Reconsidering Intrusion Monitoring Requirements in Shared Cloud Platforms

2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI:10.1109/ARES.2013.83

Kahina Lazri, S. Laniepce, J. Ben-othman

{"title":"Reconsidering Intrusion Monitoring Requirements in Shared Cloud Platforms","authors":"Kahina Lazri, S. Laniepce, J. Ben-othman","doi":"10.1109/ARES.2013.83","DOIUrl":null,"url":null,"abstract":"Multi-tenancy is the core feature that enables efficiency and cost effectiveness of cloud computing. However, it brings several new security concerns. Ensuring 'strong isolation' between co-localized tenants remains the most critical issue. This work aims at highlighting new attack strategies brought by the resource sharing paradigm in multi-tenant elastic IaaS Clouds in order to understand impacts of these attacks on the design of Intrusion Detection Systems in Cloud. The first part of this paper surveys the literature related to accepted vulnerabilities. Several Proofs of Concept are described and classified according to the results of the exploitation of these vulnerabilities. In the second part, we argue the existence of new attack strategies able to take advantage of the mechanisms which enable autonomic elasticity. These mechanisms are by nature sensitive to VMs resource consumption which can be easily manipulated by attacks. Finally, we give a representation of the presented vulnerabilities to engage a discussion on the limitations of pure user-centric security monitoring approaches for guaranteeing VM security.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"18 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2013.83","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

Abstract

Multi-tenancy is the core feature that enables efficiency and cost effectiveness of cloud computing. However, it brings several new security concerns. Ensuring 'strong isolation' between co-localized tenants remains the most critical issue. This work aims at highlighting new attack strategies brought by the resource sharing paradigm in multi-tenant elastic IaaS Clouds in order to understand impacts of these attacks on the design of Intrusion Detection Systems in Cloud. The first part of this paper surveys the literature related to accepted vulnerabilities. Several Proofs of Concept are described and classified according to the results of the exploitation of these vulnerabilities. In the second part, we argue the existence of new attack strategies able to take advantage of the mechanisms which enable autonomic elasticity. These mechanisms are by nature sensitive to VMs resource consumption which can be easily manipulated by attacks. Finally, we give a representation of the presented vulnerabilities to engage a discussion on the limitations of pure user-centric security monitoring approaches for guaranteeing VM security.

查看原文本刊更多论文

重新考虑共享云平台中的入侵监控需求

多租户是实现云计算效率和成本效益的核心特性。然而，它带来了几个新的安全问题。确保共同定位的租户之间的“强隔离”仍然是最关键的问题。本文旨在重点研究多租户弹性IaaS云环境中资源共享模式带来的新的攻击策略，以了解这些攻击对云环境中入侵检测系统设计的影响。本文的第一部分概述了与公认漏洞相关的文献。根据利用这些漏洞的结果，对几种概念证明进行了描述和分类。在第二部分中，我们论证了能够利用自主弹性机制的新攻击策略的存在。这些机制本质上对虚拟机的资源消耗非常敏感，容易被攻击者利用。最后，我们给出了所提出的漏洞的表示，以讨论纯以用户为中心的安全监控方法保证VM安全的局限性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2013 International Conference on Availability, Reliability and Security

自引率

0.00%

发文量