Skip to main content
Top

2016 | OriginalPaper | Chapter

Attacks in the Resource-as-a-Service (RaaS) Cloud Context

Authors : Danielle Movsowitz, Orna Agmon Ben-Yehuda, Assaf Schuster

Published in: Distributed Computing and Internet Technology

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

The Infrastructure-as-a-Service (IaaS) cloud is evolving towards the Resource-as-a-Service (RaaS) cloud: a cloud which requires economic decisions to be taken in real time by automatic agents. Does the economic angle introduce new vulnerabilities? Can old vulnerabilities be exploited on RaaS clouds from different angles? How should RaaS clouds be designed to protect them from attacks? In this survey we analyze relevant literature in view of RaaS cloud mechanisms and propose directions for the design of RaaS clouds.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Footnotes
1
CloudSigma’s Pricing https://​www.​cloudsigma.​com/​pricing/​, accessed October 2015.
 
Literature
1.
go back to reference Agmon Ben-Yehuda, O., Ben-Yehuda, M., Schuster, A., Tsafrir, D.: The resource-as-a-service (RaaS) cloud. In: USENIX Conference on Hot Topics in Cloud Computing (HotCloud) (2012) Agmon Ben-Yehuda, O., Ben-Yehuda, M., Schuster, A., Tsafrir, D.: The resource-as-a-service (RaaS) cloud. In: USENIX Conference on Hot Topics in Cloud Computing (HotCloud) (2012)
2.
go back to reference Agmon Ben-Yehuda, O., Ben-Yehuda, M., Schuster, A., Tsafrir, D.: Deconstructing Amazon EC2 spot instance pricing. ACM Trans. Econ. Comput. 1(3), 16:1–16:20 (2013)CrossRef Agmon Ben-Yehuda, O., Ben-Yehuda, M., Schuster, A., Tsafrir, D.: Deconstructing Amazon EC2 spot instance pricing. ACM Trans. Econ. Comput. 1(3), 16:1–16:20 (2013)CrossRef
3.
go back to reference Agmon Ben-Yehuda, O., Ben-Yehuda, M., Schuster, A., Tsafrir, D.: The rise of RaaS: the resource-as-a-service cloud. Commun. ACM 57(7), 76–84 (2014)CrossRef Agmon Ben-Yehuda, O., Ben-Yehuda, M., Schuster, A., Tsafrir, D.: The rise of RaaS: the resource-as-a-service cloud. Commun. ACM 57(7), 76–84 (2014)CrossRef
4.
go back to reference Agmon Ben-Yehuda, O., Posener, E., Ben-Yehuda, M., Schuster, A., Mu’alem, A.: Ginseng: market-driven memory allocation. ACM SIGPLAN Not. 49(7), 41–52 (2014)CrossRef Agmon Ben-Yehuda, O., Posener, E., Ben-Yehuda, M., Schuster, A., Mu’alem, A.: Ginseng: market-driven memory allocation. ACM SIGPLAN Not. 49(7), 41–52 (2014)CrossRef
5.
go back to reference Caron, E., Cornabas, J.R.: Improving users’ isolation in IaaS: virtual machine placement with security constraints. In: IEEE International Conference on Cloud Computing (CLOUD), pp. 64–71 (2014) Caron, E., Cornabas, J.R.: Improving users’ isolation in IaaS: virtual machine placement with security constraints. In: IEEE International Conference on Cloud Computing (CLOUD), pp. 64–71 (2014)
6.
go back to reference Clarke, E.H.: Multipart pricing of public goods. Public Choice 11(1), 17–33 (1971)CrossRef Clarke, E.H.: Multipart pricing of public goods. Public Choice 11(1), 17–33 (1971)CrossRef
7.
go back to reference Dolgikh, A., Birnbaum, Z., Chen, Y., Skormin, V.: Behavioral modeling for suspicious process detection in cloud computing environments. In: IEEE International Conference on Mobile Data Management (MDM), vol. 2, pp. 177–181 (2013) Dolgikh, A., Birnbaum, Z., Chen, Y., Skormin, V.: Behavioral modeling for suspicious process detection in cloud computing environments. In: IEEE International Conference on Mobile Data Management (MDM), vol. 2, pp. 177–181 (2013)
8.
go back to reference Friedman, A., Schuster, A.: Data mining with differential privacy. In: ACM International Conference on Knowledge Discovery and Data Mining (SIGKDD), pp. 493–502 (2010) Friedman, A., Schuster, A.: Data mining with differential privacy. In: ACM International Conference on Knowledge Discovery and Data Mining (SIGKDD), pp. 493–502 (2010)
9.
go back to reference Friedman, A., Sharfman, I., Keren, D., Schuster, A.: Privacy-preserving distributed stream monitoring. In: Annual Network and Distributed System Security Symposium (NDSS) (2014) Friedman, A., Sharfman, I., Keren, D., Schuster, A.: Privacy-preserving distributed stream monitoring. In: Annual Network and Distributed System Security Symposium (NDSS) (2014)
10.
go back to reference Friedman, A., Wolff, R., Schuster, A.: Providing k-anonymity in data mining. VLDB J. 17(4), 789–804 (2008)CrossRef Friedman, A., Wolff, R., Schuster, A.: Providing k-anonymity in data mining. VLDB J. 17(4), 789–804 (2008)CrossRef
11.
go back to reference Gilburd, B., Schuster, A., Wolff, R.: k-ttp: a new privacy model for large-scale distributed environments. In: ACM International Conference on Knowledge Discovery and Data Mining (SIGKDD), pp. 563–568 (2004) Gilburd, B., Schuster, A., Wolff, R.: k-ttp: a new privacy model for large-scale distributed environments. In: ACM International Conference on Knowledge Discovery and Data Mining (SIGKDD), pp. 563–568 (2004)
12.
