Atjaunināt sīkdatņu piekrišanu

E-grāmata: Cloud Security: Attacks, Techniques, Tools, and Challenges [Taylor & Francis e-book]

(Graphic Era Univ. Uttarakhand), (MNIT Jaipur), (Graphic Era Uni. Uttarakhand)
  • Formāts: 216 pages, 7 Tables, black and white; 53 Line drawings, black and white; 7 Halftones, black and white; 60 Illustrations, black and white
  • Izdošanas datums: 28-Dec-2021
  • Izdevniecība: Chapman & Hall/CRC
  • ISBN-13: 9781003004486
Citas grāmatas par šo tēmu:
  • Taylor & Francis e-book
  • Cena: 177,87 €*
  • * this price gives unlimited concurrent access for unlimited time
  • Standarta cena: 254,10 €
  • Ietaupiet 30%
Cloud Security: Attacks, Techniques, Tools, and ChallengesPalielināt
  • Formāts: 216 pages, 7 Tables, black and white; 53 Line drawings, black and white; 7 Halftones, black and white; 60 Illustrations, black and white
  • Izdošanas datums: 28-Dec-2021
  • Izdevniecība: Chapman & Hall/CRC
  • ISBN-13: 9781003004486
Citas grāmatas par šo tēmu:
Taylor & Francis e-booksMore info about Taylor & Francis e-books
Rokasgrāmatas mājas lapa: https://www.taylorfrancis.com/books/9781003004486
Cloud computing has gained paramount attention and most of the companies are adopting this new paradigm and gaining significant benefits. As number of applications and business operations are being facilitated by the cloud computing paradigm, it has become the potential target to attackers. The importance of well-organized architecture and security roles have become greater with the growing popularity.

Cloud Security: Attacks, Techniques, Tools, and Challenges, provides an in-depth technical description about various key essential aspects of cloud security. We have endeavored to provide a technical foundation that will be practically useful not just for students and independent researchers but also for professional cloud security analysts for conducting security procedures, and all those who are curious in the field of cloud security

The book offers comprehensive coverage of the most essential topics, including:











Basic fundamentals of Cloud Computing





Cloud security concepts, vulnerabilities, security standards and reference models





Cloud security goals, key issues and privacy requirements





Threat model, detailed taxonomy of cloud attacks, Attack feature analysis case study





A detailed taxonomy of IDS techniques and Cloud Intrusion Detection Systems (IDS)





Attack and security tools, LibVMI case study





Advanced approaches: Virtual Machine Introspection (VMI) and Hypervisor Introspection (HVI)





