Adversarial exploits of end-systems adaptation dynamics

Internet end-systems employ various adaptation mechanisms that enable them to respond adequately to legitimate requests in overload situations. Today, these mechanisms are incorporated in most scalable end-systems through the use of one or more component subsystems such as admission controllers, traffic shapers, content transcoders, QoS Controllers, and load balancers. While the design of these components has been heavily investigated and significantly fine-tuned for efficiency and scalability purposes, the security implication of the adaptation mechanisms used in these components has not been on the radar to system designers. To that end, this paper exposes adversarial exploits of the dynamics that result from the adaptive nature of these components. We show that a well orchestrated Reduction of Quality (RoQ) attack could induce significant inefficiencies or reduce the service quality of end-systems, without resorting to brute-force Denial-of-Service (DoS) exploits that target the limited steady-state capacity of these end-systems. We present a general analytical framework that captures the effect of RoQ exploits on the underlying optimization process of the adaptation mechanisms. Using detailed models, we instantiate this general framework for some of the aforementioned end-system adaptation mechanisms, focusing on admission controllers and load balancers. Our exposition is supported with numerical solutions of analytical models, which are validated using results from detailed simulations, and measurements from real Internet experiments performed in our lab. (c) 2006 Elsevier Inc. All rights reserved.