Title :
Cloud Computing: Insider Attacks on Virtual Machines during Migration
Author :
Duncan, A. ; Creese, Sadie ; Goldsmith, Michael ; Quinton, Jamie S.
Author_Institution :
Dept. of Comput. Sci., Univ. Of Oxford, Oxford, UK
Abstract :
The use of Virtual Machines (VMs) and Infrastructure-as-a-Service (IaaS) has risen dramatically and, according to Gartner, is set to continue rising with a compound annual growth rate predicted to be 41.7% over the four years to 2016. By using Cloud providers, organisations are reducing their capital expenditure on hardware, software and support, however, these same organisations are putting a great deal of trust in the provider offering a safe and secure platform for their data and resources. One of the biggest benefits of IaaS to the customer is the rapid elasticity of their provision. This elasticity can require relocation of a VM from one physical machine and / or one hypervisor to another. Whilst such migration is transparent and potentially seamless, it may also introduce vulnerability. We explore here the potential for a malicious insider to exploit vulnerabilities associated with mobile VMs to obtain large volumes of cloud-user data, and consider the possibility of detecting such attacks using current digital forensics and systems administration techniques.
Keywords :
cloud computing; invasive software; virtual machines; IaaS; cloud computing; cloud-user data; digital forensics; hypervisor; infrastructure-as-a-service; insider attacks; mobile VM; physical machine; systems administration techniques; virtual machines; Monitoring; Security; Servers; Universal Serial Bus; Vectors; Virtual machine monitors; Virtual machining; Hostile VM Capture; Insider Attack; Malicious Insider; Packet Sniffing; Unauthorised Cloning; VMWare; VMotion;
Conference_Titel :
Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on
Conference_Location :
Melbourne, VIC
DOI :
10.1109/TrustCom.2013.62
