In the last several years, an increasing number of attacks targeting services running on computing systems have been designed and deployed. Such attacks typically tend to overuse some of the system resources, e.g., CPU, memory, or storage. Current solutions are attack specific, i.e., they are designed for a specific malware or a specific set of malware that share the same resource usage profile and are mainly based on the underlying hypothesis that it is possible to measure the amount of resources used by each service under control. Such possibility is clearly available within modern operating systems, but using such measuring tools is nontrivial and limits their applicability. The advent of user-level virtualization systems may change this attitude. In this paper, we propose and validate a methodology for simplifying the measurements of resources used by a software service. Our approach uses the isolation properties of a containerized virtualization system in order to properly measure all the resources used by a specific service, even if it splits itself into different workers. At the same time, using the resource limitation functionalities provided by the virtualization system, we propose a methodology that can be used to limit the effects of malware by limiting the amount of resources that can be accessed on a system. In order to demonstrate the effectiveness of our approach, we consider the specific case of attacks targeting the overuse of power consumption.

An Effective Methodology for Measuring Software Resource Usage / Catuogno, Luigi; Galdi, Clemente; Pasquino, Nicola. - In: IEEE TRANSACTIONS ON INSTRUMENTATION AND MEASUREMENT. - ISSN 0018-9456. - 67:10(2018), pp. 2487-2494. [10.1109/TIM.2018.2815431]

An Effective Methodology for Measuring Software Resource Usage

Luigi Catuogno;Clemente Galdi
;
Nicola Pasquino
2018

Abstract

In the last several years, an increasing number of attacks targeting services running on computing systems have been designed and deployed. Such attacks typically tend to overuse some of the system resources, e.g., CPU, memory, or storage. Current solutions are attack specific, i.e., they are designed for a specific malware or a specific set of malware that share the same resource usage profile and are mainly based on the underlying hypothesis that it is possible to measure the amount of resources used by each service under control. Such possibility is clearly available within modern operating systems, but using such measuring tools is nontrivial and limits their applicability. The advent of user-level virtualization systems may change this attitude. In this paper, we propose and validate a methodology for simplifying the measurements of resources used by a software service. Our approach uses the isolation properties of a containerized virtualization system in order to properly measure all the resources used by a specific service, even if it splits itself into different workers. At the same time, using the resource limitation functionalities provided by the virtualization system, we propose a methodology that can be used to limit the effects of malware by limiting the amount of resources that can be accessed on a system. In order to demonstrate the effectiveness of our approach, we consider the specific case of attacks targeting the overuse of power consumption.
2018
An Effective Methodology for Measuring Software Resource Usage / Catuogno, Luigi; Galdi, Clemente; Pasquino, Nicola. - In: IEEE TRANSACTIONS ON INSTRUMENTATION AND MEASUREMENT. - ISSN 0018-9456. - 67:10(2018), pp. 2487-2494. [10.1109/TIM.2018.2815431]
File in questo prodotto:
File Dimensione Formato  
2018_An_Effective_Methodology_for_Measuring_Software_Resource_Usage.pdf

solo utenti autorizzati

Tipologia: Versione Editoriale (PDF)
Licenza: Accesso privato/ristretto
Dimensione 1.24 MB
Formato Adobe PDF
1.24 MB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11588/710581
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 15
  • ???jsp.display-item.citation.isi??? 11
social impact