Systematic identification of threats in the cloud: A Survey

Jin Bum Hong, Armstrong Nhlabatsi, Dong Seong Kim, Alaa Hussein, Noora Fetais, Khaled M.D. Khan

Research output: Contribution to journalArticle

Abstract

When a vulnerability is discovered in a system, some key questions often asked by the security analyst are what threat(s) does it pose, what attacks may exploit it, and which parts of the system it affects. Answers to those questions provide the necessary information for the security assessment and to implement effective countermeasures. In the cloud, this problem is more challenging due to the dynamic characteristics, such as elasticity, virtualization, and migration - changing the attack surface over time. This survey explores threats to the cloud by investigating the linkages between threats, attacks and vulnerabilities, and propose a method to identify threats systematically in the cloud using the threat classifications. First, we trace vulnerabilities to threats by relating vulnerabilities-to-attacks, and then relating attacks-to-threats. We have established the traceability through an extensive literature review and synthesis that resulted in a classification of attacks in the cloud, where we use the Microsoft STRIDE threat modeling approach as a guide for relating attacks to threats. Our approach is the genesis towards a concrete method for systematically identifying potential threats to assets provisioned and managed through the cloud. We demonstrate the approach through its application using a cloud deployment case study scenario. © 2018 Elsevier B.V.
Original languageEnglish
Pages (from-to)46-69
JournalComputer Networks
Volume150
DOIs
Publication statusPublished - 26 Feb 2019

Fingerprint

Elasticity
Virtualization

Cite this

Hong, J. B., Nhlabatsi, A., Kim, D. S., Hussein, A., Fetais, N., & Khan, K. M. D. (2019). Systematic identification of threats in the cloud: A Survey. Computer Networks, 150, 46-69. https://doi.org/10.1016/j.comnet.2018.12.009
Hong, Jin Bum ; Nhlabatsi, Armstrong ; Kim, Dong Seong ; Hussein, Alaa ; Fetais, Noora ; Khan, Khaled M.D. / Systematic identification of threats in the cloud: A Survey. In: Computer Networks. 2019 ; Vol. 150. pp. 46-69.
@article{8bdaa00537d84f289bb161e821dd9a19,
title = "Systematic identification of threats in the cloud: A Survey",
abstract = "When a vulnerability is discovered in a system, some key questions often asked by the security analyst are what threat(s) does it pose, what attacks may exploit it, and which parts of the system it affects. Answers to those questions provide the necessary information for the security assessment and to implement effective countermeasures. In the cloud, this problem is more challenging due to the dynamic characteristics, such as elasticity, virtualization, and migration - changing the attack surface over time. This survey explores threats to the cloud by investigating the linkages between threats, attacks and vulnerabilities, and propose a method to identify threats systematically in the cloud using the threat classifications. First, we trace vulnerabilities to threats by relating vulnerabilities-to-attacks, and then relating attacks-to-threats. We have established the traceability through an extensive literature review and synthesis that resulted in a classification of attacks in the cloud, where we use the Microsoft STRIDE threat modeling approach as a guide for relating attacks to threats. Our approach is the genesis towards a concrete method for systematically identifying potential threats to assets provisioned and managed through the cloud. We demonstrate the approach through its application using a cloud deployment case study scenario. {\circledC} 2018 Elsevier B.V.",
author = "Hong, {Jin Bum} and Armstrong Nhlabatsi and Kim, {Dong Seong} and Alaa Hussein and Noora Fetais and Khan, {Khaled M.D.}",
year = "2019",
month = "2",
day = "26",
doi = "10.1016/j.comnet.2018.12.009",
language = "English",
volume = "150",
pages = "46--69",
journal = "Computer Networks",
issn = "0169-7552",
publisher = "Elsevier",

}

Hong, JB, Nhlabatsi, A, Kim, DS, Hussein, A, Fetais, N & Khan, KMD 2019, 'Systematic identification of threats in the cloud: A Survey' Computer Networks, vol. 150, pp. 46-69. https://doi.org/10.1016/j.comnet.2018.12.009

Systematic identification of threats in the cloud: A Survey. / Hong, Jin Bum; Nhlabatsi, Armstrong; Kim, Dong Seong; Hussein, Alaa; Fetais, Noora; Khan, Khaled M.D.

In: Computer Networks, Vol. 150, 26.02.2019, p. 46-69.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Systematic identification of threats in the cloud: A Survey

AU - Hong, Jin Bum

AU - Nhlabatsi, Armstrong

AU - Kim, Dong Seong

AU - Hussein, Alaa

AU - Fetais, Noora

AU - Khan, Khaled M.D.

PY - 2019/2/26

Y1 - 2019/2/26

N2 - When a vulnerability is discovered in a system, some key questions often asked by the security analyst are what threat(s) does it pose, what attacks may exploit it, and which parts of the system it affects. Answers to those questions provide the necessary information for the security assessment and to implement effective countermeasures. In the cloud, this problem is more challenging due to the dynamic characteristics, such as elasticity, virtualization, and migration - changing the attack surface over time. This survey explores threats to the cloud by investigating the linkages between threats, attacks and vulnerabilities, and propose a method to identify threats systematically in the cloud using the threat classifications. First, we trace vulnerabilities to threats by relating vulnerabilities-to-attacks, and then relating attacks-to-threats. We have established the traceability through an extensive literature review and synthesis that resulted in a classification of attacks in the cloud, where we use the Microsoft STRIDE threat modeling approach as a guide for relating attacks to threats. Our approach is the genesis towards a concrete method for systematically identifying potential threats to assets provisioned and managed through the cloud. We demonstrate the approach through its application using a cloud deployment case study scenario. © 2018 Elsevier B.V.

AB - When a vulnerability is discovered in a system, some key questions often asked by the security analyst are what threat(s) does it pose, what attacks may exploit it, and which parts of the system it affects. Answers to those questions provide the necessary information for the security assessment and to implement effective countermeasures. In the cloud, this problem is more challenging due to the dynamic characteristics, such as elasticity, virtualization, and migration - changing the attack surface over time. This survey explores threats to the cloud by investigating the linkages between threats, attacks and vulnerabilities, and propose a method to identify threats systematically in the cloud using the threat classifications. First, we trace vulnerabilities to threats by relating vulnerabilities-to-attacks, and then relating attacks-to-threats. We have established the traceability through an extensive literature review and synthesis that resulted in a classification of attacks in the cloud, where we use the Microsoft STRIDE threat modeling approach as a guide for relating attacks to threats. Our approach is the genesis towards a concrete method for systematically identifying potential threats to assets provisioned and managed through the cloud. We demonstrate the approach through its application using a cloud deployment case study scenario. © 2018 Elsevier B.V.

U2 - 10.1016/j.comnet.2018.12.009

DO - 10.1016/j.comnet.2018.12.009

M3 - Article

VL - 150

SP - 46

EP - 69

JO - Computer Networks

JF - Computer Networks

SN - 0169-7552

ER -