Abstract
This chapter starts by discussing how cloud computing security is different from classical network security. The chapter mentions some threats and attacks that apply specifically to cloud computing. The chapter elaborates on most recent real-life attacks to cloud computing in the past few years. The chapter also explains the history of Denial of Service attacks along with other attacks.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
R. Shirey, Rfc 2828: Internet security glossary, in The Internet Society (2000), p. 13
W. Stallings, Cryptography and Network Security, 4/E (Pearson Education, Upper Saddle River, 2006)
J. Idziorek, M. Tannian, D. Jacobson, Attribution of fraudulent resource consumption in the cloud, in Proceedings of the IEEE 5th International Conference on Cloud Computing (CLOUD), 2012, pp. 99–106
M.M. Alani, Manet security: a survey, in Proceedings of the IEEE International Conference on Control System, Computing and Engineering (ICCSCE), 2014, pp. 559–564
R.V. Deshmukh, K.K. Devadkar, Understanding ddos attack & its effect in cloud environment. Procedia Comput. Sci. 49, 202–210 (2015)
M.M. Alani, Guide to OSI and TCP/IP models (Springer, Berlin, 2014)
J. Graham-Cumming, Understanding and mitigating ntp-based ddos attacks, vol. 9 (Cloudflare Inc, California, 2014)
M. Prince, Technical details behind a 400gbps ntp amplification ddos attack, vol. 13 (Cloudflare Inc, California, 2014)
N. Gruschka, M. Jensen, Attack surfaces: a taxonomy for attacks on cloud services, in Proceedings of the IEEE 3rd International Conference on Cloud Computing, 2010, pp. 276–279
Tripadvisor: E-mail addresses stolen in data breach, http://www.cnet.com/news/tripadvisor-e-mail-addresses-stolen-in-data-breach/. Accessed 27 March 2016
6 worst data breaches of 2011, http://www.darkreading.com/attacks-and-breaches/6-worst-data-breaches-of-2011/d/d-id/1102001? Accessed 29 March 2016
The sony hack what happened, how did it happen.what did we learn? http://blogs.umb.edu/itnews/2015/01/06/the-sony-hack/. Accessed 29 March 2016
Nasdaq server breach: 3 expected findings, http://www.darkreading.com/attacks-and-breaches/nasdaq-server-breach-3-expected-findings/d/d-id/1100934? Accessed 29 March 2016
J. Hong, The state of phishing attacks. Commun. ACM 55(1), 74–81 (2012)
Data breach at ieee.org: 100k plaintext passwords, http://ieeelog.dragusin.ro/init/default/log. Accessed 29 March 2016
A. Logic, Cloud security report-spring 2014, 2014
J.-M. Brook, R. Brooks, A decade of lessons learned: Transforming the enterprise for todays cloud architecture, in Proceedings of the ICCSM2015 3rd International Conference on Cloud Security and Management: ICCSM2015, Academic Conferences and publishing limited, 2015, p. 16
Salesforce accounts susceptible to hijacking using xss flaw, https://www.elastica.net/salesforce-accounts-susceptible-to-hijacking-using-xss-flaw. Accessed 21 March 2016
M.S. Inci, B. Gulmezoglu, G. Irazoqui, T. Eisenbarth, B. Sunar, Seriously, get off my cloud! cross-vm rsa key recovery in a public cloud (Technical report, IACR Cryptology ePrint Archive, 2015)
N. Aviram, S. Schinzel, J. Somorovsky, N. Heninger, M. Dankel, J. Steube, L. Valenta, D. Adrian, J.A. Halderman, V. Dukhovni et al., Drown: Breaking tls using sslv2
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2016 The Author(s)
About this chapter
Cite this chapter
Alani, M.M. (2016). About Cloud Security. In: Elements of Cloud Computing Security. SpringerBriefs in Computer Science. Springer, Cham. https://doi.org/10.1007/978-3-319-41411-9_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-41411-9_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-41410-2
Online ISBN: 978-3-319-41411-9
eBook Packages: Computer ScienceComputer Science (R0)