An outline of various attacks and defining ways to ensure cloud security

Abstract

The paper incorporates an outline of ways in which cloud can be secured. First of all, the concept of data wiping has been outlined. It has been understood that data wiping is vital for removing unwanted data from the system of the organizations. Following that, the significance of cloud-based providers in mitigating the DDoS attack has been highlighted as well. The hyperjacking attacks on VMs are a threat, and it has been explored in the paper. Lastly, guest-hoping attacks have been discussed in detail.

Introduction

Cloud computing mainly refers to data centers that users can get access to via the internet. The user does not have any direct engagement. The services are available on-demand, and it mainly secures computing power or data storage. In this paper, the concepts associated with cloud computing shall be explored. The local servers or any personal device is not used for handling applications. The system depends on shared resources. For instance, the data wiping process, hyperjacking attacks, and guest hoping attacks shall be defined and discussed. Each of these concepts is vital because organizations deal with huge volumes of data that requires safeguarding.

Definition and discussion on data wiping process

In the computing devices, information is stored in a manner that it can serve processing purposes. Data is vital in computing. Data mainly involves figures and facts associated with company financials and information about employees. However, wiping or cleaning often becomes a necessity because an organization must get rid of useless data. The process of data wiping must be delicately handled. The purpose of data wiping is to make data incapable of reading (Pecherle et al., 2010). Nevertheless, data is not completely removed from the system. The process mainly includes data overwriting so that the previous data seems unreadable. The data wiping process is done on a hard drive. The process ensures data protection, and the company can reuse the previous hard drive. Overwriting is done so that the old data can be protected from further damage (Wright, Kleiman & RS, 2008). The old data remains hidden behind the new data.

The process can be divided into various types. However, the most common types are single pass, seven pass, three pass overwrite, and lastly, secure erase. Each of the mentioned types is self-explanatory in nature. For instance, in the case of single pass overwrite, data should be written only once. Overwriting is regulated by HIPAA guidelines. The organization is supposed to follow the guidelines and implement the necessary changes. Data Wiping is beneficial because the technique is cost-effective, and companies can quickly get rid of unwanted data. There is no need to purchase new hard drives. Consequently, it saves the additional costs of the company.

Ways in which cloud-based solution provider reduces risks associated with DDoS attack

In case of any significant DDoS or Distributed Denial of Service Attack, the cybersecurity of the entire organization is affected. A major DDoS attack disrupts the connectivity and network services. A single system is attacked using various malware-infected systems. The cloud computing providers can provide refuge to the organizations vulnerable to a DDoS attack. Recently, WikiLeaks has taken the help of the Amazon cloud in order to secure itself from the attacks. Similar organizations can turn to cloud computing as a reaction to an attack. Cloud computing providers can be useful because it can provide additional horsepower so that the assaults can be outlived. The service providers have managed to be on the top list of organizations that are in search of a survival strategy. For instance, it reduces the risks of DDoS attacks by offering elasticity. An organization is supposed to adapt and meet the expanding needs of an ever growing IT environment. The cloud successfully eliminates worries of the organization, and it reduces the risks of information saturation. However, the solutions are often costly, and the providers themselves might be at risk because more and more applications, websites, and data are being moved to a cloud-based environment. The proxy can easily target the solution providers. DDoS mitigation works with the help of cloud-based solutions because it adequately identifies the traffic patterns within the network system. Alerting systems are used to trigger alerts. The mitigation approach works with the help of Prolexic, Verisign, and Incapsula solutions (Vines & Krutz, 2010). These solutions can analyze and detect the systems if the chances of malicious attacks are suspected.

Definition and discussion on hyperjacking attacks

Hyperjacking is a type of attack in which the hackers take control over a hypervisor. The hypervisor develops a virtual environment inside a virtual machine or VM. The purpose of hyperjacking is to attack the OS or operating system. The OS is below the VMs, and this ensures the smooth running of the attacker’s program. The malicious or, in other words, fake hypervisor is installed, and it manages the server system of the organization. It is challenging to ensure the safety of the server using common security measures because the OS is not aware of the presence of the malicious hypervisor (Kendall, 1999). In the case of hyperajacking, the hypervisor operates behind the machine and usually in a stealth mode. The operations of the firm are compromised, and it is challenging to detect the hypervisor. In case, the hacker has access to the hypervisor, everything within the system can be manipulated. The sensitive information cannot be protected, and hyperjacking means “single point of failure.”

Definition and discussion on guest hoping attacks

A guest-hopping attack mainly involves an attacker whose sole purpose is to identify two VMs or virtual machines. These VMs is expected to be hosted on a similar physical hardware (Rakotondravony et al., 2017). It is assumed that the motive of the attacker is to steal data that is available on the VMs. The hacker might be incapable of penetrating the first VM, and therefore, it tries to penetrate the second VM. Ultimately it would have access to the first VM after gaining access to the second VM. Hence, the term “guest hopping” is relevant in this case. Guest hoping is alternatively known as VM hyper jumping. The weaknesses of a hypervisor can be exploited, and the vulnerability of the VM allows the access of a malicious attacker. Other hosts or VMs are attacked in this manner, and the process is easy because the host VM is less secure and easily targeted. Spreading across a range of networks is possible as well. Usually, the attacks are most likely to occur because organizations might use older Windows versions. These are less likely to support the modern requirements and security features. Poisoned cookies, along with hardened stack, must be prevented, and prevention requires the usage of modern-day security measures. Lastly, attackers often overload switches, and it pushes data pockets out of ports. The attacks can be prevented by separating or grouping uplinks from database traffic and web-facing traffic. The organization can also use private VLANs so that original VMs can be hidden. This in turn, would allow only the guest machines to interact with the gateway. Again, it would be beneficial to use the secure and latest OS that contains up-to-date features along with security patches.

Conclusion

The paper has been written by considering the ways in which cloud can be secured. A brief discussion on a range of topics associated with cloud computing has been undertaken. At first, the data wiping process has been discussed, and the organizational benefits have been outlined. Following that, the risks associated with a DDoS attack have been stated, and ways in which cloud centric solutions can mitigate DDoS attacks have been discussed. The hyperjacking attacks in a cloud environment have been highlighted, and the necessity of securing VMs was redefined. Lastly, the guest-hoping attacks were defined, and preventive measures were discussed.

References

Pecherle, G., Győrödi, C., Győrödi, R., & Andronic, B. (2010). Data wiping system with fully automated, hidden and remote destruction capabilities. Journal WSEAS TRANSACTIONS on COMPUTERS, 9(9), 939-948.

Wright, C., Kleiman, D., & RS, S. S. (2008, December). Overwriting hard drive data: The great wiping controversy. In International Conference on Information Systems Security (pp. 243-257). Springer, Berlin, Heidelberg.

Vines, R. L. K. R. D., & Krutz, R. L. (2010). Cloud security: A comprehensive guide to secure cloud computing (pp. 35-41). Wiley Publishing, Inc.

Rakotondravony, N., Taubmann, B., Mandarawi, W., Weishäupl, E., Xu, P., Kolosnjaji, B., … & Reiser, H. P. (2017). Classifying malware attacks in IaaS cloud environments. Journal of Cloud Computing, 6(1), 26.

Kendall, K. K. R. (1999). A database of computer attacks for the evaluation of intrusion detection systems (Doctoral dissertation, Massachusetts Institute of Technology).