This paper demonstrates that untrusty external programs executed by servers can damage local computers by abusing authorized access to resources. Experiments show the web server throughput lowers 5% to 81% under the file cache abuse by malicious CGI. Therefore we propose the defence system against file cache abuse. This system vitimizes monopolized file caches actively, and marks down the scheduling priority of the abuser process. In experiments, our system keeps the throughput degradation more than 90% while the server still holds file caches. But when the server loses all its caches, our system keeps the degradation only 15%, because both of victimizing monopolized caches and low scheduling does not work well. We need to improve them.
展开▼
