Classifying malware attacks in IaaS cloud environments

In the last few years, research has been motivated to provide a categorization and classification of security concerns accompanying the growing adaptation of Infrastructure as a Service (IaaS) clouds. Studies have been motivated by the risks, threats and vulnerabilities imposed by the components within the environment and have provided general classifications of related attacks, as well as the respective detection and mitigation mechanisms. Virtual Machine Introspection (VMI) has been proven to be an effective tool for malware detection and analysis in virtualized environments. In this paper, we classify attacks in IaaS cloud that can be investigated using VMI-based mechanisms. This infers a special focus on attacks that directly involve Virtual Machines (VMs) deployed in an IaaS cloud. Our classification methodology takes into consideration the source, target, and direction of the attacks. As each actor in a cloud environment can be both source and target of attacks, the classification provides any cloud actor the necessary knowledge of the different attacks by which it can threaten or be threatened, and consequently deploy adapted VMI-based monitoring architectures. To highlight the relevance of attacks, we provide a statistical analysis of the reported vulnerabilities exploited by the classified attacks and their financial impact on actual business processes

Gestión de Seguridad en Virtualización de Servidores

This project focuses on the field of Security in Virtual Servers in the Cloud environments. Specifically, the security at the IaaS is studied. The specific case related to minimization of risks when allocating new virtual machines into physical machines is studied. The case of how a vulnerable virtual machine that is allocated in a physical server can compromise the neighboring virtual machines and even the physical server is explained. In this study a new method for quantifying the security risk of virtual machines is proposed. This parameter helps in the decision-making task for choosing the physical server to install the new virtual server in order to maximize the security. A security good practice guide focusing on Virtual Server Security is provided in this document.  Este proyecto se centra en el campo de la seguridad en Servidores Virtuales en los entornos Cloud. En concreto, se estudia la seguridad a Infraestructura como Servicio (IaaS). Se estudia el caso específico de la minimización del riesgo relacionado a la seguridad al instalar máquinas virtuales en servidores físicos. Se analiza y describe como una máquina virtual vulnerable, puede comprometer a las otras máquinas virtuales vecinas e inclusive al servidor físico. En este estudio se propone un nuevo método para cuantificar el riesgo de seguridad para las máquinas virtuales. Los resultados arrojados por este método son tomados en cuenta para decidir la ubicación de un nuevo servidor virtual en un servidor físico con el fin de maximizar la seguridad. En este documento se proporciona una guía de buenas prácticas de seguridad centrada en la seguridad del servidor virtual. &nbsp

A Taxonomy of Virtualization Security Issues in Cloud Computing Environments

Objectives: To identify the main challenges and security issues of virtualization in cloud computing environments. It reviews the alleviation techniques for improving the security of cloud virtualization systems. Methods/ Statistical Analysis: Virtualization is a fundamental technology for cloud computing, and for this reason, any cloud vulnerabilities and threats affect virtualization. In this study, the systematic literature review is performed to find out the vulnerabilities and risks of virtualization in cloud computing and to identify threats, and attacks result from those vulnerabilities. Furthermore, we discover and analyze the effective mitigation techniques that are used to protect, secure, and manage virtualization environments. Findings: Thirty vulnerabilities are identified, explained, and classified into six proposed classes. Furthermore, fifteen main virtualization threats and attacks ar defined according to exploited vulnerabilities in a cloud environment. Application/Improvements: A set of common mitigation solutions are recognized and discovered to alleviate the virtualization security risks. These reviewed techniques are analyzed and evaluated according to five specified security criteria

Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era

The Internet of Things (IoT) is rapidly changing our society to a world where every "thing" is connected to the Internet, making computing pervasive like never before. This tsunami of connectivity and data collection relies more and more on the Cloud, where data analytics and intelligence actually reside. Cloud computing has indeed revolutionized the way computational resources and services can be used and accessed, implementing the concept of utility computing whose advantages are undeniable for every business. However, despite the benefits in terms of flexibility, economic savings, and support of new services, its widespread adoption is hindered by the security issues arising with its usage. From a security perspective, the technological revolution introduced by IoT and Cloud computing can represent a disaster, as each object might become inherently remotely hackable and, as a consequence, controllable by malicious actors. While the literature mostly focuses on security of IoT and Cloud computing as separate entities, in this article we provide an up-to-date and well-structured survey of the security issues of Cloud computing in the IoT era. We give a clear picture of where security issues occur and what their potential impact is. As a result, we claim that it is not enough to secure IoT devices, as cyber-storms come from Clouds

Cyber-storms come from clouds:Security of cloud computing in the IoT era

The Internet of Things (IoT) is rapidly changing our society to a world where every “thing” is connected to the Internet, making computing pervasive like never before. This tsunami of connectivity and data collection relies more and more on the Cloud, where data analytics and intelligence actually reside. Cloud computing has indeed revolutionized the way computational resources and services can be used and accessed, implementing the concept of utility computing whose advantages are undeniable for every business. However, despite the benefits in terms of flexibility, economic savings, and support of new services, its widespread adoption is hindered by the security issues arising with its usage. From a security perspective, the technological revolution introduced by IoT and Cloud computing can represent a disaster, as each object might become inherently remotely hackable and, as a consequence, controllable by malicious actors. While the literature mostly focuses on the security of IoT and Cloud computing as separate entities, in this article we provide an up-to-date and well-structured survey of the security issues of cloud computing in the IoT era. We give a clear picture of where security issues occur and what their potential impact is. As a result, we claim that it is not enough to secure IoT devices, as cyber-storms come from Clouds

