Abstract
Security adversaries are always constantly looking for targets to exploit. The mechanism of exploitation used by security adversaries varies significantly. Many focus on easy compromises as mere pivots to extend their attacks from these exploited systems to continue accomplishing their original goals. The cloud environment is a highly susceptible target for adversaries and provides a solid mechanism for observing adversary behavior. The sheer volume of attacks on the cloud provides insights into the attacker’s objectives and attack patterns, which can be leveraged for protecting infrastructure. This work deep dives into the practices used by adversaries on the commonly exposed protocols in the Amazon Web Services (AWS), Microsoft Azure (Azure), Google Cloud Platform (GCP), and Oracle Cloud Infrastructure (OCI) platforms. A robust honeypot model is documented that compares attacker behavior across various ports and protocols running in multiple cloud environments. This work illustrates that adversary activity is highly versatile in the public cloud environment, with an average of 700 new and unique IP addresses found attacking honeypot infrastructure daily. Further, this article illustrates the security safeguards a typical organization can leverage to mitigate the threats from these adversaries constantly probing insecure targets on the cloud platform.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
