Self-service cloud computing

Butt, Shakeel; Lagar-Cavilla, H. Andrés; Srivastava, Abhinav; Ganapathy, Vinod

doi:10.1145/2382196.2382226

Cited by 90 publications

(40 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Cloud computing involves three parties; cloud customer, cloud service provider and cloud network. These are the security threats which cause damage to the cloud [18]. Some of them are:…”

Section: Major Challenges/issuesmentioning

confidence: 99%

Comparison of Intrusion Detection Techniques in Cloud Computing

2018

IJRTER

View full text Add to dashboard Cite

Abstract-Cloud computing is a kind of computing, which is highly scalable and use virtualized resources that can be shared by the users. Cloud computing provides scalable services to end users with greater flexibility and less infrastructure. Cloud services include software as a service, platform as a service, and infrastructure as a service. These services are provided by using different protocols and standards. Economic benefits are the main driver for the cloud, since it promises the reduction of capital expenditure and operational expenditure. One of the most significant search done on cloud computing is to provide security to the cloud environment. Cloud computing can be threatened by various cyber attacks, because most of the cloud computing systems provide services to many people who are not proven as trustworthy. In this paper, we are going to compare the techniques to detect the intrusion in cloud computing. The techniques used are Signature Based detection (SD), Anomaly-based Detection (AD) and Stateful Protocol Analysis.

show abstract

“…Cloud computing involves three parties; cloud customer, cloud service provider and cloud network. These are the security threats which cause damage to the cloud [18]. Some of them are:…”

Section: Major Challenges/issuesmentioning

confidence: 99%

Comparison of Intrusion Detection Techniques in Cloud Computing

2018

IJRTER

View full text Add to dashboard Cite

show abstract

“…We augment these elements with additional ones to consider further threats. In detail, when the virtualized environment is run by an external provider, the trust placed in that provider also needs to be considered [5] [14] [7] [9]. Hence, other components that we introduce are: (i) physical-access: a component that defines whether physical access is possible for the attacker; (ii) actors: the Cloud service provider (CSP), the tenant and a generic external attacker.…”

Section: Ontology Of Components and Relationsmentioning

confidence: 99%

Formalizing Threat Models for Virtualized Systems

Sgandurra

Karafili

Lupu

2016

Data and Applications Security and Privacy XXX

View full text Add to dashboard Cite

Abstract. We propose a framework, called FATHoM (FormAlizing THreat Models), to define threat models for virtualized systems. For each component of a virtualized system, we specify a set of security properties that defines its control responsibility, its vulnerability and protection states. Relations are used to represent how assumptions made about a component's security state restrict the assumptions that can be made on the other components. FATHoM includes a set of rules to compute the derived security states from the assumptions and the components' relations. A further set of relations and rules is used to define how to protect the derived vulnerable components. The resulting system is then analysed, among others, for consistency of the threat model. We have developed a tool that implements FATHoM, and have validated it with use-cases adapted from the literature.

show abstract

“…A self-service cloud (SSC) computing platform [16] provides users with privileged VMs called service domains (SDs) to monitor their own VMs. SDs can monitor the memory of target VMs, disk blocks accessed by VMs, and system calls issued by them.…”

Section: Privileged Vms For Offloading Idsesmentioning

confidence: 99%

Co-migration of Virtual Machines with Synchronization for IDS Offloading

Kourai

Utsunomiya

2014

IPSJ Online Transactions

View full text Add to dashboard Cite

Since Infrastructure-as-a-Service (IaaS) clouds contain many vulnerable virtual machines (VMs), intrusion detection systems (IDSes) should be run for all the VMs. IDS offloading is promising for this purpose because it allows IaaS providers to run IDSes outside of VMs without any cooperation of the users. However, offloaded IDSes cannot continue to monitor their target VM when the VM is migrated to another host. In this paper, we propose VMCoupler for enabling co-migration of offloaded IDSes and their target VM. Our approach is running offloaded IDSes in a special VM called a guard VM, which can monitor the internals of a target VM using VM introspection. VMCoupler can migrate a guard VM together with its target VM and restore the state of VM introspection at the destination. The migration processes of these two VMs are synchronized so that a target VM does not run without being monitored. We have confirmed that the overhead of monitoring and co-migration was small.

show abstract

Self-service cloud computing

Cited by 90 publications

References 28 publications

Comparison of Intrusion Detection Techniques in Cloud Computing

Comparison of Intrusion Detection Techniques in Cloud Computing

Formalizing Threat Models for Virtualized Systems

Co-migration of Virtual Machines with Synchronization for IDS Offloading

Contact Info

Product

Resources

About