1,721,079 research outputs found
Security event correlation approach for cloud computing
No full textCloud computing is a new business model, which represents an opportunity for users, companies, and public organisations to reduce costs and increase efficiency, as well as an alternative way for providing services and resources. In this pay-by-use model, security plays a key role. Cyber attacks are a serious danger, which can compromise the quality of the service delivered to the customers, as well as the costs of the provided cloud resources and services. In this paper, a hybrid and hierarchical event correlation approach for intrusion detection in cloud computing is presented. It consists of detecting intrusion symptoms by collecting diverse information at several cloud architectural levels, using distributed security probes, as well as performing complex event analysis based on a complex event processing engine. The escalation process from intrusion symptoms to the identified cause and target of the intrusion is driven by a knowledge-base represented by an ontology. A prototype implementation of the proposed intrusion detection solution is also presented
Could emerging fraudulent energy consumption attacks make the cloud infrastructure costs unsustainable?
No full textCloud paradigm is vulnerable to emerging breeds of fraudulent energy-related threats, which seek to exploit the cloud elasticity and the multi-tenant model. Recently, several sophisticated attacks have been reported by the cloud customers, which induced sustained and prolonged fraudulent resource consumptions, making the cloud costs unsustainable. If properly orchestrated, such attacks can also significantly affect the cloud service providers, forcing a frequent scaling and migration of virtual machines in the cloud. Such attacks aim at exploiting the elasticity and multi-tenacity of the cloud paradigm, in order to compromise the long-term financial viability of operating in the cloud, and thus, inflicting significant energy cost and loss of reputation to the cloud provider. This paper discusses the vulnerabilities associated to such a new breed of attacks, paying special emphasis to the risks for the cloud service providers. Practical experiments and simulations have been used to demonstrate the vulnerability of the cloud resource manager against emerging energy-related threats, named Fraudulent Energy Consumption attacks. Finally, some countermeasures are also discussed
Editorial: security and reliability of critical systems
No full textEditorial: security and reliability of critical system
Calibration-less Indoor Location Systems Based on Wireless Sensors
No full textIn case of a crisis event, it is the responsibility of public and government authorities to manage the response operations. Positioning is a crucial task when managing emergency, which aims at estimating the positions of the first responders that act on the crisis site. On the other hand, the radio-based positioning solutions require a process of site survey, in which radio signatures have to be collected and stored in a radio map for further comparison and matching. Site survey involves intensive manual effort and time, which is no feasible during the crisis event. This paper proposes an approach for rapid site survey of the considered area. A specific tool has been developed to draw the site topography and to define the radio map generated by the wireless sensors located in the considered area, by using an accurate signal attenuation model. Experiment results show that the proposed solution can achieve a position accuracy that can be considered acceptable in the context of the rescuers localization even without a site survey activity
Stealthy Denial of Service Strategy in Cloud Computing
No full textThe success of the Cloud Computing paradigm is due to its on-demand, self-service, and pay-by-use nature. According to this paradigm, the effects of Denial of Service (DoS) attacks involve not only the quality of the delivered service, but also the service maintenance costs in terms of resource consumption. Specifically, the longer the detection delay is, the higher the costs to be incurred. Therefore, a particular attention has to be paid for stealthy DoS attacks. They aim at minimizing their visibility, and at the same time, they can be as harmful as the brute-force attacks. They are sophisticated attacks tailored to leverage the worst-case performance of the target system through specific periodic, pulsing, and low-rate traffic patterns. In this paper, we propose a strategy to orchestrate stealthy attack patterns, which exhibit a slowly-increasing-intensity trend designed to inflict the maximum financial cost to the cloud customer, while respecting the job size and the service arrival rate imposed by the detection mechanisms. We describe both how to apply the proposed strategy, and its effects on the target system deployed in the cloud
Introducing fraudulent energy consumption in cloud infrastructures: A new generation of denial-of-service attacks
