Logging Solutions to Mitigate Risks Associated with Threats in Infrastructure as a Service Cloud

Cloud computing offers computational resources such as processing, networking, and storage to customers. However, the cloud also brings with it security concerns which affect both cloud consumers and providers. The Cloud Security Alliance (CSA) define the security concerns as the seven main threats. This paper investigates how threat number one (malicious activities performed in consumers' virtual machines/VMs) can affect the security of both consumers and providers. It proposes logging solutions to mitigate risks associated with this threat. We systematically design and implement a prototype of the proposed logging solutions in an IaaS to record the history of customer VM's files. The proposed system can be modified in order to record VMs' process behaviour log files. These log files can assist in identifying malicious activities (spamming) performed in the VMs as an example of how the proposed solutions benefits the provider side. The proposed system can record the log files while having a smaller trusted computing base compared to previous work. Thus, the logging solutions in this paper can assist in mitigating risks associated with the CSA threats to benefit consumers and providers.

[1]  Kevin R. B. Butler,et al.  Detecting co-residency with active traffic analysis techniques , 2012, CCSW '12.

[2]  Steven Hand,et al.  Improving Xen security through disaggregation , 2008, VEE '08.

[3]  Markus Jakobsson,et al.  Controlling data in the cloud: outsourcing computation without outsourcing control , 2009, CCSW '09.

[4]  Antonio Pescapè,et al.  Cloud monitoring: Definitions, issues and future directions , 2012, 2012 IEEE 1st International Conference on Cloud Networking (CLOUDNET).

[5]  Scott Hazelhurst,et al.  Scientific computing using virtual high-performance computing: a case study using the Amazon elastic computing cloud , 2008, SAICSIT '08.

[6]  Marc Chiarini,et al.  Collecting Provenance via the Xen Hypervisor , 2011, TaPP.

[7]  Thomas Gross,et al.  Defense-in-Depth Against Malicious Insiders in the Cloud , 2013, 2013 IEEE International Conference on Cloud Engineering (IC2E).

[8]  Bu-Sung Lee,et al.  TrustCloud: A Framework for Accountability and Trust in Cloud Computing , 2011, 2011 IEEE World Congress on Services.

[9]  David Chisnall,et al.  The Definitive Guide to the Xen Hypervisor , 2007 .

[10]  Chris Clifton,et al.  Anonymous Search Histories Featuring Personalized Advertisement - Balancing Privacy with Economic Interests , 2011, Trans. Data Priv..

[11]  Michael K. Reiter,et al.  Cross-VM side channels and their use to extract private keys , 2012, CCS.

[12]  Wenke Lee,et al.  Secure and Flexible Monitoring of Virtual Machines , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[13]  Andreas Haeberlen,et al.  Accountable Virtual Machines , 2010, OSDI.

[14]  Aad P. A. van Moorsel,et al.  A Generic Logging Template for Infrastructure as a Service Cloud , 2013, 2013 27th International Conference on Advanced Information Networking and Applications Workshops.

[15]  Paul S. Wooley Identifying Cloud Computing Security Risks , 2011 .

[16]  Muttukrishnan Rajarajan,et al.  A survey on security issues and solutions at different layers of Cloud computing , 2012, The Journal of Supercomputing.

[17]  Bu-Sung Lee,et al.  Flogger: A File-Centric Logger for Monitoring File Access and Transfers within Cloud Computing Environments , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.

[18]  Paul Watson,et al.  Cloud Computing for e-Science with CARMEN , 2008 .

[19]  Brendan Dolan-Gavitt,et al.  Leveraging Forensic Tools for Virtual Machine Introspection , 2011 .

[20]  Yuqiong Sun,et al.  Cloud Verifier: Verifiable Auditing Service for IaaS Clouds , 2013, 2013 IEEE Ninth World Congress on Services.

[21]  H. Howie Huang,et al.  VMGuard: An Integrity Monitoring System for Management Virtual Machines , 2010, 2010 IEEE 16th International Conference on Parallel and Distributed Systems.

[22]  Syed M. Rahman,et al.  An Overview of the Security Concerns in Enterprise Cloud Computing , 2011, ArXiv.

[23]  Michael K. Reiter,et al.  Reducing the trusted computing base for applications on commodity systems , 2009 .

[24]  Miguel Correia,et al.  Lucy in the sky without diamonds: Stealing confidential data in the cloud , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[25]  Akinori Yonezawa,et al.  Control of system calls from outside of virtual machines , 2008, SAC '08.

[26]  Jonathan M. Spring,et al.  Monitoring Cloud Computing by Layer, Part 1 , 2011, IEEE Security & Privacy.

[27]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[28]  Andreas Haeberlen,et al.  A case for the accountable cloud , 2010, OPSR.

[29]  Bu Sung Lee,et al.  From system-centric to data-centric logging - Accountability, trust & security in cloud computing , 2011, 2011 Defense Science Research Conference and Expo (DSR).

[30]  Christoph Meinel,et al.  Infrastructure as a service security: Challenges and solutions , 2010, 2010 The 7th International Conference on Informatics and Systems (INFOS).