go back to reference Gilburd, B., Schuster, A., Wolff, R.: Privacy-preserving data mining on data grids in the presence of malicious participants. In: International Symposium on High-Performance Distributed Computing (HPDC), pp. 225–234 (2004) Gilburd, B., Schuster, A., Wolff, R.: Privacy-preserving data mining on data grids in the presence of malicious participants. In: International Symposium on High-Performance Distributed Computing (HPDC), pp. 225–234 (2004)
14.
go back to reference Hegeman, J.: Facebook’s ad auction. Talk at Ad Auctions Workshop, May 2010 Hegeman, J.: Facebook’s ad auction. Talk at Ad Auctions Workshop, May 2010
15.
go back to reference Kelly, F.: Charging and rate control for elastic traffic. Eur. Trans. Telecommun. 8, 33–37 (1997)CrossRef Kelly, F.: Charging and rate control for elastic traffic. Eur. Trans. Telecommun. 8, 33–37 (1997)CrossRef
17.
go back to reference Lucier, B., Paes Leme, R., Tardos, E.: On revenue in the generalized second price auction. In: International Conference on World Wide Web (WWW) (2012) Lucier, B., Paes Leme, R., Tardos, E.: On revenue in the generalized second price auction. In: International Conference on World Wide Web (WWW) (2012)
18.
go back to reference Maillé, P., Tuffin, B.: Multi-bid auctions for bandwidth allocation in communication networks. In: IEEE INFOCOM (2004) Maillé, P., Tuffin, B.: Multi-bid auctions for bandwidth allocation in communication networks. In: IEEE INFOCOM (2004)
19.
go back to reference Posener, E.: Dynamic memory allocation in cloud computers using progressive second price auction. Master’s thesis, Technion (2013) Posener, E.: Dynamic memory allocation in cloud computers using progressive second price auction. Master’s thesis, Technion (2013)
20.
go back to reference Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: ACM Conference on Computer and Communications Security (SIGSAC), pp. 199–212 (2009) Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: ACM Conference on Computer and Communications Security (SIGSAC), pp. 199–212 (2009)
21.
go back to reference Schuster, A., Wolff, R., Gilburd, B.: Privacy-preserving association rule mining in large-scale distributed systems. In: Cluster, Cloud and Grid Computing (CCGrid), pp. 411–418 (2004) Schuster, A., Wolff, R., Gilburd, B.: Privacy-preserving association rule mining in large-scale distributed systems. In: Cluster, Cloud and Grid Computing (CCGrid), pp. 411–418 (2004)
22.
go back to reference Shi, J., Song, X., Chen, H., Zang, B.: Limiting cache-based side-channel in multi-tenant cloud using dynamic page coloring. In: IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W), pp. 194–199 (2011) Shi, J., Song, X., Chen, H., Zang, B.: Limiting cache-based side-channel in multi-tenant cloud using dynamic page coloring. In: IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W), pp. 194–199 (2011)
23.
go back to reference Varadarajan, V., Kooburat, T., Farley, B., Ristenpart, T., Swift, M.M.: Resource-freeing attacks: improve your cloud performance (at your neighbor’s expense). In: ACM Conference on Computer and Communications Security (SIGSAC), pp. 281–292 (2012) Varadarajan, V., Kooburat, T., Farley, B., Ristenpart, T., Swift, M.M.: Resource-freeing attacks: improve your cloud performance (at your neighbor’s expense). In: ACM Conference on Computer and Communications Security (SIGSAC), pp. 281–292 (2012)
24.
go back to reference Varadarajan, V., Ristenpart, T., Swift, M.: Scheduler-based defenses against cross-vm side-channels. In: Usenix Security (2014) Varadarajan, V., Ristenpart, T., Swift, M.: Scheduler-based defenses against cross-vm side-channels. In: Usenix Security (2014)
25.
go back to reference Vickrey, W.: Counterspeculation, auctions, and competitive sealed tenders. J. Finance 16(1), 8–37 (1961)CrossRef Vickrey, W.: Counterspeculation, auctions, and competitive sealed tenders. J. Finance 16(1), 8–37 (1961)CrossRef
26.
go back to reference Waldspurger, C.A.: Memory resource management in Vmware ESX server. USENIX Symp. Operating Syst. Des. Implementation (OSDI) 36, 181–194 (2002) Waldspurger, C.A.: Memory resource management in Vmware ESX server. USENIX Symp. Operating Syst. Des. Implementation (OSDI) 36, 181–194 (2002)
27.
go back to reference Younis, Y., Kifayat, K., Merabti, M.: Cache side-channel attacks in cloud computing. In: International Conference on Cloud Security Management (ICCSM), p. 138. Academic Conferences Limited, (2014) Younis, Y., Kifayat, K., Merabti, M.: Cache side-channel attacks in cloud computing. In: International Conference on Cloud Security Management (ICCSM), p. 138. Academic Conferences Limited, (2014)
28.
go back to reference Zhang, Y., Juels, A., Oprea, A., Reiter, M.K.: Homealone: co-residency detection in the cloud via side-channel analysis. In: IEEE Symposium on Security and Privacy (SP), pp. 313–328. IEEE (2011) Zhang, Y., Juels, A., Oprea, A., Reiter, M.K.: Homealone: co-residency detection in the cloud via side-channel analysis. In: IEEE Symposium on Security and Privacy (SP), pp. 313–328. IEEE (2011)
Metadata
Title
Attacks in the Resource-as-a-Service (RaaS) Cloud Context
Authors
Danielle Movsowitz
Orna Agmon Ben-Yehuda
Assaf Schuster
Copyright Year
2016
DOI
https://doi.org/10.1007/978-3-319-28034-9_2

Premium Partner