In literature, several surveys and classifications of cloud computing security issues have been presented. “ Conclusion” section summarizes our work. “ Evaluation” section presents our findings regarding the practical relevance of the identified categories and the analysis of the focus of related work. We present our classification methods in “ Threat model” section and detail each class in “namerefsect:outsideAttacksoutside of VM”, “ VM as target of attacks” and “nameref2sect:VMsourceVM asattack source” section. Section “ Related work” discusses related work on classifying security issues, vulnerabilities, or attacks in virtualized environments. Our results can be used for targeting future research to develop and enhance Security-as-a-Service offerings in public cloud environments, and to raise awareness to any party willing to get involved in a cloud scenario and use VMI-based approaches as its security mechanisms against the different existing attacks and threats. Overall, our study provides insight into the threats caused by malware against IaaS environments. Therefore, we put a particular focus on attacks which directly involve VMs. To be able to deploy effective VMI-based mechanisms for analysis, monitoring or detection, in the IaaS cloud, it is necessary to have a knowledge of existing virtualization-related attacks that can be addressed using VMI. We give an overview of attacks by which each actor can be threatened or with which it could harm other entities in the environment.
In this paper, we classify malware attacks in IaaS cloud taking into consideration their origin and target among the different actors in IaaS environments (see Fig. This isolation ensures both stealthiness and higher integrity of the diagnosis, which encourages practitioners to bring VMI capabilities into IaaS Cloud.
#RF ONLINE PRIVATE SERVER MALWARE SOFTWARE#
In the VMI approach, the security monitoring software is isolated from the monitored guest VMs. While such reports provide a good overview on the wide range of potential problems, few publications specifically focus in-depth on the problem of malware in the context of IaaS environments and virtualization technology.īesides, VMI is a set of techniques that allow for the inspection of VMs from outside the guest OS and the analysis of the running programs inside of it. Over the years, many publications such as have presented comprehensive analysis of security threats, vulnerabilities, example incidents, and countermeasures in IaaS cloud. Despite all advances in IT security in the past three decades, recent statistics also indicate the growth of malware activities, with a record number of over 140 million new malware samples detected in 2015. Virtualization technology is the key enabler for such computing infrastructure services. The cloud computing market continues to grow with spendings on public IaaS clouds having reached 38 billion U.S. To highlight the relevance of attacks, we provide a statistical analysis of the reported vulnerabilities exploited by the classified attacks and their financial impact on actual business processes. As each actor in a cloud environment can be both source and target of attacks, the classification provides any cloud actor the necessary knowledge of the different attacks by which it can threaten or be threatened, and consequently deploy adapted VMI-based monitoring architectures. Our classification methodology takes into consideration the source, target, and direction of the attacks. This infers a special focus on attacks that directly involve Virtual Machines (VMs) deployed in an IaaS cloud. In this paper, we classify attacks in IaaS cloud that can be investigated using VMI-based mechanisms. Virtual Machine Introspection (VMI) has been proven to be an effective tool for malware detection and analysis in virtualized environments. Studies have been motivated by the risks, threats and vulnerabilities imposed by the components within the environment and have provided general classifications of related attacks, as well as the respective detection and mitigation mechanisms. In the last few years, research has been motivated to provide a categorization and classification of security concerns accompanying the growing adaptation of Infrastructure as a Service (IaaS) clouds.
0 kommentar(er)