Container security: threat model, attacks and defense systems

This book is intended for both academic and professional audience. It could also be used as a textbook, for a semester course at undergraduate and post graduate level in Computer Science, Information Technology, Information Security, and Information Science & Management. The book serves as basic reference volume for researchers in cloud security. It will be useful to practitioners, cloud security team, and the cloud security auditor as well. To get the most out of this book, the reader should have a working knowledge of various operating system environments, hypervisors, cloud computing fundamentals, programming languages like Python and a working knowledge of security tools.
Preface xiii
Acknowledgment xvii
List of Figures
xix
List of Tables
xxiii
Author Bios xxv
I Fundamentals: Cloud Computing and Security
1(72)
1 Introduction to Cloud Computing
3(22)
1.1 Introduction
3(3)
1.2 History and Underlying Technologies
6(5)
1.2.1 Mainframe computing
7(1)
1.2.2 Cluster computing
7(1)
1.2.3 Grid computing
8(1)
1.2.4 Distributed and parallel computing
9(1)
1.2.5 Virtualization
9(1)
1.2.6 Web 2.0
9(1)
1.2.7 Service-oriented computing (SOC)
10(1)
1.2.8 Utility computing
10(1)
1.3 Definitions and Characteristics
11(1)
1.4 Cloud Service Models
12(2)
1.4.1 Software-as-a-service (SaaS)
13(1)
1.4.2 Platform-as-a-service (PaaS)
13(1)
1.4.3 Infrastructure-as-a-service (IaaS)
13(1)
1.5 Cloud Deployment Models
14(3)
1.5.1 Private cloud
14(1)
1.5.2 Public cloud
15(1)
1.5.3 Community cloud
16(1)
1.5.4 Hybrid cloud
16(1)
1.6 Cloud Service Platforms
17(2)
1.6.1 Amazon web service (AWS)
17(1)
1.6.2 Microsoft azure
17(1)
1.6.3 Google cloud platform
17(1)
1.6.4 IBM cloud
18(1)
1.6.5 Adobe creative cloud
18(1)
1.6.6 Kamatera
18(1)
1.6.7 VMware
19(1)
1.6.8 Rackspace
19(1)
1.7 Challenges Ahead
19(2)
1.7.1 Virtual machine migration
19(1)
1.7.2 Interoperability and standards
20(1)
1.7.3 Security and privacy
20(1)
1.7.4 Energy management
21(1)
1.7.5 Accessibility issues
21(1)
1.8 Conclusion
21(1)
1.9 Questions
22(3)
2 Introduction to Cloud Security
25(24)
2.1 Introduction
25(6)
2.1.1 Vulnerabilities present in cloud
27(2)
2.1.2 Need of cloud security
29(2)
2.2 Cloud Security Concepts
31(3)
2.2.1 Multi-tenancy
31(1)
2.2.2 Virtualization
32(1)
2.2.3 Data outsourcing
33(1)
2.2.4 Trust management
33(1)
2.2.5 Metadata security
34(1)
2.3 Cloud Security Standards
34(3)
2.3.1 Information technology infrastructure library (ITIL)
34(1)
2.3.2 Control objectives for information and related technology (COBIT)
35(1)
2.3.3 ISO/IEC 20000
36(1)
2.3.4 Statement on standards for attestation engagement (SSAE)
36(1)
2.3.5 Cloud security alliance (CSA) cloud controls matrix
36(1)
2.4 CSA Cloud Reference Model
37(3)
2.5 NIST Cloud Reference Model
40(6)
2.5.1 Architectural components of consumer
40(3)
2.5.2 Architectural components of CSP
43(1)
2.5.3 Architectural components of broker
44(1)
2.5.4 Architectural components of carrier
45(1)
2.5.5 Architectural components of auditor
45(1)
2.6 Conclusion
46(1)
2.7 Questions
46(3)
3 Cloud Security and Privacy Issues
49(24)
3.1 Introduction
49(2)
3.2 Cloud Security Goals/Concepts
51(3)
3.2.1 Confidentiality
51(1)
3.2.2 Integrity
52(1)
3.2.3 Availability
52(1)
3.2.4 Authentication
53(1)
3.2.5 Authorization
53(1)
3.2.6 Auditing
53(1)
3.2.7 Access control
54(1)
3.3 Cloud Security Issues
54(8)
3.3.1 Application level security issues
55(1)
3.3.2 Network level security issues
56(1)
3.3.3 Virtualization level security issues
57(1)
3.3.4 Data security
57(1)
3.3.5 Identity management and access control
58(1)
3.3.6 Improper cryptographic keys management
59(1)
3.3.7 Service level agreement (SLA)
60(1)
3.3.8 Regular audit and compliances
60(1)
3.3.9 Cloud and CSP migration, SLA and trust level issues
61(1)
3.3.10 Hardware-level security issues
62(1)
3.4 Security Requirements for Privacy
62(5)
3.4.1 Fine-grained access control
66(1)
3.4.2 Privacy-preserving
66(1)
3.4.3 Collision resistance
66(1)
3.5 Privacy Issues in Cloud
67(4)
3.5.1 Defining roles to actors
67(1)
3.5.2 Compliance
68(1)
3.5.3 Legal issues and multi-location issues
68(1)
3.5.4 Privacy issues on CIA
69(1)
3.5.5 Protection of the data
69(1)
3.5.6 User control lacking
69(1)
3.5.7 Data movement
70(1)
3.6 Conclusion
71(1)
3.7 Questions
71(2)
II Threat Model, Attacks, Defense Systems, and Security Techniques
73(58)
4 Threat Model and Cloud Attacks
75(18)
4.1 Introduction
75(1)
4.2 Threat Model
76(5)
4.2.1 Type of attack entities
76(2)
4.2.2 Attack surfaces with attack scenarios
78(3)
4.3 A Taxonomy of Attacks
81(5)
4.3.1 VMAT: Virtual machines-level attacks
81(2)
4.3.2 VMMAT: Virtual machine monitor-level attacks
83(1)
4.3.3 HWAT: Peripheral-level attacks
83(1)