No full textCurrently, cloud computing is the target business environment for many enterprises and government organizations. However, despite the huge potential gains that can be achieved, security represents a fundamental issue, which prevents the massive cloud adoption in mission-critical Information Technology sectors. The most common security issues are amplified in the cloud environment since new complex features, with their inherent weaknesses, enter into the problem space, particularly those associated to multitenancy and elasticity. Thus, new threats, such as the energy-related denial-of-service attacks against large-scale cloud infrastructures, may involve not only the quality of the delivered services but also their operational costs in terms of energy bill. The longer is the time necessary to identify such attacks, the heavier is the impact on the overall energy consumption and, consequently, on the associated expenses. This work presents a detailed analysis of such new sophisticated menaces, by focusing on those that are specifically tailored to originate the worst-case energy demands by leveraging properly crafted low-rate traffic patterns in order to ensure stealth operations. We present some strategies exploiting the cloud flexibility in order to increase in a fraudulent way the overall energy consumption and analyze their impact within large-scale cloud infrastructures. This should help cloud providers in understanding such weaknesses and highlighting their root causes, as well as in providing some hints on how they can counter these subtle security issues
Intrusion Tolerance as a Service: A SLA-Based Solution
No full textAmong the incredible number of challenges in Cloud Computing two of them are considered of great relevance: Service Level Agreement management and Security management. In this paper we will try to show how it is possible, using a cloud-oriented API derived from the mOSAIC project, to build up an SLA-oriented cloud application which enables the delivery of security solutions as a service. We will focus on intrusion tolerance solutions, i.e., systems which grant that a system maintain a (limited) availability even when a security attack take place
CIPRNet training lecture: Hybrid simulation of distributed large-scale critical infrastructures
No full textModern critical infrastructures represent the pivotal assets upon which the current society greatly relies to support welfare, economy, and quality of life. Nowadays, the trend is to re-organize these infrastructures by applying a System of Systems concept, where the sparse islands are progressively interconnected by means of proper middleware solutions through local or wide-area networks. The huge complexity of such systems makes the integration task among components extremely challenging. Indeed, it may introduce unexpected system behaviors, mainly affecting dependability and performance, that usually become evident only during systems operations and, in particular, in presence of stress or unexpected conditions. Additionally, as they cannot be detected earlier, these problems require complex on-site operations resulting in increased maintenance costs and overspending in terms of personnel resources. A promising way to cope with these new complex systems and to reduce maintenance costs, is to reproduce such distributed systems locally, and let them run prior to the actual execution on-site, in order to get knowledge about their real behavior and define mitigation means and improvement actions. On the other hand, the evaluation of this systems requires sophisticated modeling, simulation, and experimentation infrastructure, which needs the integration of existing simulation environments, real sub-systems, and experimental platforms, which have to interact in a coordinated way. Therefore, hybrid and distributed simulation strategies, supported by novel technologies for resources virtualization and working environment reproduction, represent the most promising way to define the needed strategies to actually support such complex paradigms [1,2]
Achieving Security by Intrusion-Tolerance Based on Event Correlation
No full textDespite the increased focus on security, complex networked systems remain vulnerable to attacks. Intrusion Tolerance is an emerging paradigm for developing systems, which continue to operate correctly, and provide acceptable services even in the face of an intrusion. The effectiveness of this approach is strongly dependent on the efficiency of the adopted detection and diagnosis mechanisms. In this work, we propose an architectural framework, which collects information at several architectural levels, using multiple security probes, which are deployed as a distributed architecture, to perform event correlation and diagnosis analysis of intrusion symptoms. The experimental results show that the use of different security information sources can improve the detection and the diagnosis of attack
Welcome Message from SecureSysCom 2016 International Workshop Organizers
No full textWelcome to the 2nd International Workshop on Security and Privacy in Systems and
Communication Networks (SecureSysCom-2016), held in conjunction with the 8th
International Conference on Intelligent Networking and Collaborative Systems (INCoS-2016),
VSB Technical University of Ostrava, Czech Republic, during 7-9 September, 2016.
Modern society witnesses a growing pervasiveness of sophisticated computer-based systems
and increasingly performance communication networks, whose influence in daily life is huge.
Complexity, heterogeneity, scale and interdependence shown by such systems are source of
potential vulnerabilities and threats.
The Workshop seeks submissions from academia and industry presenting novel research on
theoretical and practical aspects of data protection, privacy, security, and cryptography.
Papers describing new methods or technologies, advanced prototypes, systems, tools and
techniques and general survey papers indicating future directions are also encouraged
- …
