Cloud Computing: Insider Attacks on Virtual Machines during Migration

Duncan, Adrian; Creese, Sadie; Goldsmith, Michael; Quinton, Jamie S.

doi:10.1109/trustcom.2013.62

Cited by 20 publications

(11 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, if an attacker knows precisely what he/she is looking for, disinformation might not hinder theft of information. On the other hand, sample data sniffers have a great potential in mitigating attacks during virtual machines (VM) migrations [14] since once a VM is reallocated to different hypervisor, a malicious attacker could exploit the vulnerabilities and obtain a large amount of data. From the above, and to the best of our knowledge, it is clear that no similar attempts have been made in using self-adaptation techniques in order to deal with uncertainties related to insider threats in cloud computing.…”

Section: Related Workmentioning

confidence: 99%

“…Senador Salgado Filho, S/N -59.098-970 Natal, RN, Brazil Full list of author information is available at the end of the article Although there has been an increasing adoption of cloud computing systems, some aspects related to security and privacy are still in its infancy, such as, the handling of insider threats. Some efforts have been made for dealing with malicious attacks in cloud [14,16,30], but these have not considered insider threats. An insider threat can be understood as a user who has or had authorised access to an organisation's network, system, or data, and exceed or misuse that access in a manner that can negatively affect the confidentiality, integrity, or availability of the organisation's information or information systems [5].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Self-adaptive authorisation in OpenStack cloud platform

Silva

Diniz

Cacho

et al. 2018

J Internet Serv Appl

View full text Add to dashboard Cite

Although major advances have been made in protection of cloud platforms against malicious attacks, little has been done regarding the protection of these platforms against insider threats. This paper looks into this challenge by introducing self-adaptation as a mechanism to handle insider threats in cloud platforms, and this will be demonstrated in the context of OpenStack. OpenStack is a popular cloud platform that relies on Keystone, its identity management component, for controlling access to its resources. The use of self-adaptation for handling insider threats has been motivated by the fact that self-adaptation has been shown to be quite effective in dealing with uncertainty in a wide range of applications. Insider threats have become a major cause for concern since legitimate, though malicious, users might have access, in case of theft, to a large amount of information. The key contribution of this paper is the definition of an architectural solution that incorporates self-adaptation into OpenStack Keystone in order to handle insider threats. For that, we have identified and analysed several insider threats scenarios in the context of the OpenStack cloud platform, and have developed a prototype that was used for experimenting and evaluating the impact of these scenarios upon the self-adaptive authorisation system for the cloud platforms.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Self-adaptive authorisation in OpenStack cloud platform

Silva

Diniz

Cacho

et al. 2018

J Internet Serv Appl

View full text Add to dashboard Cite

show abstract

“…The latter requires a change of IP address and introduces another challenge that limits migration in cloud computing [25]. LVMM has been penetrated via man-in-the-middle attacks, as well as successfully attacked by through flag migration [16,26,27]. LVMM introduces important security issues because it includes VM state transfer through communication links, which can be attacked by ARP spoofing, DNS spoofing and route Hijacking [28].…”

Section: Fig 2: Lvmm Process Steps [24]mentioning

confidence: 99%

Infrastructure as a service: Exploring network access control challenges

Amri

Guan

2016

2016 SAI Computing Conference (SAI)

View full text Add to dashboard Cite

“…Especially the System administrator, who is an insider, can only be suspected for this type of crime. In their second work [3], they created a set-up like real cloud system used in the IaaS (Infrastructure as a Service) and identify the attack vectors based on their observations which they have found as relevant security problems in the migration of the virtual machines. The virtual machine migration can only be possible by the highly privileged person i.e.…”

Section: Related Work In Cloud Insider Threatsmentioning

confidence: 99%

Insider Threat Mitigation in Cloud Computing

Mandal¹,

Chatterjee²

2015

IJCA

View full text Add to dashboard Cite

Insider threat is one of the most critical security threats for any Industry, even it is the most eldest strategy to fall an empire down, very common in diplomacy according to the human history. In the cloud computing ecosystem there are several problems that is harder than the normal (not could) scenarios. If the insider threats are the most dangerous threat even in the non-cloud platform then it must has multidimensional attack vectors in cloud computing. Many researches have been done and are being carried out in the field of cyber security for malicious insider attacks. In the provider end of the service, the insider who can harm the system most is the System administrator because he has the highest access control and other privileges. Sometimes when the user demands some resources and the provider is running out of that kind of resource then, they outsource the resource from the third party or cloud broker. The resources are like server, storage and device or public/private cloud. In this paper we propose a technical solution and some policies for the cloud provider to mitigate the insider attack due to the rogue administrator. We also discuss about the possibility of insider attack in outsourcing issue of cloud computing and provide some policies as solution for that problem.

show abstract

Cloud Computing: Insider Attacks on Virtual Machines during Migration

Cited by 20 publications

References 5 publications

Self-adaptive authorisation in OpenStack cloud platform

Self-adaptive authorisation in OpenStack cloud platform

Infrastructure as a service: Exploring network access control challenges

Insider Threat Mitigation in Cloud Computing

Contact Info

Product

Resources

About