DDHCS: Distributed Denial-of-service Threat to YARN Clusters based on Health Check Service
Wenting Li, Qingni Shen, Chuntao Dong, Yahui Yang, Zhonghai Wu
2016
Abstract
Distributed denial-of-service (DDoS) attack continues to grow as a threat to organizations worldwide. This attack is used to consume the resources of the target machine and prevent the legitimate users from accessing them. This paper studies the vulnerabilities of Health Check Service in Hadoop/YARN and the threat of denial-of-service to a YARN cluster with multi-tenancy. We use theoretical analysis and numerical simulations to demonstrate the effectiveness of this DDoS attack based on health check service (DDHCS). Our experiments show that DDHCS is capable of causing significant impacts on the performance of a YARN cluster in terms of high attack broadness (averagely 85.6%), high attack strength (more than 80%) and obviously resource utilization degradation. In addition, some novel schemes are proposed to prevent DDHCS attack efficiently by improving the YARN security.
DownloadPaper Citation
in Harvard Style
Li W., Shen Q., Dong C., Yang Y. and Wu Z. (2016). DDHCS: Distributed Denial-of-service Threat to YARN Clusters based on Health Check Service . In Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-167-0, pages 146-156. DOI: 10.5220/0005741801460156
in Bibtex Style
@conference{icissp16,
author={Wenting Li and Qingni Shen and Chuntao Dong and Yahui Yang and Zhonghai Wu},
title={DDHCS: Distributed Denial-of-service Threat to YARN Clusters based on Health Check Service},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2016},
pages={146-156},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005741801460156},
isbn={978-989-758-167-0},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - DDHCS: Distributed Denial-of-service Threat to YARN Clusters based on Health Check Service
SN - 978-989-758-167-0
AU - Li W.
AU - Shen Q.
AU - Dong C.
AU - Yang Y.
AU - Wu Z.
PY - 2016
SP - 146
EP - 156
DO - 10.5220/0005741801460156