Retrospective detection of malware attacks by cloud computing

Liu, Shun-Te; Chen, Yiming

doi:10.1109/cyberc.2010.99

Cited by 14 publications

(8 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Other widely used DDoS countermeasures are firewalls. However, due to firewall location (at the border of a network), it would not be able to detect distributed attacks once they are in the network [50].…”

Section: Denial Of Service Attacksmentioning

confidence: 99%

Cloud Computing Security: A Survey

2014

View full text Add to dashboard Cite

Cloud computing is an emerging technology paradigm that migrates current technological and computing concepts into utility-like solutions similar to electricity and water systems. Clouds bring out a wide range of benefits including configurable computing resources, economic savings, and service flexibility. However, security and privacy concerns are shown to be the primary obstacles to a wide adoption of clouds. The new concepts that clouds introduce, such as multi-tenancy, resource sharing and outsourcing, create new challenges to the security community. Addressing these challenges requires, in addition to the ability to cultivate and tune the security measures developed for traditional computing systems, proposing new security policies, models, and protocols to address the unique cloud security challenges. In this work, we provide a comprehensive study of cloud computing security and privacy concerns. We identify cloud vulnerabilities, classify known security threats and attacks, and present the state-of-the-art practices to control the vulnerabilities, neutralize the threats, and calibrate the attacks. Additionally, we investigate and identify the limitations of the current solutions and provide insights of the future security perspectives. Finally, we provide a cloud security framework in which we present the various lines of defense and identify the dependency levels among them. We identify 28 cloud security threats which we classify into five categories. We also present nine general cloud attacks along with various attack incidents, and provide effectiveness analysis of the proposed countermeasures. OPEN ACCESSComputers 2014, 3 2

show abstract

Section: Denial Of Service Attacksmentioning

confidence: 99%

Cloud Computing Security: A Survey

2014

View full text Add to dashboard Cite

show abstract

“…(2) Availability of toolkits that facilitate generation of new variants given a malware instance with the minimum programming experience [5], [11], (3) Attackers interest in exploiting the abundant strategies and tools created to protect programs and software developer's copyrights (e.g., Packing, and obfuscation) to evade the detection of their assaults. [6], (4) Funded organizations and forums to train novices and advanced attackers how to create attacks, exploit vulnerabilities in targeted victim's machine, and avoid detection mechanisms. Those and many other causes resulted in exponential increase in the number of newly created malware.…”

Section: Malware Industry Evolutionsmentioning

confidence: 99%

“…Signature can be the file name, the file size, the file digest or a combination of them. Sometimes it may be rule-based detection policy [6], [2]. The second solution is behaviour based systems.…”

Section: 1malware Attacks and Their Conventional Countermeasuresmentioning

confidence: 99%

“…The motivation behind this solution is the possibility to generate variants of the given exploit by modifying it. Such kinds of modifications include but not limited to obfuscation, changing file name, packing PE format files and applying some code optimization attitudes [6], [4]. During the second half of 2006, Microsoft found more than 45,000 new variants of backdoors, trojans, and bots [8].…”

Section: 1malware Attacks and Their Conventional Countermeasuresmentioning

confidence: 99%

“…The second one aims to extend the services of traditional anti-malware solutions by integrating them as cloud services. In this work we focus on the second group who are motivated by the opportunities that cloud can provide to the malware detector, such as solving the problems of constrained resources machines, minimizing the wasted network resources, providing in-time protection, minimizing the vulnerability window, and facilitating forensics & retrospective detection [10], [9], [6].…”

Section: 2cloud Computing and Malware Detectionmentioning

confidence: 99%

See 2 more Smart Citations