Securing microservices against password guess attacks using hardware performance counters
Date
Journal Title
Journal ISSN
Volume Title
Publisher
YU Faculty Profile
Abstract
Modern customer-facing applications need to be easy to use, localizable, and to scale out to serve large customer bases. Microservice architectures have the potential to decentralize functionality, improve flexibility, and provide faster time to market of incremental changes. However, applications implemented as microservices also have a larger surface area, which may make them more prone to cyber attacks. Modern operating systems provide performance counters which are tamper-resistant, and can be used to track the run-time behavior of applications. In this work, we aim to detect a password guess attack on microservice using performance counter data. Our approach consists of modelling behavior of normal and attack user login requests, identification of key performance counters that effectively distinguish these requests and developing a machine learning model that classifies unknown login requests. A fully connected neural network-based classification model gave us 98.3% test accuracy in detecting the attacks with a false negative rate of 1.6%.