An Acceptable Cloud Computing Model for Public Sectors

Cloud computing enables information technology (IT) leaders to shift from passive business support to active value creators. However, social economic-communication barriers inhibit individual users from strategic use of the cloud. Grounded in the theory of technology acceptance, the purpose of this multiple case study was to explore strategies IT leaders in public sector organizations implement to utilize cloud computing. The participants included nine IT leaders from public sector organizations in Texas, USA. Data were collected using semi-structured interviews, field notes, and publicly available artifacts documents. Data were analyzed using thematic analysis: five themes emerged (a) user-centric and data-driven cloud model; (b) multi-cloud, (c) visibility, (d) integrations, and (e) innovation and agility due to cloud. A key recommendation is for IT leaders to strategize for individual user behavior through the top-down approach. The implications for positive social change include the potential to improve civic services, civic engagement, collaborations between the public and government, policymaking, and added socioeconomic value

Automating SLA enforcement in the cloud computing

Cloud computing is playing an increasingly important role, not only by facilitating digital trading platforms but also by transforming conventional services from client-server models to cloud computing. This domain has given the global economic and technological benefits, it offers to both the service providers and service subscribers. Digital marketplaces are no longer limited only to trade tangible commodities but also facilitates enormous service virtualization across various industries. Software as a Service (SaaS) being the largest service segment, dominates the global cloud migration. Infrastructure as a Service (IaaS) and cloud-based application development also known as Platform as a Service (PaaS) are also next-generation computing platforms for their ultimate futuristic demand by both, public and private sector. These service segments are now hosted on cloud platforms to compute, store, and network, an enormous amount of service requests, which process data incredibly fast and economically. Organizations also perform data analytics and other similar computing amenities to manage their business without maintaining on-premise computing infrastructures which are hard to maintain. This computing capability has extensively improved the popularity and increased the demand for cloud services to an extent, that businesses worldwide are heavily migrating their computing resources to these platforms. Diverse cloud service providers take the responsibility of provisioning such cloud-based services for subscribers. In return, a certain subscription fee is charged to them periodically and depending upon the service package, availability and security. On the flip side, such intensive technology shift and outsourcing reliance have also introduced scenarios that any failure on their part leads to serious consequences to the business community at large. In recent years technology industry has observed critical and increased service outages at various cloud service providers(CSP) such as Amazon AWS, Microsoft, Google, which ultimately interrupts the entire supply chain and causes several well-known web services to be taken offline either due to a human error, failed change control implementation or in more recently due to targeted cyber-attacks like DDoS. These web-based solutions such as compute, storage, network or other similar services are provisioned to cloud service subscribers (CSS) platforms. Regardless of a cloud service deployment, a legal binding such as a Service Level Agreement (SLA) is signed between the CSP and CSS. The SLA holds a service scope and guarantees in case of failure. There are probabilities where these SLA may be violated, revoked, or dishonoured by either party, mostly the CSP. An SLA violation along with an unsettled dispute leads to some financial losses for the service subscribers or perhaps cost them their business reputation. Eventually, the subscriber may request some form of compensation from the provider such as a service credit or a refund. In either case, the burden of proof lies with the subscribers, who have to capture and preserve those data or forensically sound system or service logs, supporting their claims. Most of the time, this is manually processed, which is both expensive and time-consuming. To address this problem, this research first analyses the gaps in existing arrangements. It then suggests automation of SLA enforcement within cloud environments and identifies the main properties of a solution to the problem covering various other avenues associated with the other operating environments. This research then subsequently proposes architectures, based on the concept of fair exchange, and shows that how intelligently the approach enforces cloud SLA using various techniques. Furthermore, by extending the research scope covering two key scenarios (a) when participants are loss averse and (b) when interacting participants can act maliciously. Our proposed architectures present robust schemes by enforcing the suggested solutions which are effective, efficient, and most importantly resilient to modern-day security and privacy challenges. The uniqueness of our research is that it does not only ensure the fairness aspect of digital trading but it also extends and logically implements a dual security layer throughout the service exchange. Using this approach protects business participants by securely automating the dispute resolutions in a more resilient fashion. It also shields their data privacy and security from diverse cyber challenges and other operational failures. These architectures are capable of imposing state-of-the-art defences through integrated secure modules along with full encryption schemes, mitigating security gaps previously not dealt with, based upon fair exchange protocols. The Protocol also accomplishes achieving service exchange scenarios either with or without dispute resolution. Finally, our proposed architectures are automated and interact with hardcoded procedures and verifications mechanism using a variant of trusted third parties and trusted authorities, which makes it difficult to cause potential disagreements and misbehaviours during a cloud-based service exchange by enforcing SLA