About being the Tortoise or the Hare? - A Position Paper on Making Cloud Applications too Fast and Furious for Attackers

Nane Kratzke

Abstract

Cloud applications expose - beside service endpoints - also potential or actual vulnerabilities. And attackers have several advantages on their side. They can select the weapons, the point of time and the point of attack. Very often cloud application security engineering efforts focus to harden the fortress walls but seldom assume that attacks may be successful. So, cloud applications rely on their defensive walls but seldom attack intruders actively. Biological systems are different. They accept that defensive "walls" can be breached at several layers and therefore make use of an active and adaptive defense system to attack potential intruders - an immune system. This position paper proposes such an immune system inspired approach to ensure that even undetected intruders can be purged out of cloud applications. This makes it much harder for intruders to maintain a presence on victim systems. Evaluation experiments with popular cloud service infrastructures (Amazon Web Services, Google Compute Engine, Azure and OpenStack) showed that this could minimize the undetected acting period of intruders down to minutes.

Download


Paper Citation


in Harvard Style

Kratzke N. (2018). About being the Tortoise or the Hare? - A Position Paper on Making Cloud Applications too Fast and Furious for Attackers.In Proceedings of the 8th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-758-295-0, pages 465-472. DOI: 10.5220/0006735604650472


in Bibtex Style

@conference{closer18,
author={Nane Kratzke},
title={About being the Tortoise or the Hare? - A Position Paper on Making Cloud Applications too Fast and Furious for Attackers},
booktitle={Proceedings of the 8th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2018},
pages={465-472},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006735604650472},
isbn={978-989-758-295-0},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 8th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - About being the Tortoise or the Hare? - A Position Paper on Making Cloud Applications too Fast and Furious for Attackers
SN - 978-989-758-295-0
AU - Kratzke N.
PY - 2018
SP - 465
EP - 472
DO - 10.5220/0006735604650472