022

View full text Add to dashboard Cite

show abstract

Section: Threat Modelmentioning

confidence: 99%

Serverless computing: a security perspective

2022

View full text Add to dashboard Cite

show abstract

“…Primarily cloud computing enables software developers to delegate infrastructure maintenance and operational responsibilities to cloud providers so enabling them to concentrate exclusively on the core business logic of their programs [24]. Additionally, the platform operates on a pay-peruse framework, wherein users are solely billed in accordance with the amount of resources they utilize [25]. At now, serverless computing is available in two distinct variations, namely backend as a service (BaaS) and function as a service (FaaS) [26].…”

Section: Introductionmentioning

confidence: 99%

The Rise of Serverless Architectures: Security Challenges and Best Practices

Cinar

2023

AJRCoS

View full text Add to dashboard Cite

The field of serverless computing has had significant growth and recognition in the past decade. This emerging area has garnered attention because to its notable impact on cost reduction, latency reduction, scalability improvement, and elimination of server-side management, among other benefits. Nevertheless, there is still a dearth of comprehensive study that would facilitate developers and academics in gaining a more profound comprehension of the importance of serverless computing in many scenarios. Therefore, it is imperative to provide scholarly study data that has been published within this particular field. This study conducted a comprehensive analysis of 275 scholarly articles retrieved from reputable literature sources, with the aim of extracting valuable insights pertaining to serverless computing. Subsequently, the acquired data underwent analysis in order to address many study inquiries pertaining to the contemporary advancements in serverless computing, encompassing its fundamental principles, available platforms, and patterns of utilization, among other relevant aspects. In addition, we analyze the current obstacles confronting serverless computing and explore potential avenues for future research to facilitate its deployment and utilization.

show abstract