How to classificate the Denial of Wallet
attacks.
This journal talks about the classification of the denial of wallet attacks that happen on
serverless application traffic. And how the attacks can affect the people in the world. I will try to
explain how they affect and different nets we use to protect the people.
For the topic that relates to the principles of social sciences, I think it talks about
how people make serverless functions that can target discrete tasks. The reason for this to to
find the information they want and they can take it without people knowing. They can do this to
people they don’t like or companies they don’t like.
Next, the research in question or hypothesis I think would be how they mitigate
techniques when it comes to DoS attacks. They write functions that can perform discrete target
tasks, timeout limits, set limits on disk usage, set throttling on APIP calls if requested, enforce
proper access, and it can use APIs, models, and libraries. I find this odd how does this help
against or does it help with DoS attacks because it sounds like it helps with DoS attacks. I find
this very odd when reading this.
For the methods used, I think they use different ones when explaining how they research
it. They talk about different attacks. They talk about how a Serverless attack surface happens
which starts with creating a URL link while others have to use AWS to link a function that leads
to an API Gateway. But it is a way to get to the endpoint which could execute a function that
could lead to an attack that the BoW could manifest. This attack can use vulnerabilities that
target the APIs. These attacks can flood the API endpoints to the point that requests start to
drive the cost up. This is used to teach developers who are in training and to teach them how to
deal with it. And they get to learn how to fix the problem and how to deal with it. And with this
research, they show the people date by dealing with it hands-on and show how to fix the
problem on the spot.
I will be talking about the data and analysis done for the data. To me, there is a good one
they did to show for data which is the SqeezeNet. They talk about how the SqeezeNet has
60.4% top-1 classification accuracy when it comes to the ImageNet dataset. They mainly use
three following strategies. First, they have to replace 3×3 filters with the 1×1 filters. Next, they
had to decrease the number of inputs that go into the 3×3 filters. Finally, they had to
downsample the late that was in the network so that it could convolution the layers then which
would have a large activation. When they did this it was on a 510x smaller scale compared to
the AlexNet. They were able to get data doing this this way. They did other text but they don’t
show steps like this did with the SqeezeNet. They did a test with the xception which they did a
kernel mapping cross channel then they did another test with MobileNet which was networks
with shortcut connections.
I think this relates to the PowerPoint because it shows how we try to protect people
when it comes to the online world. It shows how we do tests and find ways to fix it if there is a
problem.
As the challenge, I would say is finding the problem. We do test with different times of
net that it can take some time to understand the problem and explain how to fix it then actually
fix the problem. To me that would take some time to fix.
To me how this would contribute to society would be how we can fix the problems with
the Denial of Wallet attacks on the serverless application traffic. We have different net that can
detect them and show how we can fix them if we can fix them that is how I see how it would
help society. If the problem gets fixed or patched then those people will be protected for a while
until the problem arises again then people will come out with a new patch which would have to
be downloaded and the cycle will go.
Work Cited
Kelly, D., Glavin, F. G., & Barrett, E. (2024, March 23). Downet-classification of
denial-of-wallet attacks on serverless application traffic. OUP Academic.
https://academic.oup.com/cybersecurity/article/10/1/tyae004/7634012?searchresult=1