TY - GEN

T1 - AttackDive

T2 - Diving Deep into the Cloud Ecosystem to Explore Attack Surfaces

AU - Manzoor, S.

AU - Luna, J.

AU - Suri, Neeraj

A2 - X., Liu

A2 - U., Bellur

PY - 2017/6/25

Y1 - 2017/6/25

N2 - A multitude of issues affect the broader adoption of Cloud computing, with security arguably being amongst the most significant. To address security concerns, the process of threat analysis is advocated to assess potential attacks that can undermine the security goals. However, conducting threat analysis for the Cloud is a non-Trivial task given the plethora of attack surfaces entailed in the multiple layers of the operational stack and the resource/customer interfaces. Consequently, contemporary Cloud threat analyses approaches primarily focus on specific services/layers without analyzing the malicious behaviors over the complete multi-layered Cloud ecosystem. Hence, the need is of a comprehensive Cloud threat analysis approach that can (a) analyze the spectrum of malicious behaviors stemming from the vulnerable service interactions across the multi-level operational stack, and (b) correspondingly enumerate the attack surface exploitability by varied types of attackers. We achieve such a holistic Cloud threat analysis via a novel multi-level modeling of Cloud operations to obtain a comprehensive behavioral profile of its underlying services. Our proposed approach, using Petri Nets, targets the identification of core operational states to enumerate the normal sequence of Cloud operations along with the triggers that provide the state transitions. The obtained states transition enumerate comprehensive multi-level state space baseline of 'normal' sequences and also constitutes to identify multi-level vulnerabilities not recognizable by the traditional single-level threat analysis. © 2017 IEEE.

AB - A multitude of issues affect the broader adoption of Cloud computing, with security arguably being amongst the most significant. To address security concerns, the process of threat analysis is advocated to assess potential attacks that can undermine the security goals. However, conducting threat analysis for the Cloud is a non-Trivial task given the plethora of attack surfaces entailed in the multiple layers of the operational stack and the resource/customer interfaces. Consequently, contemporary Cloud threat analyses approaches primarily focus on specific services/layers without analyzing the malicious behaviors over the complete multi-layered Cloud ecosystem. Hence, the need is of a comprehensive Cloud threat analysis approach that can (a) analyze the spectrum of malicious behaviors stemming from the vulnerable service interactions across the multi-level operational stack, and (b) correspondingly enumerate the attack surface exploitability by varied types of attackers. We achieve such a holistic Cloud threat analysis via a novel multi-level modeling of Cloud operations to obtain a comprehensive behavioral profile of its underlying services. Our proposed approach, using Petri Nets, targets the identification of core operational states to enumerate the normal sequence of Cloud operations along with the triggers that provide the state transitions. The obtained states transition enumerate comprehensive multi-level state space baseline of 'normal' sequences and also constitutes to identify multi-level vulnerabilities not recognizable by the traditional single-level threat analysis. © 2017 IEEE.

KW - Cloud security

KW - Cloud threat analysis

KW - Petri Nets

KW - Ecosystems

KW - Petri nets

KW - Behavioral profiles

KW - Cloud securities

KW - Malicious behavior

KW - Non-trivial tasks

KW - Operational state

KW - Service interaction

KW - State transitions

KW - Threat analysis

KW - Ecology

U2 - 10.1109/SCC.2017.74

DO - 10.1109/SCC.2017.74

M3 - Conference contribution/Paper

SN - 9781538620069

SP - 499

EP - 502

BT - 2017 IEEE International Conference on Services Computing (SCC)

PB - IEEE

ER -