Abstract
In the last few years, research has been motivated to provide a categorization and classification of security concerns accompanying the growing adaptation of Infrastructure as a Service (IaaS) clouds. Studies have been motivated by the risks, threats and vulnerabilities imposed by the components within the environment and have provided general classifications of related attacks, as well as the respective detection and mitigation mechanisms. Virtual Machine Introspection (VMI) has been proven to be an effective tool for malware detection and analysis in virtualized environments. In this paper, we classify attacks in IaaS cloud that can be investigated using VMI-based mechanisms. This infers a special focus on attacks that directly involve Virtual Machines (VMs) deployed in an IaaS cloud. Our classification methodology takes into consideration the source, target, and direction of the attacks. As each actor in a cloud environment can be both source and target of attacks, the classification provides any cloud actor the necessary knowledge of the different attacks by which it can threaten or be threatened, and consequently deploy adapted VMI-based monitoring architectures. To highlight the relevance of attacks, we provide a statistical analysis of the reported vulnerabilities exploited by the classified attacks and their financial impact on actual business processes.
Highlights
The cloud computing market continues to grow with spendings on public Infrastructure as a Service (IaaS) clouds having reached 38 billion U.S dollars in 2016 [1]
Our objective is to help a user of IaaS to have a general understanding of relevant security aspects and purpose of the attacks threatening his infrastructure, so that adequate Virtual Machine Introspection (VMI)-based mitigation mechanisms can be designed
Attacks characteristics Our classification focuses on attacks which directly involve Virtual Machines (VMs) as source and target
Summary
The cloud computing market continues to grow with spendings on public IaaS clouds having reached 38 billion U.S dollars in 2016 [1]. Many publications such as [3] have presented comprehensive analysis of security threats, vulnerabilities, example incidents, and countermeasures in IaaS cloud. While such reports provide a good overview on the wide range of potential problems, few publications focus in-depth on the problem of malware in the context of IaaS environments and virtualization technology. In the VMI approach, the security monitoring software is isolated from the monitored guest VMs [4] This isolation ensures both stealthiness and higher integrity of the diagnosis, which encourages practitioners to bring VMI capabilities into IaaS Cloud [5]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
