1 research outputs found
Recommended from our members
RDDR : n-versioning of microservices
N-versioning is a well-studied method to increase the reliability of software. In this paper, we study n-versioning as applied to microservice-based applications. We construct a generic proxy called RDDR that orchestrates and monitors N variants of a microservice in order to detect bugs that make them behave differently. We showcase RDDR's ability to close five exemplary information leaks, where diversity is derived from: different software versions, different implementations of the same logical service, and variation provided by the OS like ASLR. These case studies feature information leakage through both frontend and backend interfaces of various web applications. To show that RDDR can close vulnerabilities while handling large volumes of benign tra ffic, we also apply RDDR to components of GitLab, a complex cloud application. Finally, we quantify the performance overhead associated with deploying RDDR. Our findings indicate that RDDR can patch information leaks while incurring approximately 3x CPU and memory overhead for a deployment with 3 redundant instances as expected, with modest impact to throughput and latency.Electrical and Computer Engineerin