An overview of insider attacks in cloud computing

Concurrency and Computation: Practice and Experience

Volumn 27, Issue 12, 2015, Pages 2964-2981

  Duncan, Adrian ^a   Creese, Sadie ^a   Goldsmith, Michael ^a  

^a UNIVERSITY OF OXFORD   (United Kingdom)

Author keywords

cloud computing; cloud computing security; insider attacks; insider threat; internal attacks

Indexed keywords

CLOUD COMPUTING; COST REDUCTION;

CARNEGIE MELLON UNIVERSITY; CLOUD COMPUTING SECURITIES; COMPUTER EMERGENCY RESPONSE TEAMS; EUROPEAN NETWORK AND INFORMATION SECURITY AGENCIES; INSIDER ATTACK; INSIDER THREAT; INTERNAL ATTACKS; UNIVERSITY OF WARWICK;

NETWORK SECURITY;

EID: 84937734714     PISSN: 15320626     EISSN: 15320634     Source Type: Journal    
DOI: 10.1002/cpe.3243     Document Type: Review

References (39)

1. Ponemon Institute. Security of cloud computing providers study. (Available from: http://www.ca.com/~/media/Files/IndustryResearch/security-of-cloud-computing-providers-final-april-2011.pdf) [Accessed on 2 August, 2011], April 2011.
2. Gartner. High-tech tuesday webinar: Gartner worldwide it spending forecast, 2q12 update: cloud is the silver lining. (Available from: http://www.gartner.com/resources/237700/237715/hightech-tuesday-webinar-gar-237715.pdf) [Accessed on 14 August, 2012], 1 August 2011.
3. Popov O,. Priorities for research on current and emerging network technologies, 2010.
4. Claycomb WR, Nicoll A,. Insider threats to cloud computing: directions for new research challenges. Technical Report, Carnegie Mellon University: CERT Program, 2012.
5. GoldsmithHopkins Auty, Creese. Threat vectors in clouds and cascade vulnerability effects. 13, May 2010.
6. Duncan AJ, Creese S, Goldsmith M,. Insider attacks in cloud computing. 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), IEEE, 2012; 857-862.
7. Schultz EE,. A framework for understanding and predicting insider attacks. Computers & Security 2002; 21 (6): 526-531.
8. Trzeciak RF, Cappelli DM,. Best practices for mitigating insider threat: lessons learned from 250 cases. (Available from: http://www.cert.org/archive/pdf/RSA-CERT-InsiderThreat.pdf) [Accessed on 14 September 2011], 23 April 2009.
9. Anderson RH, Brackney RC,. Understanding the insider threat. (Available from: http://www.rand.org/pubs/conf-proceedings/2005/RAND-CF196.pdf) [Accessed 17 September, 2011], March 2004.
10. Chu B,. Just how secure are police databases? (Available from: http://blogs.independent.co.uk/2011/07/13/just-how-secure-are-police-databases) [Accessed on 22 September 2011], 13, July 2011.
11. Siddle J,. Merseyside police officers used classified records illegally 208 times in three years. (Available from: http://www.liverpoolecho.co.uk/liverpool-news/local-news/2011/06/27/merseyside-police-officers-used-classified-records-illegally-208-times-in-three-years-100252-28946604/2/) [Accessed on 28 January, 2013], 2011.
12. Galpin R,. Death muddies greek spy probe. (Available from: http://news.bbc.co.uk/1/hi/world/europe/4838552.stm) [Accessed on 7 October 2011], 24, March 2006.
13. Kowalski E, Cappelli D, Moore A, Randazzo MR, Keeney M,. Insider threat study: illicit cyber activity in the banking and finance sector. (Available from: http://oai.dtic.mil/oai/oai?verb=getRecord&metadataPrefix=html&identifier=ADA441249) [Accessed on 7 October, 2011], June 2005.
14. Shaw ED,. The role of behavioral research and profiling in malicious cyber insider investigations. Digital Investigation 2006; 3 (1): 20-31.
15. Spitzner L,. Honeypots Tracking Hackers. Addison Wesley: Boston, 2002.
16. The Honeynet Project. Know Your Enemy: Learning About Security Threats. Addison Wesley: Boston, 2004.
17. National Institute of Standards and Technology (NIST). NIST special publication on intrusion detection systems. (Available from: http://handle.dtic.mil/100.2/ADA393326) [Accessed on 20 October, 2011], 2001.
18. Balamurugan M, Sri Chitra Poornima B,. Article: honeypot as a service in cloud. In IJCA Proceedings on International Conference on Web Services Computing (ICWSC). ICWSC(1). Foundation of Computer Science: New York, USA, 2011; 39-43.
