This thesis explores, from both a systems and security perspective, a relatively new serverless cloud computing model that runs on stateless container invocations. This thesis demonstrates that the responsiveness, concurrency, and cost of the serverless cloud computing model, on the one hand, enables making design decisions that were not possible before, yet on the other hand, introduces security vulnerabilities that potentially increase the attack surface due to a high probability of achieving co-residence.
This thesis extends a serverless video processing framework for the cloud, Sprocket, that takes advantage of the container computing model in its design in order to provide runtime performance, resource efficiency, and a highly configurable developing environment. Sprocket demonstrates all three qualities when running both a facial recognition and streaming video pipeline. Sprocket can be configured to process a 30-minute video 1000-way parallel in under a minute for less than $1. This thesis also presents an increased attack surface in the container service that Sprocket runs on, AWS Lambda, and shows how to detect co-resident containers on physical machines across victim and adversary accounts. Co-residency is achieved in three unique Amazon data centers, with as many as 30 co-resident containers during one 30-second “attack.” This thesis demonstrates that the scalability of the serverless cloud computing model, in particular, inherently increases the probability of co-residency and that existing mitigations for co-residency must be re-evaluated.