DDHCS: Distributed Denial-of-service Threat to YARN Clusters based on Health Check Service

Wenting Li; Qingni Shen; Chuntao Dong; Yahui Yang; Zhonghai Wu

doi:10.5220/0005741801460156

DDHCS: Distributed Denial-of-service Threat to YARN Clusters based on Health Check Service

Wenting Li, Qingni Shen, Chuntao Dong, Yahui Yang, Zhonghai Wu

2016

Abstract

Distributed denial-of-service (DDoS) attack continues to grow as a threat to organizations worldwide. This attack is used to consume the resources of the target machine and prevent the legitimate users from accessing them. This paper studies the vulnerabilities of Health Check Service in Hadoop/YARN and the threat of denial-of-service to a YARN cluster with multi-tenancy. We use theoretical analysis and numerical simulations to demonstrate the effectiveness of this DDoS attack based on health check service (DDHCS). Our experiments show that DDHCS is capable of causing significant impacts on the performance of a YARN cluster in terms of high attack broadness (averagely 85.6%), high attack strength (more than 80%) and obviously resource utilization degradation. In addition, some novel schemes are proposed to prevent DDHCS attack efficiently by improving the YARN security.

Download

Paper Citation

in Harvard Style

Li W., Shen Q., Dong C., Yang Y. and Wu Z. (2016). DDHCS: Distributed Denial-of-service Threat to YARN Clusters based on Health Check Service . In Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-167-0, pages 146-156. DOI: 10.5220/0005741801460156

in Bibtex Style

@conference{icissp16,
author={Wenting Li and Qingni Shen and Chuntao Dong and Yahui Yang and Zhonghai Wu},
title={DDHCS: Distributed Denial-of-service Threat to YARN Clusters based on Health Check Service},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2016},
pages={146-156},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005741801460156},
isbn={978-989-758-167-0},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - DDHCS: Distributed Denial-of-service Threat to YARN Clusters based on Health Check Service
SN - 978-989-758-167-0
AU - Li W.
AU - Shen Q.
AU - Dong C.
AU - Yang Y.
AU - Wu Z.
PY - 2016
SP - 146
EP - 156
DO - 10.5220/0005741801460156