Abuse of the Cloud as an Attack Platform

Chatterjee, Moitrayee; Datta, Prerit; Abri, Faranak; Namin, Akbar Siami; Jones, Keith S.

doi:10.1109/compsac48688.2020.0-125

Cited by 2 publications

(1 citation statement)

References 3 publications

(3 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Hosting Phishing Websites on the Cloud: Attackers are now able to host a phishing website on the cloud platform to steal credentials of legitimate users on the Internet [6], [7], [13], [14]. Attackers had developed a phishing website that asked users to enter their Microsoft 365 credentials 5,6 . The website was designed and hosted on a popular website creation and hosting service called http://www.wix.com.…”

Section: Attack Types Launched On Cloudmentioning

confidence: 99%

Launching Stealth Attacks using Cloud

Chatterjee,

Datta,

Abri

et al. 2020

Preprint

Self Cite

View full text Add to dashboard Cite

Cloud computing offers users scalable platforms and low resource cost. At the same time, the off-site location of the resources of this service model makes it more vulnerable to certain types of adversarial actions. Cloud computing has not only gained major user base, but also, it has the features that attackers can leverage to remain anonymous and stealth. With convenient access to data and technology, cloud has turned into an attack platform among other utilization. This paper reports our study to show that cyber attackers heavily abuse the public cloud platforms to setup their attack environments and launch stealth attacks. The paper first reviews types of attacks launched through cloud environment. It then reports case studies through which the processes of launching cyber attacks using clouds are demonstrated. We simulated various attacks using a virtualized environment, similar to cloud platforms, to identify the possible countermeasures from a defender's perspective, and thus to provide implications for the cloud service providers.

show abstract