Abstract: We extensively review the literature on MITM to analyze and categories the scope of MITM attacks, considering both a reference model, such as the Open Systems Interconnection (OSI) model, as well as two specific widely used network technologies, i.e., GSM and UMTS. In particular, we classify MITM attacks based on several parameters, like location of an attacker in the network, nature of a communication channel, and impersonation techniques. Based on an impersonation techniques classification, we then provide execution steps for each MITM class. We survey existing countermeasures and discuss the comparison among them. Finally, based on our analysis, we propose a categorization of MITM prevention mechanisms, and we identify some …show more content…
In traditional data centers, where system administrators have full control over the host machines, vulnerabilities can be detected and patched by the system administrator in a centralized manner. However, patching known security holes in cloud data centers, where cloud users usually have the privilege to control software installed on their managed VMs, may not work effectively and can violate the Service Level Agreement (SLA). Furthermore, cloud users can install vulnerable software on their VMs, which essentially contributes to loopholes in cloud security. The challenge is to establish an effective vulnerability/attack detection and response system for accurately identifying attacks and minimizing the impact of security breach to cloud users. In [2], M. Armbrust et al. addressed that protecting ”Business continuity and services availability” from service outages is one of the top concerns in cloud computing systems. In a cloud system where the infras- tructure is shared by potentially millions of users, abuse and nefarious use of the shared infrastructure benefits attackers to exploit vulnerabilities of the cloud and use its resource to deploy attacks in more efficient ways [3]. Such attacks are more effective in the cloud environment
The security concerns for IaaS and PaaS models are described collectively because of their reliance over each other. The attacks on these two layers are of three types: attacks on the cloud services, attacks on virtualization and attacks on utility computing. Hardware virtualization, software virtualization, cloud software, utilitycomputing and Service Level Agreement (SLA) are considered some of the common security concerns for IaaS and PaaS.
Organizations use the Cloud in a variety of different service models (SaaS, PaaS, IaaS) and deployment models (Private, Public, Hybrid). There are a number of security issues/concerns associated with cloud computing but these issues fall into two broad categories: Security issues faced by cloud providers (organizations providing software-, platform-, or infrastructure-as-a-service via the cloud) and security issues faced by their customers.In most cases, the provider must ensure that their infrastructure is secure and that their clients’ data and applications are protected while the customer must ensure that the provider has taken the proper security measures to protect their information.
While there have been some high-profile cloud-based outages, in many cases, cloud-based services are more reliable, affordable, and secure than on-site data centers. A cloud provider has the expertise and resources to build a more secure, resilient, and reliable data center than a typical small- or medium-sized business. For example, InfoSystems offers production-ready cloud solutions with a baseline Tier 3 data center, a higher-level SLA than large-scale providers, and a hands-on approach to cloud migration.
The high regard to cloud computing is on the rise due to its ability to improve flexibility, expand access to data, and lower costs. Cloud computing discharges organizations from requiring their hardware and software infrastructure to be acquired and maintained (Leavitt et al., 2009). On the other hand, while there is much noise being made about the benefits of cloud computing, questions have been brought up with respect to whether cloud computing is safe especially when it comes to its privacy, security, and reliability. The purpose of this paper is to discuss the different general controls and audit approaches for software and architecture, cloud computing, service-oriented architecture, and virtualization. This paper gives a summary analysis of the recent research that is available. Additionally, risks and vulnerabilities associated with public clouds, private clouds, and hybrids have also been researched. Within the research conducted, there are important examples provided. Recommendations are shown on how organizations could implement and mitigate these risks and vulnerabilities. This paper even outlines a list of IT audit tasks that focuses on a cloud computing environment due to the results of the analysis, the risks and vulnerabilities, and the mitigation controls.
Traditionally, IT (Information Technology) security focused on securing the IT assets within the organization’s IT framework. However, with the advent of smart mobile devices, cloud computing, and remote connectivity, the IT landscape has changed dramatically in the last few decades. With these changes, the frequency of attacks by cyber criminals has increased as well. We constantly hear news reports of large-scale cyber attacks targeting financial, government and healthcare organizations. Moreover, the type of attacks have evolved to become more sophisticated and untraceable, making it difficult for security analysts to keep up with the every changing technological demands to successful prevent, analyze and thwart security attacks. This has now led many security experts to believe that having an effective defense mechanism in place is a much viable option than to be reactive to threats. This also makes sense from a business perspective. Companies want their IT investments to further their business goals and not to be constrained too much by focusing heavily on IT security, which could potentially lead to an increase in operational costs to tackle security issues.
