A data center is a facility that houses computer systems and various networking, storage, and other related components. Data centers may, for example, provide computing services to businesses and individuals as a remote computing service or provide infrastructure, platforms, or software as a service. To facilitate the utilization of data center resources, virtualization technologies may allow a single physical computing machine to host one or more instances of virtual machines that appear and operate as independent computer machines to a connected computer user. With virtualization, the single physical computing device can create, maintain, or delete virtual machines in a dynamic manner.
In a large distributed computing system (e.g., multiple distributed data centers) of a computing resource service provider, various customers, users, services, and resources of the computing resource service provider are in frequent communication with each other. Balancing customer access to the computing resources and keeping the system secure becomes more challenging as the complexity and usage of the system increases. In such distributed computing systems, it can be difficult to identify the vulnerabilities of the system. Furthermore, it can also be difficult to isolate and troubleshoot issues with the system, and even when issues are identified, reliably distributing the resources of the system may be challenging. Additionally, many conventional systems rely upon manual mitigation of toxic traffic and exhaustion of computing resources.
Providing remote services in a cost-effective manner can be challenging. For instance, a computing resource service provider can use the same hardware to support multiple resources. While, on average, the hardware may be able to support the resource usage demand of multiple customers, there can be points at which overloading occurs, such as when multiple virtual machines simultaneously have increased utilization of limited hardware resources. The computing resources that provide services to customers may employ various techniques to protect the computing resources from an overwhelming number of service requests that could potentially overload the computing resources. In general, a computing resource, such as a physical host, is considered to be in an “overloaded” state if it is not able to provide a defined level of capacity for at least some measure of capacity (e.g., CPU cycles, network bandwidth, latency, etc.) for at least some portion of customer requests it receives. Furthermore, different hardware and software configurations of the computing resources used to provide remote program execution and remote data storage may affect performance and degradation of the computing resources during intervals of heavy utilization. It may be difficult for the computing resource service provider to determine customers, attackers, or traffic patterns causing heavy resource utilization.