论文信息 - A methodology for ranking cloud system vulnerabilities

A methodology for ranking cloud system vulnerabilities

Nowadays there is a high demand for security assurance within Cloud Computing world. To meet this demand, security practitioners attempt to assess security vulnerabilities that any given cloud system may have, however this task present some challenges when exposed to a complex cloud system. Different security tools have been developed to facilitate the vulnerabilities discovery process. In this paper we propose a new methodology for ranking cloud system vulnerabilities. We have designed and developed a working model. It starts with vulnerabilities discovery process from our custom cloud web application and ends up with a unified and simple view of ranked vulnerabilities mounted on each of the prioritized and generated attack paths.

[1] Jelena Mirkovic,et al. Testing a Collaborative DDoS Defense In a Red Team/Blue Team Exercise , 2008, IEEE Transactions on Computers.

[2] Jeannette M. Wing,et al. Tools for Generating and Analyzing Attack Graphs , 2003, FMCO.

[3] Sushil Jajodia,et al. An Attack Graph-Based Probabilistic Security Metric , 2008, DBSec.

[4] Dimitrios Pendarakis,et al. Security audits of multi-tier virtual infrastructures in public infrastructure clouds , 2010, CCSW '10.

[5] Karen Scarfone,et al. Common Vulnerability Scoring System , 2006, IEEE Security & Privacy.

[6] Anoop Singhal,et al. VULCAN: Vulnerability Assessment Framework for Cloud Computing , 2013, 2013 IEEE 7th International Conference on Software Security and Reliability.

[7] Jeannette M. Wing,et al. Scenario graphs and attack graphs , 2004 .

[8] Richard Lippmann,et al. GARNET: A Graphical Attack Graph and Reachability Network Evaluation Tool , 2008, VizSEC.