SaaS Infrastructure as a Means of DDoS-amplification

• Main Author: Denis Nikolaevich Makrushin
• Format: Article
• Language: English
• Published: Moscow Engineering Physics Institute 2014-05-01
• Series: Bezopasnostʹ Informacionnyh Tehnologij
• Subjects: load testing; performance testing; distributed denial of services; DDoS; dos; stress testing
• Online Access: https://bit.mephi.ru/index.php/bit/article/view/217

Any online project – be it a long-lost blog, or a new start-up’s web app – has a very important performance feature called a “maximum load”. This indicator makes itself known when a web app either partially or fully fails to perform its assigned functions to process user requests. For some owners, this may mean losing a portion of their blog-reading audience, and for others, it may mean the loss of clients who opt for a product from a competitor whose online store is up and running. Each online resource has its own maximum load when it comes to the number of user requests it can process at any one time. That’s why developers and web app owners devote special attention to load procedures and stress tests. Load testing services today are useful, but sometimes the way they are set up leaves a loophole that malicious users can take advantage of.