Cloud: A Platform to Launch Stealth Attacks

2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC) Pub Date : 2020-07-01 DOI:10.1109/COMPSAC48688.2020.00-33

Moitrayee Chatterjee, Prerit Datta, Faranak Abri, A. Namin, Keith S. Jones

{"title":"Cloud: A Platform to Launch Stealth Attacks","authors":"Moitrayee Chatterjee, Prerit Datta, Faranak Abri, A. Namin, Keith S. Jones","doi":"10.1109/COMPSAC48688.2020.00-33","DOIUrl":null,"url":null,"abstract":"Cloud computing offers users scalable platforms and low resource cost. At the same time, the off-site location of the resources of this service model makes it more vulnerable to certain types of adversarial actions. Cloud computing has not only gained major user base, but also, it has the features that attackers can leverage to remain anonymous and stealth. With convenient access to data and technology, cloud has turned into an attack platform among other utilization. This paper reports our study to show that cyber attackers heavily abuse the public cloud platforms to setup their attack environments and launch stealth attacks. The paper first reviews types of attacks launched through cloud environment. It then reports case studies through which the processes of launching cyber attacks using clouds are demonstrated. We simulated various attacks using a virtualized environment, similar to cloud platforms, to identify the possible countermeasures from a defender's perspective, and thus to provide implications for the cloud service providers.","PeriodicalId":430098,"journal":{"name":"2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/COMPSAC48688.2020.00-33","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Cloud computing offers users scalable platforms and low resource cost. At the same time, the off-site location of the resources of this service model makes it more vulnerable to certain types of adversarial actions. Cloud computing has not only gained major user base, but also, it has the features that attackers can leverage to remain anonymous and stealth. With convenient access to data and technology, cloud has turned into an attack platform among other utilization. This paper reports our study to show that cyber attackers heavily abuse the public cloud platforms to setup their attack environments and launch stealth attacks. The paper first reviews types of attacks launched through cloud environment. It then reports case studies through which the processes of launching cyber attacks using clouds are demonstrated. We simulated various attacks using a virtualized environment, similar to cloud platforms, to identify the possible countermeasures from a defender's perspective, and thus to provide implications for the cloud service providers.

查看原文本刊更多论文

云:发动隐形攻击的平台

云计算为用户提供了可扩展的平台和较低的资源成本。同时，此服务模型的资源的非站点位置使其更容易受到某些类型的对抗性操作的攻击。云计算不仅获得了大量用户，而且还具有攻击者可以利用的特性，以保持匿名和隐身。随着对数据和技术的方便访问，云已成为其他用途的攻击平台。本文报告了我们的研究，表明网络攻击者严重滥用公共云平台来设置攻击环境并发动隐形攻击。本文首先回顾了通过云环境发起的攻击类型。然后报告案例研究，通过这些案例研究演示了使用云发动网络攻击的过程。我们使用类似于云平台的虚拟化环境模拟各种攻击，从防御者的角度确定可能的对策，从而为云服务提供商提供启示。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC)

自引率

0.00%

发文量