Cloud Computing: Insider Attacks on Virtual Machines during Migration

2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications Pub Date : 2013-07-16 DOI:10.1109/TrustCom.2013.62

Adrian J. Duncan, S. Creese, M. Goldsmith, J. Quinton

{"title":"Cloud Computing: Insider Attacks on Virtual Machines during Migration","authors":"Adrian J. Duncan, S. Creese, M. Goldsmith, J. Quinton","doi":"10.1109/TrustCom.2013.62","DOIUrl":null,"url":null,"abstract":"The use of Virtual Machines (VMs) and Infrastructure-as-a-Service (IaaS) has risen dramatically and, according to Gartner, is set to continue rising with a compound annual growth rate predicted to be 41.7% over the four years to 2016. By using Cloud providers, organisations are reducing their capital expenditure on hardware, software and support, however, these same organisations are putting a great deal of trust in the provider offering a safe and secure platform for their data and resources. One of the biggest benefits of IaaS to the customer is the rapid elasticity of their provision. This elasticity can require relocation of a VM from one physical machine and / or one hypervisor to another. Whilst such migration is transparent and potentially seamless, it may also introduce vulnerability. We explore here the potential for a malicious insider to exploit vulnerabilities associated with mobile VMs to obtain large volumes of cloud-user data, and consider the possibility of detecting such attacks using current digital forensics and systems administration techniques.","PeriodicalId":206739,"journal":{"name":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"31","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TrustCom.2013.62","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 31

Abstract

The use of Virtual Machines (VMs) and Infrastructure-as-a-Service (IaaS) has risen dramatically and, according to Gartner, is set to continue rising with a compound annual growth rate predicted to be 41.7% over the four years to 2016. By using Cloud providers, organisations are reducing their capital expenditure on hardware, software and support, however, these same organisations are putting a great deal of trust in the provider offering a safe and secure platform for their data and resources. One of the biggest benefits of IaaS to the customer is the rapid elasticity of their provision. This elasticity can require relocation of a VM from one physical machine and / or one hypervisor to another. Whilst such migration is transparent and potentially seamless, it may also introduce vulnerability. We explore here the potential for a malicious insider to exploit vulnerabilities associated with mobile VMs to obtain large volumes of cloud-user data, and consider the possibility of detecting such attacks using current digital forensics and systems administration techniques.

查看原文本刊更多论文

云计算:虚拟机迁移过程中的内部攻击

虚拟机(vm)和基础设施即服务(IaaS)的使用急剧增加，据高德纳公司(Gartner)称，到2016年，这两种服务的复合年增长率将继续上升，预计在四年内将达到41.7%。通过使用云提供商，企业减少了在硬件、软件和支持方面的资本支出，然而，这些企业对提供安全可靠的数据和资源平台的提供商给予了极大的信任。IaaS对客户的最大好处之一是其供应的快速弹性。这种弹性可能需要将VM从一台物理机器和/或一个管理程序重新定位到另一个管理程序。虽然这种迁移是透明的，并且可能是无缝的，但它也可能引入漏洞。我们在这里探讨了恶意内部人员利用与移动虚拟机相关的漏洞获取大量云用户数据的可能性，并考虑了使用当前数字取证和系统管理技术检测此类攻击的可能性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications

自引率

0.00%

发文量