19. Taylor J,. Sony hackers 'stole 2 million cards'. (Available from: http://www.independent.co.uk/news/uk/crime/sony-hackers-stole-2-million-cards-2276853.html) [Accessed on 2 August, 2011], 30, April 2011.
20. Goodin D,. Sony says data for 25 million more customers stolen. (Available from: http://www.theregister.co.uk/2011/05/03/sony-hack-exposes-more-customers) [Accessed on 2 August], 2011, 3, May 2011.
21. Hirai K,. Kazuo Hirais̈ letter to the U.S. house of representatives. (Available from: http://www.flickr.com/photos/playstationblog/5686965323/in/set-72157626521862165) [Accessed on 2 August, 2011], 4, May 2011.
22. Giani A, Berk VH, Cybenko GV,. Data exfiltration and covert channels. in Sensors, and Command, Control, Communications, and Intelligence (C3I) Technologies for Homeland Security and Homeland Defense V, 2006.
23. Cloud security alliance. Security as a service working group. (Available from: https://wiki.cloudsecurityalliance.org/group9-wg/index.php/Main-Page) [Accessed on 29 January 2013], August 2011.
24. SANS Institute. Correlating SIM information to detect insider threats. (Available from: http://www.sans.org/reading-room/analysts-program/SIMInfo-June07.pdf) [Accessed on 22 August, 2011], June 2007.
25. Liu Y, Corbett C, Chiang K, Archibald R, Mukherjee B, Ghosal D,. SIDD: A framework for detecting sensitive data exfiltration by an insider attack. Hawaii International Conference on System Sciences 2009; 0: 1-10.
26. Assange J,. Wikileaks reveals secret files on all Guantánamo prisoners. (Available from: http://wikileaks.org/gitmo) [Accessed on 10 August 2011], April 2011.
27. Wallace R, Melton HK,. Spycraft. Transworld Publishers: London, 2009.
28. Simply safes. Decoy safes. (Available from: http://www.simplysafes.co.uk/decoy-safes-c-100-76.html) [Accessed on 18 August, 2011], August 2011.
29. Herald SM,. Fake security guards s̈teal close to 1 millionfrom Sydney bank. (Available from: http://www.smh.com.au/nsw/fake-security-guards-steal-close-to-1-million-from-sydney-bank-20100226-p7i3.html) [Accessed on 18 August, 2011], 26, February 2010.
30. Moskowitz R,. Hijinks on the high seas. (Available from: http://www.networkcomputing.com/1024/1024colmoskowitz.html) [Accessed on 16 January, 2012], 29, November 1999.
31. Bejtlich R,. Extrusion Detection: Security Monitoring for Internal Intrusions. Pearson Education: Boston, 2006. (Available from: http://books.google.co.uk/books?id=OURDZyTUFXwC) [Accessed on 16 January 2012].
32. Spitzner L,. Honeytokens: the other honeypot. (Available from: http://www.symantec.com/connect/articles/honeytokens-other-honeypot) [Accessed on 24 January, 2012], 17, July 2003.
33. Pike B,. How I learned to love big data-visualisation for high-throughput cyber analytics. Seminar, 19, October 2011.
34. Forensics Wiki. Prefetch. (Available from: http://www.forensicswiki.org/wiki/Prefetch) [Accessed on 27 January, 2012], 13, November 2011.
35. Parsonage H,. The meaning of linkfiles in forensic examinations. (Available from: http://computerforensics.parsonage.co.uk/downloads/TheMeaningofLIFE.pdf) [Accessed on 27 January], 2012, September 2008.
36. Galpin R,. Photorec. (Available from: http://www.cgsecurity.org/wiki/PhotoRec) [Accessed on 6 September 2012], 15, July 2011.
37. Hughes G, Coughlin T,. Tutorial on disk drive data sanitization. Online, 2006. (Available from: http://cmrr.ucsd.edu/people/Hughes/documents/DataSanitizationTutorial.pdf) [Accessed on 14 March 2014].
38. Heels E,. Is encryption the solution to cloud computing security and privacy? (Available from: http://www.cloudswitch.com/page/is-encryption-the-solution-to-cloud-computing-security-and-privacy) [Accessed on 27 January, 2012], 4, August 2011.
39. Oberheide J, Cooke E, Jahanian F,. Empirical exploitation of live virtual machine migration. Proceedings of BlackHat DC Convention, 2008. (Available from: https://www.blackhat.com/presentations/bh-dc-08/Oberheide/Whitepaper/bh-dc-08-oberheide-WP.pdf) [Accessed on 14 March 2014].