Proactive Measures on Account Hijacking in Cloud Computing Network
DOI:
https://doi.org/10.51983/ajcst-2015.4.2.1753Keywords:
Cloud computing, cloud security, threats, attacksAbstract
The development of cloud computing services is speeding up the rate in which the organizations outsource their computational services or sell their idle computational resources. Even though migrating to the cloud remains a tempting trend from a financial perspective, there are several other aspects that must be taken into account by companies before they decide to do so. One of the most important aspect refers to security: amongst these security and trust issues, the user’s data has to be released to the cloud and thus leaves the protection sphere of the data owner. This paper focuses on various security issues arising from the usage of cloud services and especially hijacking of account/service the user of cloud computing arena. It also discusses basic proactive measures that can be taken to prevent or in other words minimize to the stealing of the user account details and services.
References
NIST Computer Security Resource Center, "Cloud Computing," http://www.csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.ppt.
Ariel Silverstone, "Cloud Computing Security," http://arielsilverstone.com/category/cloud-computingsecurity/.
Denial of Service, http://en.wikipedia.org/wiki/Denial-of-service_attack.
M. Kazim and S. Y. Zhu, "A survey on top security threats in cloud computing," IJASCSA, International Journal of Advanced Computer Science and Application, vol. 6, no. 3, 2015.
Zeus Botnet, http://en.wikipedia.org/wiki/Zeus_(trojan_horse).
Y. Cheng, Y. Du, J. Xu, and C. Yuan, "Cloud Computing and Intelligent Systems (CCIS)," 2012 IEEE 2nd International Conference on (Volume:01), Oct. 30-Nov. 1, 2012, pp. 459-465.
P. Wang, W.-H. Lin, and P.-T. Kuo, "Computing Technology and Information Management (ICCM)," 2012 8th International conference, IEEE conference, Vol.1, 24-26 April 2012, pp. 106-111.
M. D. Ernst, "Static and Dynamic Analysis: Synergy and Duality," In Proceedings of the Program Analysis for Software Tools and Engineering (PASTE 2004) Workshop, pp. 24–27, June 2004.
P. Oehlert, "Violating Assumptions with Fuzzing," IEEE Security & Privacy, pp. 58-62, March/April 2005.
T. Moore and R. Clayton, "Examining the impact of website take-down on phishing," In Anti-Phishing Working Group eCrime Researcher’s Processeslaws_blog/AWS_Security_Whitepaper Summit (APWG eCrime), pp. 1–13, ACM Press, New York, 2007.
Hypervisor, http://en.wikipedia.org/wiki/Hypervisor.
M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, "On Technical Security Issues in Cloud Computing," IEEE International Conference on cloud computing, 2009.
"Securing Microsoft’s Cloud Infrastructure," http://www.globalfoundationservices.com/security/documents/SecuringtheMSCloudMay09.pdf.
"Amazon Web Services: Overview of Security Processes," aws_blog/AWS_Security_Whitepaper2008_09.pdf.
"Amazon uses HackAlert™," http://malwareinfocom/mal_faq_hackalert.html.
ENISA, "Cloud Computing - Benefits, risks and recommendations for information security," November 09.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2015 The Research Publication
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
