Top

Published in:

2014 | OriginalPaper | Chapter

1. Attacks in Public Clouds: Can They Hinder the Rise of the Cloud?

Authors : Saeed Shafieian, Mohammad Zulkernine, Anwar Haque

Published in: Cloud Computing

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Since the advent of Cloud Computing, security has been one of the main barriers to the adoption of the Cloud paradigm, especially by large organizations dealing with customers’ sensitive information. The rapid growth of the Cloud has made it a desirable attack target for both external attackers and malicious insiders. Many of the security attacks that occur in non-Cloud environments can occur in the Cloud as well, but some of those may be exacerbated, and some may remain unaffected in the new Cloud paradigm. There are also new threats that have arisen, and Cloud users now face Cloud-specific attacks that did not exist or rarely occurred in traditional environments. In this chapter, we discuss attacks that are exacerbated by exploitation of the multi-tenancy attribute in public Clouds that occur because of the virtualization technology or are due to the pay-as-you-go model in the Cloud. We discuss some of the most common threats and attacks with respect to the Cloud attribute exploitations which are capable of exacerbating attacks by causing more potential consequences, or making detection and prevention mechanisms more challenging. We also assess the attacks to find out how they may affect confidentiality, integrity, and availability of data and services for Cloud users. Being aware of the threats to the Cloud may help organizations and individuals have a more informed switch to the Cloud from their non-Cloud environments. This will also keep up the rise of the Cloud.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

next chapter Distributed Database Management Systems: Architectural Design Choices for the Cloud

Amazon Web Services (AWS) (n.d.) Case studies. https://aws.amazon.com/solutions/case-studies. Accessed 2 Sept 2014

Cloud Security Alliance (Feb 2013) The notorious nine—cloud computing top threats in 2013. https://downloads.cloudsecurityalliance.org/initiatives/top_threats/The_Notorious_Nine_Cloud_Computing_Top_Threats_in_2013.pdf. Accessed 2 Sept 2014

Internet Data Corporation (IDC) (15 Dec 2009) New IDC IT cloud services survey: top benefits and challenges. http://blogs.idc.com/ie/?p=730. Accessed 2 Sept 2014

Mell P, Grance T (Sept 2011) The NIST definition of cloud computing. National Institute of Standards and Technology (NIST), Gaithersburg. http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf. Accessed 2 Sept 2014

Grosse EH, Howie J, Ransome J, Reavis J, Schmidt S (2010) Cloud computing roundtable. IEEE Secur Priv 8(6):17–23CrossRef

Hwang K, Kulkareni S, Hu Y (2009) Cloud security with virtualized defense and reputation-based trust management. In: Yang B, Zhu W, Dai Y, Yang LT, Ma J (eds) Proceedings of the 8th IEEE international symposium on dependable, autonomic and secure computing (DASC ’09), Chengdu, 12–14 Dec 2009. IEEE Computer Society, Los Alamitos, pp 717–722CrossRef

Ma X (2012) Security concerns in cloud computing. Proceedings of the 2012 fourth international conference on computational and information sciences (ICCIS 2012), Chongqing, 17–19 Aug 2012, pp 1069–1072

Subashini S Kavitha V (2011) A survey on security issues in service delivery models of cloud computing. J Netw Comput Appl 34(1):1–11. (Elsevier, January 2011)CrossRef

You P, Peng Y, Liu W, Xue S (2012) Security issues and solutions in cloud computing. Proceedings of the 32nd international conference on distributed computing systems workshops (ICDCSW), Macau, 18–21 June 2012, pp 573–577

10.

Jensen M, Schwenk J, Gruschka N, Iacono LL (2009) On technical security issues in cloud computing. Proceedings of the 2009 IEEE international conference on cloud computing (CLOUD ’09), Bangalore, 21–25 Sept 2009, pp 109–116

11.

Dawoud W, Takouna I, Meinel C (2010) Infrastructure as a service security: challenges and solutions. Proceedings of the 7th international conference on informatics and systems (INFOS), Giza, 28–30 March 2010, pp 1–8

12.

Ren K, Wang C, Wang Q (2012) Security challenges for the public cloud. IEEE Internet Comput 16(1):69–73CrossRef

13.

Sabahi F (2011) Cloud computing security threats and responses. Proceedings of the IEEE 3rd international conference on communication software and networks (ICCSN), Xi’an, 27–29 May 2011, pp 245–249

14.

Zhou M, Zhang R, Xie W, Qian W, Zhou A (2010) Security and privacy in cloud computing: a survey. Proceedings of the 6th international conference on semantics knowledge and grid (SKG), Ningbo, 1–3 Nov, pp 105–112

15.

Zissis D, Lekkas D (2012) Addressing cloud computing security issues. Future Gener Comp Sy 28(3):583–592CrossRef

16.

Shue CA, Lagesse B (2011) Embracing the cloud for better cyber security. Proceedings of the 8th IEEE international workshop on middleware and system support for pervasive computing, Seattle, 21–25 March, pp 245–250

17.

