[medium.com/netflix-techblog] Starting the Avalanche

October 19, 2017

We’d like to introduce you to one of the most devastating ways to cause service instability in modern micro-service architectures: application DDoS. A specially crafted application DDoS attack can cause cascading system failures often for a fraction of the resources needed to conduct a more traditional DDoS attack. This is due to the complex, interconnected relationships between applications. Traditional DDoS attacks focus on exhausting system resources at the network level. In contrast, application layer attacks focus on expensive API calls, using their complex interconnected relationships to cause the system to attack itself — sometimes with a massive effect. In a modern microservice architecture this can be particularly harmful. A sophisticated attacker could craft malicious requests that model legitimate traffic and pass through edge protections such as a web application firewall (WAF).

Read the full article at: medium.com