Attack Vector: Application DDoS
Quick review of Netflix article . Application DDoS There is a blogpost on Netflix which describes a new attack vector called Application DDoS. While traditional DDoS attacks rely on causing heavy network traffic to overload a system, application DDoS relies on heavy computation to bring down a microservice architecture. Let's start with how this is suppose to work. In a microservice architecture, you have a network of microservices that rely on each other. Calling one service can lead to that service calling multiple other services that call other services. This gives attackers the ability to make one request that actually makes many many more internal requests. By leveraging this idea, they can amplify their attack on the system. a single request in a microservices architecture may generate tens of thousands of complex middle tier and backend service calls This attack cannot be stopped by a traditional firewall because it may not know that the initial request is causing