security risk management and solutions within cloud computing should be studied very well and in wide range to address these
Over the past several years the term cloud computing has become common in homes and organizations alike. Cloud computing can be defined as a pooled set of computing resources that are furnished via the internet. There are three types of cloud services typically available, these services are Platform as a Service (PaaS), Infrastructure as a Service (IaaS), and Software as a Service (SaaS). Organizations can benefit greatly from cloud services because they eliminate the need to buy and manage physical resources. Although such an action cuts cost it leaves organization victim to the vulnerabilities and threats that exist in cloud computing. Throughout this paper I will discuss the vulnerabilities and threats that come
Threats to data center systems have never been higher. In 2016, more than 4.2 billion records were exposed through data breaches. The threat landscape has
at the innermost implementation layer, there is infrastructure-as-a-service (IaaS) model which is extended to form the platform-as-a-service (PaaS) layer by adding OS and middle¬ware support. PaaS further by applications on data, content, and meta¬data using special APIsis created to extends to the software-as-a-service (SaaS) model. all protection functions at all levels are being demanded by SaaS. At the other extreme, IaaS demands protec¬tion mainly at the networking, trusted com¬puting, and compute/storage levels, whereas PaaS embodies the IaaS support plus additional protection at the resource-management level.
According to [3], there are so many security risks of the user of the cloud computing services, for handling these hazards the possible types of attacks must be categorized so that the solution of that can be found [4]. The author has proposed the idea of attacks possible in the cloud computing. The organizations are providing cloud services according to the cloud computing categorization. The cloud computing is still not matured in terms of security, and most of the researchers in published literature focused on security and new categorization of the attack surface. The paper focused on the initial attacks and hacking efforts linked to cloud computing organizations and their systems. In the cloud computing, there are three different contributor classes as a user, the cloud, and service. In cloud computing, two contributors must involve in the communication. The attacks can be launched on any of these three contributors during communication. The contributor classes must be secured with a security interface or a channel between the communicating parties, which depends on the service model that the cloud have like IaaS, PaaS, and SaaS.
For example, Facebook and Google docs are system that store data in the cloud (Demir 2012, 31), and users do not have total control or knowledge of where or how long time the data is stored. The second category of risk, tradition security threats, is the one that most of systems are subjected and in cloud system have their consequence in a larger amount of users (Marinescu 2013, p. 274). Generally, tradition security threats are related to disorder in the system integrity that can occur through intentional attacks, such as phishing, SQL insertion, and cross-site scripting (NIST 2012; Marinescu 2013, p. 274). One example of this type of attack is the one that occurred in Akamai on 2004 that affected google, yahoo and other major companies (Marinescu 2013, p. 15). The last classification of risk, system availability, can be caused by unexpected events as system failures and power outages; for instance, the interruption of Amazon servers in 2009 that was caused by a lightning (Marinescu 2013, p. 15). Cloud systems are vulnerable to a series of different risks and a trustable system should be capable to avoid and rapidly recover from this failures.
Today, cyber threats are becoming progressively more sophisticated, and attackers are harder to detect. What was once a seemingly straight forward safeguard using antivirus, antispam, and firewalls, has now grown into insidious and continuous system attacks. Within any enterprise, data is the forefront of its commercial capital, and any loss, reputation, or breach can result in catastrophic budgetary overhead. Organizations oftentimes ponder over lucrative security investments, sadly these aren’t the result of proactive but reactive measures. Attackers are fiercely penetrating enterprise networks, infrastructures, computers, and physical systems.
tion. Therefore, Man-In-The-Middle (MITM) attacks that need to target specic IP address(es) and other types of attacks against node 's privacy can occur. In this paper a new version of MTM6D (MTM6D II) is presented to resolve the above shortcomings. Further- more, a suggestion is proposed to prevent black hole at- tacks, as a part of DoS attacks (in which a compromised router on the path between two hosts discards packets instead of forwarding them) and bandwidth depletion DDoS attacks (that only need the subnet ID instead of the exact IPv6 address of a target).
We assume that the public cloud infrastructure provides proper security and data backup solutions with a Service Level Agreement (SLA) and mechanisms to fairly share its virtual resources among all its running VMs. The last few years have witnessed the emergence of cloud computing as a rapid, limitlessly scalable, and cost-efficient alternative in contrast to the in-house data centers. The IaaS model delegates more control to the customers over the provisioned resources. Hosting Internet applications in the IaaS environment is an efficient way to start a new and a sustainable business that expands the IT infrastructure gradually with the business growth.
The paper ‘Log file 's centralization to improve cloud security’ proposes a centralized, secure and comprehensive architecture for log-based analysis for cloud computing platform [3]. It suggests the use of logs generated by cloud due to different activities performed, defining the policies of which log file should be kept and which files must be transferred, and reporting of the attacks and threats and attacks based on the analysis of these logs. Algorithms like map-reduce are applied which can report about the patterns which can lead to attacks based on comparison with the stored values. Updating the policies based on the new findings during the analysis of the logs files.