Chaves S, Westphall C, Westphall C, Geronimo G (2011) Customer security concerns in cloud computing. Proceedings of the tenth international conference on networks (ICN 2011), St. Maarten, 23–28 Jan, pp 7–11

18.

Takabi H, Joshi JB, Ahn GJ (2010) Security and privacy challenges in cloud computing environments. IEEE Secur Priv 8(6)24–31CrossRef

19.

Behl A (2011) Emerging security challenges in cloud computing: an insight to cloud security challenges and their mitigation. Proceedings of the 2011 world congress on information and communication technologies (WICT), Mumbai, 11–14 Dec, pp 217–222

20.

Behl A, Behl K (2012) Security paradigms for cloud computing. Proceedings of the fourth international conference on computational intelligence, communication systems and networks (CICSyN), Phuket, 24–26 July, pp 200–205

21.

Pearson S, Benameur A (2010) Privacy, security and trust issues arising from cloud computing. Proceedings of the 2nd IEEE international conference on cloud computing technology and science (CloudCom), Indianapolis, 30 Nov–3 Dec, pp 693–702

22.

Tripathi A, Mishra A (2011) Cloud computing security considerations. Proceedings of the IEEE International conference on signal processing, communications and computing (ICSPCC), Xi’an, 14–16 Sept, pp 1–5

23.

Sengupta S, Kaulgud V, Sharma VS (2011) Cloud computing security—trends and research directions. Proceedings of the IEEE world congress on services (SERVICES), Washington DC, 4–9 July, pp 524–531

24.

Tianfield H (2012) Security issues in cloud computing. Proceedings of the IEEE international conference on systems, man, and cybernetics (SMC), Seoul, 14–17 Oct, pp 1082–1089

25.

Bouayad A, Blilat A, Mejhed NEH, Ghazi ME (2012) Cloud computing: security challenges. Proceedings of the colloquium on information science and technology (CIST), Fez, 22–24 Oct, pp 26–31

26.

Gruschka N Jensen M (2010) Attack surfaces: a taxonomy for attacks on cloud services. Proceedings of the 3rd IEEE international conference on cloud computing (CLOUD’10), Heidelberg, 5–10 July, pp 276–279

27.

Srinivasan MK, Sarukesi K, Rodrigues P, Manoj MS, Revathy P (2012) State-of-the-art cloud computing security taxonomies: a classification of security challenges in the present cloud computing environment. Proceedings of the international conference on advances in computing, communications and informatics (ICACCI ’12), Chennai, 3–5 Aug, pp 470–476

28.

Chow R, Golle P, Jakobsson M, Shi E, Staddon J, Masuoka R, Molina J (2009) Controlling data in the cloud: outsourcing computation without outsourcing control. Proceedings of the 2009 ACM workshop on cloud computing security (CCSW’09), Chicago, 13 Nov, pp 85–90

29.

Grobauer B, Walloschek T, Stocker E (2011) Understanding cloud computing vulnerabilities. IEEE Secur Priv 9(2):50–57.CrossRef

30.

Sen J (2013) Security and privacy issues in cloud computing. arXiv:1303.4814 [cs.CR]

31.

Molnar D, Schechter S (2010) Self hosting vs. cloud hosting: accounting for the security impact of hosting in the cloud. Proceedings of the ninth workshop on the economics of information security (WEIS 2010), Harvard University, 7–8 June

32.

Shahriar H (Nov 2011) Mitigation of web-based program security vulnerability exploitations. PhD thesis, Queen’s University, Canada

33.

Douligeris C, Mitrokotsa A (2004) DDoS attacks and defense mechanisms: classification and state-of-the-art. Comput Netw 44(5):643–666CrossRef

34.

Roschke S, Cheng F, Meinel C (2009) Intrusion detection in the cloud. In: Yang B, Zhu W, Dai Y, Yang LT, Ma J (eds) Proceedings of the 8th IEEE international symposium on dependable, autonomic and secure computing (DASC ’09), Chengdu, 12–14 Dec 2009. IEEE Computer Society, Los Alamitos, pp 729–734

35.

Mirkovic J, Reiher P (2004) A taxonomy of DDoS attack and DDoS defense mechanisms. Comp Comm R 34(2):39–53.CrossRef

36.

Bakshi A, Yogesh B (2010) Securing cloud from DDOS attacks using intrusion detection system in virtual machine. Proceedings of the second international conference on communication software and networks (ICCSN’10), Singapore, 26–28 Feb, pp 260–264

37.

Yu S, Tian Y, Guo S, Wu DO (2014) Can we beat DDOS attacks in clouds? IEEE T Parall Distr 25(9):2245–2254CrossRef

38.

Song DX, Wagner D, Tian X, (2001) Timing analysis of keystrokes and timing attacks on SSH. Proceedings of the 10th USENIX security symposium, Washington DC, 13–17 Aug

39.

