大海捞针:公共云的Bot追溯服务

E. Hossny, S. Khattab, F. Omara, H. Hassan
{"title":"大海捞针:公共云的Bot追溯服务","authors":"E. Hossny, S. Khattab, F. Omara, H. Hassan","doi":"10.1109/INTELCIS.2015.7397230","DOIUrl":null,"url":null,"abstract":"Cloud computing permits customers to host their data and applications to the cloud with an interesting economic cost-benefit tradeoff. However, the low price of cloud computing resources encourages attackers to rent a bulk of their botnets on the cloud and launch their attacks from there, which makes customers worry about using cloud computing. Therefore, in this paper, we propose a Bot Traceback (BTB) service for reporting and tracing back the presence of a bot inside an IaaS cloud provider. BTB aims to identify the virtual machine on which a bot runs either inside the same provider or inside a federated provider. The BTB service has been implemented as a part of the security tools in the EASI-CLOUDS project and has been deployed online. We present the implementation details of the BTB service and its main components (the BTB reporting service and BTB detection service). The BTB detection service will start running after a BTB report is received either from the same provider or from another federated provider.","PeriodicalId":6478,"journal":{"name":"2015 IEEE Seventh International Conference on Intelligent Computing and Information Systems (ICICIS)","volume":"3 1","pages":"258-262"},"PeriodicalIF":0.0000,"publicationDate":"2015-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Finding the pin in the haystack: A Bot Traceback service for public clouds\",\"authors\":\"E. Hossny, S. Khattab, F. Omara, H. Hassan\",\"doi\":\"10.1109/INTELCIS.2015.7397230\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cloud computing permits customers to host their data and applications to the cloud with an interesting economic cost-benefit tradeoff. However, the low price of cloud computing resources encourages attackers to rent a bulk of their botnets on the cloud and launch their attacks from there, which makes customers worry about using cloud computing. Therefore, in this paper, we propose a Bot Traceback (BTB) service for reporting and tracing back the presence of a bot inside an IaaS cloud provider. BTB aims to identify the virtual machine on which a bot runs either inside the same provider or inside a federated provider. The BTB service has been implemented as a part of the security tools in the EASI-CLOUDS project and has been deployed online. We present the implementation details of the BTB service and its main components (the BTB reporting service and BTB detection service). The BTB detection service will start running after a BTB report is received either from the same provider or from another federated provider.\",\"PeriodicalId\":6478,\"journal\":{\"name\":\"2015 IEEE Seventh International Conference on Intelligent Computing and Information Systems (ICICIS)\",\"volume\":\"3 1\",\"pages\":\"258-262\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 IEEE Seventh International Conference on Intelligent Computing and Information Systems (ICICIS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/INTELCIS.2015.7397230\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE Seventh International Conference on Intelligent Computing and Information Systems (ICICIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INTELCIS.2015.7397230","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

云计算允许客户将他们的数据和应用程序托管到云中,并在经济上进行有趣的成本效益权衡。然而,云计算资源的低廉价格鼓励攻击者在云上租用大量僵尸网络,并从那里发动攻击,这使得客户对使用云计算感到担忧。因此,在本文中,我们提出了一个Bot Traceback (BTB)服务,用于报告和跟踪IaaS云提供商内部Bot的存在。BTB旨在识别机器人在其上运行的虚拟机,该虚拟机在同一提供程序内或在联合提供程序内运行。BTB服务已作为EASI-CLOUDS项目安全工具的一部分实施,并已在线部署。我们介绍了BTB服务及其主要组件(BTB报告服务和BTB检测服务)的实现细节。BTB检测服务将在从同一提供者或从另一个联合提供者接收到BTB报告后开始运行。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Finding the pin in the haystack: A Bot Traceback service for public clouds
Cloud computing permits customers to host their data and applications to the cloud with an interesting economic cost-benefit tradeoff. However, the low price of cloud computing resources encourages attackers to rent a bulk of their botnets on the cloud and launch their attacks from there, which makes customers worry about using cloud computing. Therefore, in this paper, we propose a Bot Traceback (BTB) service for reporting and tracing back the presence of a bot inside an IaaS cloud provider. BTB aims to identify the virtual machine on which a bot runs either inside the same provider or inside a federated provider. The BTB service has been implemented as a part of the security tools in the EASI-CLOUDS project and has been deployed online. We present the implementation details of the BTB service and its main components (the BTB reporting service and BTB detection service). The BTB detection service will start running after a BTB report is received either from the same provider or from another federated provider.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信