4.3.4 VSWAT: Virtual storage-level attacks
84(1)
4.3.5 TENAT: Tenant network-level attacks
85(1)
4.4 Case Study: Description of Features for Attack Analysis Based on Dataset
86(5)
4.4.1 Fuzzers
86(2)
4.4.2 Analysis
88(1)
4.4.3 Backdoor
88(1)
4.4.4 Exploits
88(1)
4.4.5 Generic
89(1)
4.4.6 Reconnaissance
89(1)
4.4.7 Shellcode
90(1)
4.4.8 Worms
90(1)
4.5 Conclusion
91(1)
4.6 Questions
91(2)
5 Classification of Intrusion Detection Systems in Cloud
93(16)
5.1 Introduction
93(1)
5.2 TVM-based Intrusion Detection System
94(3)
5.3 Hypervisor-based Intrusion Detection System
97(1)
5.4 Network-based Intrusion Detection System
98(3)
5.5 Distributed Intrusion Detection System
101(2)
5.6 Research Challenges
103(3)
5.7 Conclusion
106(1)
5.8 Questions
106(3)
6 Intrusion Detection Techniques in Cloud
109(22)
6.1 Introduction
109(2)
6.2 Taxonomy of IDS Techniques
111(17)
6.2.1 Misuse detection techniques
111(4)
6.2.2 Anomaly detection techniques
115(6)
6.2.3 Virtual machine introspection (VMI) techniques
121(1)
6.2.4 Hypervisor introspection-based techniques
122(1)
6.2.5 Hybrid techniques
123(5)
6.3 Conclusion
128(1)
6.4 Questions
128(3)
III Tools and Advances
131(58)
7 Overview of Tools (Attack/Security) in Cloud
133(20)
7.1 Introduction
133(2)
7.2 Attack Tools
135(5)
7.2.1 Network-level attack tools
135(3)
7.2.2 VM-level attack tools
138(1)
7.2.3 VMM attack tools
139(1)
7.3 Security Tools
140(6)
7.3.1 Network security tools
141(1)
7.3.2 VM security tool
142(2)
7.3.3 VMM security tools
144(2)
7.4 Case Study of LibVMI: A Virtualziation-Specific Tool
146(5)
7.4.1 Check the system configurations
146(1)
7.4.2 Install KVM and necessary dependencies
146(1)
7.4.3 Creating a virtual machine
147(1)
7.4.4 Install LibVMI tool and necessary dependencies
148(3)
7.5 Conclusion
151(1)
7.6 Questions
151(2)
8 Virtual Machine Introspection and Hypervisor Introspection
153(18)
8.1 Introduction
153(1)
8.2 Virtual Machine Introspection (VMI)
154(9)
8.2.1 VM hook based
154(1)
8.2.2 VM-state information based
155(2)
8.2.3 Hypercall verification based
157(2)
8.2.4 Guest OS kernel debugging based
159(1)
8.2.5 VM interrupt analysis based
160(3)
8.3 Hypervisor Introspection (HVI)
163(6)
8.3.1 Nested virtualization
163(2)
8.3.2 Code integrity checking using hardware-support
165(2)
8.3.3 Memory integrity checking using hardware/software support
167(1)
8.3.4 Revisiting the VMM design
167(2)
8.3.5 VM-assisted hypervisor introspection
169(1)
8.4 Conclusion
169(1)
8.5 Questions
169(2)
9 Container Security
171(18)
9.1 Introduction
171(2)
9.2 Threat Model in Containerized Environment
173(4)
9.2.1 Attacks in containers
175(2)
9.3 Defense Mechanisms
177(2)
9.4 Case Study on SQL Injection Attack in Containers
179(6)
9.4.1 Part-A-test bed set up
180(4)
9.4.2 PART B: Attacking launching and malicious logs extraction
184(1)
9.5 Open Research Challenges for Container Security
185(1)
9.6 Conclusion
186(1)
9.7 Questions
187(2)
Bibliography 189(22)
Index 211
Preeti Mishra is currently working as an Assistant Professor in the Department of Computer Science in Doon University, Dehradun, UK, India which is a State Government University. Earlier, she was associated with Graphic Era Deemed to be University Dehradun. She has 10+ years teaching and research experience. She received her Ph. D. degree in the field of Cloud Security from Malaviya National Institute of Technology Jaipur, India under the supervision of Dr. Emmanuel S. Pilli and Prof. Vijay Varadharajan (2017). She is a B. Tech and M. Tech Gold Medalist. She has published various SCI/SCIE indexed reputed International Journals and reputed conference papers in the area of security and privacy. Some of her key research publications have been published in IEEE Transaction on Cloud Computing (with IF 5.720), IEEE Communication Surveys and Tutorials (with IF 25.249), IEEE Transactions on Industrial Informatics (IF: 9+) etc. as main author. She has also published several publications in reputed international conferences. She worked as a visiting scholar in Macquarie University Sydney under Prof. Vijay Varadharajan in 2015 and has been awarded a fellowship, administered by the Department Administrators in Department of Computing, Macquarie University, Sydney. She has also been awarded by Graphic Era Deemed to be University Dehradun for outstanding contribution in research. Her research proposal, valued more than 20 lakhs got approved by SERB-DST, Govt. of India in the area of Cloud Security. Her area of interest includes Cloud Security, E-mail Security and Network Security, Internet of Things, Blockchain, Cyber Security, Mobile Security, Adversarial Machine Learning etc. She is currently serving as a Lead Guest Editor in IEEE Transaction on Industrial Informatics (TII).