Ristenpart T, Tromer E, Shacham H, Savage S (2009) Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. Proceedings of the 16th ACM conference on computer and communications security (CCS’09), Chicago, 9–13 Nov, pp 199–212

40.

Osvik DA, Shamir A, Tromer E (2006) Cache attacks and countermeasures: the case of AES. In: Pointcheval D (ed) Proceedings of the RSA conference cryptographers track (CT-RSA 2006), 13–17 Feb. Lecture notes in computer science, vol 3860. Springer, Berlin, pp 1–20

41.

Percival C (2005) Cache missing for fun and profit. Proceedings of BSDCan 2005, Ottawa, 13–14 May

42.

Zhang Y, Juels A, Reiter MK, Ristenpart T (2012) Cross-VM side channels and their use to extract private keys. Proceedings of the 2012 ACM conference on computer and communications security (CCS’12), Raleigh, 16–18 Oct, pp 305–316

43.

Zhang Y, Juels A, Oprea A, Reiter MK, (2011) HomeAlone: co-residency detection in the cloud via side-channel analysis. Proceedings of the 2011 IEEE symposium on security and privacy (SP), Oakland, 22–25 May, pp 313–328

44.

Godfrey M, Zulkernine M (2013) A server-side solution to cache-based side-channel attacks in the cloud. Proceedings of the IEEE 6th international conference on cloud computing, Santa Clara, 28 June–3 July, pp 163–170

45.

Cloud Security Alliance (2010) Top threats to cloud computing V1.0. Cloud Security Alliance, Singapore

46.

XenAccess (n.d.) XenAccess library. https://code.google.com/p/xenaccess. Accessed 2 Sept 2014

47.

Duncan A, Creese S, Goldsmith M (2012) Insider attacks in cloud computing. Proceedings of the IEEE 11th international conference on trust, security and privacy in computing and communications (TrustCom), Liverpool, 25–27 June, pp 857–862

48.

Santos N, Gummadi KP, Rodrigues R (2009) Towards trusted cloud computing. Proceedings of HotCloud’09, San Diego, 15 June, article no 3

49.

Zhou F, Goel M, Desnoyers P, Sundaram R (2011) Scheduler vulnerabilities and coordinated attacks in cloud computing. Proceeding of the 10th IEEE international symposium on network computing and applications (NCA), Cambridge, 25–27 Aug, pp 123–130

50.

Wei J, Zhang X, Ammons G, Bala V, NingRaleigh P (2009) Managing security of virtual machine images in a cloud environment. Proceeding of the 2009 ACM workshop on cloud computing security (CCSW’09), Chicago, 13 Nov, pp 91–96

51.

Garfinkel T Rosenblum M (2005) When virtual is harder than real: security challenges in virtual machine based computing environments. Proceeding of the 10th workshop on hot topics in operating systems (HotOS’5), Santa Fe, June

52.

Pearson S (2012) Privacy, security and trust in cloud computing. In: Pearson S, Yee G (eds) Privacy and security for cloud computing. Springer, London, pp 3–42

53.

Balduzzi M, Zaddach J, Balzarotti D, Kirda E, Loureiro S (2012) A security analysis of amazon’s elastic compute cloud service. Proceedings of the 27th annual ACM symposium on applied computing (SAC ’12), Riva del Garda, 26–30 March, pp 1427–1434

54.

Oberheide J, Cooke E, Jahanian F (2008) Empirical exploitation of live virtual machine migration. Proceedings of the Black Hat DC Briefings, Washington DC, 18–21 Feb

55.

Varadarajan V, Kooburat T, Farley B, Ristenpart T, Swift MM (2012) Resource-freeing attacks: improve your cloud performance (at your neighbor’s expense). Proceeding of the 2012 ACM conference on computer and communications security (CCS’12), Raleigh, 16–18 Oct, pp 281–292

56.

Idziorek J, Tannian M, Jacobson D (2011) Detecting fraudulent use of cloud resources. Proceedings of the 3rd ACM workshop on cloud computing security workshop (CCSW’11), Chicago, 17–21 Oct, pp 61–72

57.

Hoff C (2008) Cloud computing security: from DDoS (distributed denial of service) to EDoS (economic denial of sustainability). http://www.rationalsurvivability.com/blog/?p=66. Accessed 2 Sept 2014

58.

Sqalli MH, Al-Haidari F, Salah K (2011) EDoS-Shield—a two-steps mitigation technique against edos attacks in cloud computing. Proceedings of the fourth IEEE international conference on utility and cloud computing (UCC), Victoria, 5–8 Dec, pp 49–56

Title: Attacks in Public Clouds: Can They Hinder the Rise of the Cloud?
Authors: Saeed Shafieian
Mohammad Zulkernine
Anwar Haque
Publisher: Springer International Publishing
Book: Cloud Computing
Print ISBN: 978-3-319-10529-1

Electronic ISBN: 978-3-319-10530-7

Copyright Year: 2014
DOI: https://doi.org/10.1007/978-3-319-10530-7_1

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner