Visible to the public Biblio

Filters: Keyword is cloud vulnerabilities  [Clear All Filters]
2020-08-28
Mishra, Narendra, Singh, R K.  2019.  Taxonomy Analysis of Cloud Computing Vulnerabilities through Attack Vector, CVSS and Complexity Parameter. 2019 International Conference on Issues and Challenges in Intelligent Computing Techniques (ICICT). 1:1—8.

The world is witnessing an exceptional expansion in the cloud enabled services which is further growing day by day due to advancement & requirement of technology. However, the identification of vulnerabilities & its exploitation in the cloud computing will always be the major challenge and concern for any cloud computing system. To understand the challenges and its consequences and further provide mitigation techniques for the vulnerabilities, the identification of cloud specific vulnerabilities needs to be examined first and after identification of vulnerabilities a detailed taxonomy must be positioned. In this paper several cloud specific identified vulnerabilities have been studied which is listed by the NVD, ENISA CSA etc accordingly a unified taxonomy for security vulnerabilities has been prepared. In this paper we proposed a comprehensive taxonomy for cloud specific vulnerabilities on the basis of several parameters like attack vector, CVSS score, complexity etc which will be further act as input for the analysis and mitigation of cloud vulnerabilities. Scheming of Taxonomy of vulnerabilities is an effective way for cloud administrators, cloud mangers, cloud consumers and other stakeholders for identifying, understanding and addressing security risks.

2017-12-28
Ouffoué, G., Ortiz, A. M., Cavalli, A. R., Mallouli, W., Domingo-Ferrer, J., Sánchez, D., Zaidi, F..  2016.  Intrusion Detection and Attack Tolerance for Cloud Environments: The CLARUS Approach. 2016 IEEE 36th International Conference on Distributed Computing Systems Workshops (ICDCSW). :61–66.

The cloud has become an established and widespread paradigm. This success is due to the gain of flexibility and savings provided by this technology. However, the main obstacle to full cloud adoption is security. The cloud, as many other systems taking advantage of the Internet, is also facing threats that compromise data confidentiality and availability. In addition, new cloud-specific attacks have emerged and current intrusion detection and prevention mechanisms are not enough to protect the complex infrastructure of the cloud from these vulnerabilities. Furthermore, one of the promises of the cloud is the Quality of Service (QoS) by continuous delivery, which must be ensured even in case of intrusion. This work presents an overview of the main cloud vulnerabilities, along with the solutions proposed in the context of the H2020 CLARUS project in terms of monitoring techniques for intrusion detection and prevention, including attack-tolerance mechanisms.