Empirical observation of Execution Throttling as MQTT Broker defense against Memory Denial of Service Attacks

Resumo

Besides the powerful servers and large software-as-a-service platforms, cloud computing is now also hosting Internet of Things (IoT) related services. This way, a flag is raised on the possible repercussions of usual cloud threats in IoT environments. In this context, Memory Denial of Service (MemDoS) appears as a potential IoT threat. This paper presents an empirical observation of applying execution throttling as a defense for an IoT messaging application (i.e., MQTT) hosted in a virtualized environment. We perform a set of experiments varying the intensity of the execution throttling to shed light on the defensive effects of such an approach. The obtained results confirm that the execution throttling is useful to defend against MemDoS. The final results show that a limitation of 95% of CPU for the attacker VM produces a reduction of 92% in the MemDoS effect.