Abstract:
Enterprises continuously seek innovative approaches to reduce operational
computing costs while getting the most from their resources. Cloud Comput-
ing infrastructures are the latest technological advancement with the potential
to maximize resource utilization while reducing costs.
The new paradigm of Cloud Computing possesses severe security risks to
its adopters due to the distributed nature of Cloud Computing environments
which make them a rich target for malicious individuals. Cloud infrastructure
commonly relies on virtualization. The virtualization techniques used in Cloud
possess numerous security threats and attacks. In order to cope with these
risks, appropriate taxonomies and classi cation criteria for attacks on Cloud
Computing are required. On the other hand Cloud Consumers runs numerous
applications/scripts in order to complete their computing tasks. Most of them
are too complex and complicated to trust. Even with access to the source code,
it is di cult to reason about the security of these applications. They might
harbor malicious code such as computer viruses, worms, bots, Trojan horses
and spyware or contain bugs that are exploitable by carefully crafted input.
It is essential that instead of just relying on conventional defense techniques,
the next generation of system software must be designed from the ground-up
to provide stronger isolation of services running on computer systems.
To address the above described security threats to Cloud Instances, we
propose an architecture for con ned execution environment to test untrusted
applications/scripts inside Cloud Instances. Modern day security researchers
consider malware sandbox analysis is as one of the promising approaches for
exploring malware. But most of the previous proposed solutions have various
security vulnerabilities due to the way of they have been implemented and
the technologies that have been used in the implementation. The proposed
architecture and proof-of-concept implementation address all the discovered
drawbacks of previously presented sandbox solutions. We monitor all the sys-
tem calls that are executed by the adversary to con ne the adversary and limit
the damage an attacker can cause to the Cloud Instance.
The research work related to the proposed sandbox architecture has been
tested through LangshaJail, which is the proof-of-concept, built for the Cloud
vii
Instances, using latest open source technologies that includes Linux as the
Operating System Environment, Linux Resource Containers (LXC) as the vir-
tualization environment and Seccomp as the system call ltering technology.
The LangshaJail system was tested for compliance to Cloud Computing secu-
rity objectives and adherence to performance criteria in order to validate the
design approaches and implementation mechanisms used in the research.
Further as a part of the this thesis we present a taxonomy based on the
notion of attack surfaces of virtualization for Infrastructure-as-a-Service-based
Cloud o erings, thus making them more concrete and improving their analysis.
The presented taxonomy specially addresses attacks based on residues of Cloud
Instances. These residue based attacks are new venues for attackers that have
previously not been addressed.