Vulnerability Assessment and Penetration Testing Approach Towards Cloud-Based Application and Related Services
DOI:
https://doi.org/10.32628/IJSRSET218346Keywords:
Data Breaches, Cloud Security, Cloud Vulnerability Assessment, Cloud Service Model Security Analysis.Abstract
Cloud solutions provide a powerful computing platform that enables individuals and Cloud users to perform a wide range of tasks, such as using an online storage system, implementing business applications, developing customized computer software, and establishing a realistic network environment. The number of people using cloud services has increased dramatically in recent years, and a massive amount of data has been stored in cloud computing environments. As a result, data breaches in cloud services are increasing year after year as a result of hackers who are constantly attempting to exploit cloud architecture's security vulnerabilities. In this paper, we investigate and analyse real-world cloud attacks in order to demonstrate the techniques used by hackers against cloud computing systems and how to prevent such malicious activities.
References
- Lo'ai, A. T., & Saldamli, G. (2019). Reconsidering big data security and privacy in cloud and mobile cloud systems. Journal of King Saud University-Computer and Information Sciences.
- Mosca, P., Zhang, Y., Xiao, Z., & Wang, Y. (2014). Cloud security: Services, risks, and a case study on amazon cloud services. Int'l J. of Communications, Network and System Sciences, 7(12), 529.
- Länger, T., Pöhls, H. C., & Ghernaouti, S. (2016, September). Selected cloud security patterns to improve end user security and privacy in public clouds. In Annual Privacy Forum (pp. 115-132). Springer, Cham.
- Raghavendra, G. S., D. R. N. S. Lakshmi, and S. Venkateswarlu. "Security issues and trends in cloud computing." International Journal of Computer Science and Information Technologies (IJCSIT) 6.2 (2015): 1156-1159.
- Singh, Jitendra. "Cyber-attacks in cloud computing: A case study." International Journal of Electronics and Information Engineering 1.2 (2014): 78-87.
- “Sony Still Digging Its Way Out of Breach Investigation, Fallout” https://www.darkreading.com/attacks-breaches/sony-still-digging-its-way-out-of-breach-investigation-fallout/d/d-id/1135653?
- "The NIST definition of cloud computing", Special Publication 800-145, National Institute of Standards and Technology, http://csrc.nist.gov/ publications/ PubsSPs.html#800145.
- Xiao, Z. and Xiao, Y. (2013) Security and Privacy in Cloud Computing. IEEE Communications Surveys & Tutorials, 15, 843-859.
- Alruwaili, Fahad F., and T. Aaron Gulliver. "Secure migration to compliant cloud services: A case study." Journal of information security and applications 38 (2018): 50-64.
- A. Hutchings, R. G. Smith, and L. James, “Criminals in the Cloud: Crime, Security Threats, and Prevention Measures,” in Cybercrime Risks and Responses, London: Palgrave Macmillan UK, 2015, pp. 146–162
- OWASP Cloud Security Project. Available online: https://owasp.org/www-project-cloud-security/
- Subramaniam, T. K., and B. Deepa. "Security attack issues and mitigation techniques in cloud computing environments." International Journal of UbiComp (IJU) 7.1 (2016).
- Lo'ai, A. Tawalbeh, and Gokay Saldamli. "Reconsidering big data security and privacy in cloud and mobile cloud systems." Journal of King Saud University-Computer and Information Sciences (2019).
- Li, Huan-Chung, et al. "Analysis on cloud-based security vulnerability assessment." 2010 IEEE 7th International Conference on E-Business Engineering. IEEE, 2010.
- Nabeel, K, Al-Yasiri A (2018) Cloud security threats and techniques to strengthen cloud computing adoption framework. In: Cyber security and threats: concepts, methodologies, tools, and applications. IGI Global, pp 268–285
Downloads
Published
Issue
Section
License
Copyright (c) IJSRSET
This work is licensed under a Creative Commons Attribution 4.0 International License.