Emmanuel S. Pilli received his Ph.D. from IIT, Roorkee (2012) and is currently an Associate Professor and Head of Dept. of CSE in Malaviya National Institute of Technology, Jaipur, India. Pilli Emmanuel Shubhakar has 21 years of teaching, research and administrative experience. He completed a research project "Investigating the Source of Spoofed E- mails" from UCOST, Dehradun in 2016. He has coauthored a book "Fundamentals of Network Forensics - A Research Perspective" for Springer in 2016. A total of 4 students have been awarded PhD under his supervision and 12 Ph. D students are pursuing their research. He is Senior Member of both IEEE and ACM. His areas of interest include Security and Forensics, Cloud Computing, Big Data, IoT, Darkweb, and Blockchain etc. He is member of Cloud Computing Innovation Council of India (CCICI) and Forensic Science Workgroup on Cloud Computing of the NIST, USA.

Dr. R.C. Joshi Former Prof. E. & C.E. Department at IIT Roorkee and Chancellor at Graphic Era University Dehradun, received his B.E degree from NIT Allahabad in1967, M.E.1st Div. with Honors and Ph.D Degree from Roorkee University, now IIT Roorkee, in 1970 & 1980 respectively. He worked as a Lecturer in J.K Institute, Allahabad University during 1967-68.He joined Roorkee University in 1970 as Lecturer, became Reader in 1980 and Prof. in 1987. He had been Head of Electronics & Computer Engineering from Jan 1991-1994 & Jan. 1997 to Dec. 1999. He was also the Head of Institute Computer Centre, IIT Roorkee from March 1994 to Dec. 2005.He was on short visiting Professor's Assignment in University of Cincinnati, USA. University of Minnesota, U.S.A & Macquarie University Sydney Australia also visited France under Indo-France collaboration program during June 78 to Nov. 79. Dr. Joshi has guided 27 Ph.Ds, 250 M.Tech, Dissertation, 75 B.E Projects. He had taught more than 25 subjects in Computer Engineering, Electronics Engineering & Information Technology. He has worked as a Principal Investigator in number of Sponsored Projects of Ministry of Information & Communication Technology, DRDO, AICTE, UNDP, ISEA etc.
Permanent link: https://www.kriso.lv/db/9781003004486_pe.html
Keywords: