Securing the Cloud: Threats, Attacks and Mitigation Techniques

Alani, Mohammed M.

doi:10.14419/jacst.v3i2.3588

Cited by 34 publications

(16 citation statements)

References 47 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Attackers can abuse this feature by renting VM to hack service engine through other customers' VMs in order to breach and compromise confidential data by breaking the isolation feature that separates customers' data. [23].…”

Section: Abuse Of Cloud Service Threatmentioning

confidence: 99%

“…Another form of DoS attack is Asymmetric applicationlevel DoS attacks, which is capable of shutting down an application by using small attack payload as 100 bytes [23]. The DoS attacks are usually achieved by exploiting the vulnerabilities, like in web server or applications etc., and overloading the victim machine by sending many requests collectively in order to consume most cloud resources, such as network bandwidth, memory or computation powers, and therefore, causing in delay of cloud services or completely make unavailable of resources and services [4,17].…”

Section: Major Challenges From Abuse Of Cloud Service Threat and Avaimentioning

confidence: 99%

See 1 more Smart Citation

Security Challenges from Abuse of Cloud Service Threat

Ahmad¹,

Bakht²

2019

IJCDS

View full text Add to dashboard Cite

Cloud computing is an ever-growing technology that leverages dynamic and versatile provision of computational resources and services. In spite of countless benefits that cloud service has to offer, there is always a security concern for new threats and risks. The paper provides a useful introduction to the rising security issues of Abuse of cloud service threat, which has no standard security measures to mitigate its risks and vulnerabilities. The threat can result an unbearable system gridlock and can make cloud services unavailable or even complete shutdown. The study has identified the potential challenges, as BotNet, BotCloud, Shared Technology Vulnerability and Malicious Insiders, from Abuse of cloud service threat. It has further described the attacking methods, impacts and the reasons due to the identified challenges. The study has evaluated the current available solutions and proposed mitigating security controls for the security risks and challenges from Abuse of cloud services threat.

show abstract

Section: Abuse Of Cloud Service Threatmentioning

confidence: 99%

Section: Major Challenges From Abuse Of Cloud Service Threat and Avaimentioning

confidence: 99%

Security Challenges from Abuse of Cloud Service Threat

Ahmad¹,

Bakht²

2019

IJCDS

View full text Add to dashboard Cite

show abstract

“…All of these are described in this section. (Alani 2014)Cloud computing referred to the delivery of on-demand computing resources everything from applications to data centers-over the Internet on a pay-for-use basis. By using this service you can use any resource without being present there.…”

Section: Literature Reviewmentioning

confidence: 99%

An Optimized Approach to Handle DDOS Attack on Cloud Network

Garg¹

2018

IJRASET

View full text Add to dashboard Cite

The cloud computing is happening technology which is most commonly used now days. As more and more users are accessing the cloud the cloud security is under danger. In order to resolve the problem the security mechanism within the cloud has to be implemented. Cloud is prone to number of attacks. Most common attack over the cloud is DDOS. It is distributed Daniel of service. The main operation of the DDOS is to block the resources which are present over the cloud. The cloud computing will depend over the sensors. The sensors have very limited memory. In order to resolve the problem proposed work is suggested. In existing system measures are not taken in order to prevent the attack or to resolve the problem permanently. In the proposed system using cloud sim tool, White List will be maintained that indicate the services which are required within system. The services which are not in the white list will be blocked. Keyword: DDOS, cloud computing, cloud SIM, Mobile Cloud Computing I.INTRODUCTION A Distributed denial of service (DDOS) attack is a DOS attack utilizing multiple distributed attack sources. Typically, the attackers use a large number of controlled bots distributed in different locations to launch a large number of DOS attacks against a single target or multiple targets. With the rapid development of bot nets in recent years, the attack traffic scale caused by DDOS attacks has been increasing, with the targets including not only business servers, but also internet infrastructures such as firewalls, routers and DNS system as well as network bandwidth, the attack influence sphere has also become broader. The remainder of this paper is organized as follows. We are also describes variety of available DDOS algorithms. Cloud computing provides a wide range of computing resources from servers and storage to enterprise applications. Cloud computing is a hosting environment that is immediate, flexible, scalable, secure and available. The computing resources from cloud can be easily and quickly accessed and released after use with very less management effort. The concept of Cloud Computing can be used in mobile applications running on SMDs to boost up their performance. With the integration and support of Cloud Computing into the complex mobile applications, the term Mobile Cloud Computing (MCC) arises.

show abstract

“…Specifically, service requests from cloud users are honored through building and running virtual machines (VMs), and VMs created for different users can be instantiated on the same physical server. While this co‐resident VM architecture provides cost‐effective resource sharing, it poses unique security risks to the cloud users (Alani, ; Godfrey & Zulkernine, ; Ristenpart, Tromer, Shacham, & Savage, ). In particular, an attacker may penetrate its malicious software into the cloud system as regular service requests for creating the attacker's VMs (AVMs).…”

Section: Introductionmentioning

confidence: 99%

Security of Separated Data in Cloud Systems with Competing Attack Detection and Data Theft Processes

2018

View full text Add to dashboard Cite

Empowered by virtualization technology, service requests from cloud users can be honored through creating and running virtual machines. Virtual machines established for different users may be allocated to the same physical server, making the cloud vulnerable to coresidence attacks where a malicious attacker can steal a user's data through co-residing their virtual machines on the same server. For protecting data against the theft, the data partition technique is applied to divide the user's data into multiple blocks with each being handled by a separate virtual machine. Moreover, early warning agents (EWAs) are deployed to possibly detect and prevent co-residence attacks at a nascent stage. This article models and analyzes the attack success probability (complement of data security) in cloud systems subject to competing attack detection process (by EWAs) and data theft process (by co-residence attackers). Based on the suggested probabilistic model, the optimal data partition and protection policy is determined with the objective of minimizing the user's cost subject to providing a desired level of data security. Examples are presented to illustrate effects of different model parameters (attack rate, number of cloud servers, number of data blocks, attack detection time, and data theft time distribution parameters) on the attack success probability and optimization solutions.

show abstract

Securing the Cloud: Threats, Attacks and Mitigation Techniques

Cited by 34 publications

References 47 publications

Security Challenges from Abuse of Cloud Service Threat

Security Challenges from Abuse of Cloud Service Threat

An Optimized Approach to Handle DDOS Attack on Cloud Network

Security of Separated Data in Cloud Systems with Competing Attack Detection and Data Theft Processes

Contact Info

Product

Resources

About