Cloud computing is one of the most important newer developments in the information systems.The primary concern that
gets the organizations to adopt the Cloud Computing technology is cost reduction through optimized and proficient processing, however, there are different vulnerabilities and dangers in Cloud Computing that influence its security.
ATTACKS ON CLOUD COMPUTING WITH COUNTERMEASURES:
By exploring vulnerabilities in Cloud, an adversary can launch the following attacks:
CLOUD ZOMBIE ATTACK :
Zombie attack is one of the advanced attacks in Cloud Computing environment which degrades the performance and throughput of the network.
Through the Internet, an attacker tries to surge the casualty by sending demands from innocent hosts in the network. These types of hosts are called zombies. Zombie is used by malicious users to launch DOS or DOS attacks. This type of attack interrupts the normal behavior of Cloud affecting the availability of Cloud services.
The solutions of Cloud Zombie Attack :
- Firewall – Firewall can be used to allow or deny access to the requests.
- Intrusion detection system and intrusion prevention system.
- Better authentication and authorization.
- The combination of DOS attack detection, classification of traffic and response tools.
CLOUD MALWARE INJECTION ATTACK :
In this type of attack, the attacker attempts to inject an implementation of a malicious service or virtual machine into the Cloud. If the attacker is successful, then the Cloud will suffer from eavesdropping.
The purpose of malware Cloud could be anything that the adversary is interested in – possibly data modification, full functionality change or blocking.
Among all of the malware injection attacks, SQL injection attack and cross-site scripting attack are the two most common forms.
The solution of Cloud Malware Injection Attack :
For this purpose, we need to deploy a Hypervisor in the provider’s end. This Hypervisor will be considered the most secure and sophisticated part of the cloud system whose security cannot be breached by any means. The Hypervisor is responsible for scheduling all the instances, but before scheduling, it will check the integrity of the instance from the FAT table of the customer’s VM.
In the next post, we’ll discuss Distributed Denial of Service Attack on Cloud Computing.