Systematic identification of threats in the cloud: A survey

Hong, Jin B.; Nhlabatsi, Armstrong; Kim, Dong-Seong; Hussein, Alaa; Fetais, Noora; Khan, Khaled M.

doi:10.1016/j.comnet.2018.12.009

Cited by 45 publications

(25 citation statements)

References 87 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Though the above questions have not been addressed by existing studies, there have instead been varying opinions regarding effective threat modelling methods for cloud computing [6], [14], [26]- [29]. Additionally, threat modeling methods are being used in their isolated ways in threat modeling healthcare systems.…”

Section: Scope Research Problem and Contributionmentioning

confidence: 99%

“…Institutions which require temporal resources such as storage, processing and development platforms can also leverage on the capabilities of cloud computing. In addition to the lower costs, the tenants of the cloud service companies could benefit from scalability, business continuity, collaboration efficiency, flexibility and strategic values [5], [6]. Based on perceived demand for cloud-based systems, IBM and Active Health Management developed "Collaborative Care Solution" which was implemented in 2010 to support medical staff in accessing healthcare data from different sources [1].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Comparative Analysis of Threat Modeling Methods for Cloud Computing towards Healthcare Security Practice

Yeng¹,

Wolthusen²,

Yang³

2020

IJACSA

View full text Add to dashboard Cite

Healthcare organizations consist of unique activities including collaborating on patients care and emergency care. The sector also accumulates high sensitive multifaceted patients' data such as text reports, radiology images and pathological slides. The large volume of the data is often stored as Electronic Health Records (EHR) which must be frequently updated while ensuring higher percentage up-time for constant availability of patients' records. Healthcare as a critical infrastructure also needs highly skilled IT personnel, Information and Communication Technology (ICT) and infrastructure with regular maintenance culture. Fortunately, cloud computing can provide these necessary services at a lower cost. But with all thees enormous benefits of cloud computing, it is characterized with various information security issues which is not enticing to healthcare. Amid many threat modelling methods, which of them is suitable for identifying cloud related threats towards the adoption of cloud computing for healthcare? This paper compared threat modelling methods to determine their suitability for identifying and managing healthcare related threats in cloud computing. Threat modelling in pervasive computing (TMP) was identified to be suitable and can be combined with Attack Tree (AT), Attack Graph (AG) and Practical Threat Analysis (PTA) or STRIDE (spoofing, tampering, repudiation, information disclosure, denial of service and elevation of privilege). Also Attack Tree (AT) could be complemented with TMP, AG and STRIDE or PTA. Healthcare IT security professionals can hence rely on these methods in their security practices, to identify cloud related threats for healthcare. Essentially, privacy related threat modeling methods such as LINDDUN framework, need to be included in these synergy of cloud related threat modelling methods towards enhancing security and privacy for healthcare needs.

show abstract

Section: Scope Research Problem and Contributionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Comparative Analysis of Threat Modeling Methods for Cloud Computing towards Healthcare Security Practice

Yeng¹,

Wolthusen²,

Yang³

2020

IJACSA

View full text Add to dashboard Cite

show abstract

“…Some of these works, including [8][9][10][11][12][13], have offered comprehensive looks at a wide range of security and privacy issues pertaining to network, storage, infrastructure, and software aspects of the public Cloud. Other works have focused on more narrow topics and problems, including the problem of distributed denial of service (DDoS) attacks [14][15][16] and IP spoofing [17][18][19][20] in the public Cloud. Unfortunately, two commonly observed limitations of the existing studies on DDoS and IP spoofing in the public Cloud are (1) They are mostly theoretical works based on hypothetical assumptions.…”

Section: Related Literature and Significance Of This Studymentioning

confidence: 99%

IP Spoofing In and Out of the Public Cloud: From Policy to Practice

2019

View full text Add to dashboard Cite

In recent years, a trend that has been gaining particular popularity among cybercriminals is the use of public Cloud to orchestrate and launch distributed denial of service (DDoS) attacks. One of the suspected catalysts for this trend appears to be the increased tightening of regulations and controls against IP spoofing by world-wide Internet service providers (ISPs). Three main contributions of this paper are (1) For the first time in the research literature, we provide a comprehensive look at a number of possible attacks that involve the transmission of spoofed packets from or towards the virtual private servers hosted by a public Cloud provider. (2) We summarize the key findings of our research on the regulation of IP spoofing in the acceptable-use and term-of-service policies of 35 real-world Cloud providers. The findings reveal that in over 50% of cases, these policies make no explicit mention or prohibition of IP spoofing, thus failing to serve as a potential deterrent. (3) Finally, we describe the results of our experimental study on the actual practical feasibility of IP spoofing involving a select number of real-world Cloud providers. These results show that most of the tested public Cloud providers do a very good job of preventing (potential) hackers from using their virtual private servers to launch spoofed-IP campaigns on third-party targets. However, the same very own virtual private servers of these Cloud providers appear themselves vulnerable to a number of attacks that involve the use of spoofed IP packets and/or could be deployed as packet-reflectors in attacks on third party targets. We hope the paper serves as a call for awareness and action and motivates the public Cloud providers to deploy better techniques for detection and elimination of spoofed IP traffic.

show abstract

“…Cloud computing provides many beneficial factors over the traditional networks, which enhance the productivity and performance of enterprises and individuals [1], [2]. But at the same time, it faces many security challenges and threats, affecting the decisions of using the cloud computing services significantly [3]. That is, potential cloud users need to consider various security implications before migrating their data and operations to the cloud computing environment [4].…”

Section: Introductionmentioning

confidence: 99%

CloudSafe: A Tool for an Automated Security Analysis for Cloud Computing

Eom

Park

et al. 2019

2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International

Self Cite

View full text Add to dashboard Cite

Cloud computing has been adopted widely, providing on-demand computing resources to improve perfornance and reduce the operational costs. However, these new functionalities also bring new ways to exploit the cloud computing environment. To assess the security of the cloud, graphical security models can be used, such as Attack Graphs and Attack Trees. However, existing models do not consider all types of threats, and also automating the security assessment functions are difficult. In this paper, we propose a new security assessment tool for the cloud named CloudSafe, an automated security assessment for the cloud. The CloudSafe tool collates various tools and frameworks to automate the security assessment process. To demonstrate the applicability of the CloudSafe, we conducted security assessment in Amazon AWS, where our experimental results showed that we can effectively gather security information of the cloud and carry out security assessment to produce security reports. Users and cloud service providers can use the security report generated by the CloudSafe to understand the security posture of the cloud being used/provided.

show abstract

Systematic identification of threats in the cloud: A survey

Cited by 45 publications

References 87 publications

Comparative Analysis of Threat Modeling Methods for Cloud Computing towards Healthcare Security Practice

Comparative Analysis of Threat Modeling Methods for Cloud Computing towards Healthcare Security Practice

IP Spoofing In and Out of the Public Cloud: From Policy to Practice

CloudSafe: A Tool for an Automated Security Analysis for Cloud Computing

Contact Info

Product

Resources

About