ATSSC: An Attack Tolerant System in Serverless Computing

Serverless computing is a promising paradigm in cloud computing that greatly simplifies cloud programming. With serverless computing, developers only provide function code to serverless platform, and these functions are invoked by its driven events. Nonetheless, security threats in serverless computing such as vulnerability -based security threats have become the pain point hindering its wide adoption. The ideas in proactive defense such as redundancy, diversity and dynamic provide promising approaches to protect against cyberattacks. However, these security technologies are mostly applied to serverless platform based on "stacked" mode, as they are designed independent with serverless computing. The lack of security consideration in the initial design makes it especially challenging to achieve the all life cycle protection for serverless application with limited cost. In this paper, we present ATSSC, a proactive defense enabled attack tolerant serverless platform. ATSSC integrates the characteristic of redundancy, diversity and dynamic into serverless seamless to achieve high-level security and efficiency. Specifically, ATSSC constructs multiple diverse function replicas to process the driven events and performs cross -validation to verify the results. In order to create diverse function replicas, both software diversity and environment diversity are adopted. Furthermore, a dynamic function refresh strategy is proposed to keep the clean state of serverless functions. We implement ATSSC based on Kubernetes and Knative. Analysis and experimental results demonstrate that ATSSC can effectively protect serverless computing against cyberattacks with acceptable costs.