Bambda: A Framework for Preventing Function Invocation Condition-Based Attacks in Serverless Environments 


Vol. 14,  No. 4, pp. 215-223, Apr.  2025
https://doi.org/10.3745/TKIPS.2025.14.4.215


PDF
  Abstract

Serverless computing is rapidly emerging as a new paradigm in cloud computing, offering automatic scalability, cost efficiency, and ease of operation. However, its two core characteristics—IAM-based privilege management and event-driven execution—can introduce security vulnerabilities. In particular, complex inter-functional call relationships make serverless applications susceptible to attacks such as privilege bypass and event trigger exploitation. Existing approaches, including static analysis and data tagging, have limitations in real-time threat response and developer productivity in dynamic serverless environments. In this paper, we propose Bambda, a dynamic security framework tailored for serverless environments. Bambda performs real-time function call verification through centralized logging and automated code injection using AWS CloudWatch. By implementing a multi-step verification process that distinguishes between direct and event-driven calls, Bambda effectively prevents bypass attacks without requiring additional security configurations from developers. Experiments in AWS Lambda environments validate its effectiveness in defending against privilege escalation and chained function call attacks while maintaining practical performance overhead.

  Statistics
  Cite this article

[IEEE Style]

S. C. Hee and L. S. Soo, "Bambda: A Framework for Preventing Function Invocation Condition-Based Attacks in Serverless Environments," The Transactions of the Korea Information Processing Society, vol. 14, no. 4, pp. 215-223, 2025. DOI: https://doi.org/10.3745/TKIPS.2025.14.4.215.

[ACM Style]

Shin Chang Hee and Lee Seung Soo. 2025. Bambda: A Framework for Preventing Function Invocation Condition-Based Attacks in Serverless Environments. The Transactions of the Korea Information Processing Society, 14, 4, (2025), 215-223. DOI: https://doi.org/10.3745/TKIPS.2025.14.4.215.

Forms

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)

Old Journals

Indexing

All publications of TKIPS is indexed in DOI, EBSCO, Google Scholar, Crossref, and CrossCheck.

TKIPS is also selected as the Journal for Accreditation by NRF (National Research Foundation of Korea).

Related Journals