Distributed Denial of Wallet Attack on Serverless Pay-as-you-go Model

Abstract

The serverless pay-as-you-go model in the cloud enables payment of services during execution and resources used at the smallest, most granular level, as was the initial idea when setting the foundations and concepts of the pay-as-you-go model in the cloud. The disadvantage of this method of payment during execution and the resources used is that it is subject to financial damage if we have an attack on serverless services. This paper defines notions for three types of attacks that can cause financial damage to the serverless pay-as-you-go model and are experimentally validated. The first attack is Blast DDoW - Distributed Denial of Wallet, the second attack is Continual Inconspicuous DDoW, and the third one is Background Chained DDoW. We discussed financial damages and the consequences of each type of attack.