Magnets to Adversaries—An Analysis of the Attacks on Public Cloud Servers-Reference-Cited by-同舟云学术

Magnets to Adversaries—An Analysis of the Attacks on Public Cloud Servers

Published:2023-11-01 Issue:21 Volume:12 Page:4493
ISSN:2079-9292
Container-title:Electronics
language:en
Short-container-title:Electronics

Author:

Lanka Phani¹,Varol Cihan¹^ORCID,Burns Kirk¹,Shashidhar Narasimha¹^ORCID

Affiliation:

1. Department of Computer Science, Sam Houston State University, Huntsville, TX 77341, USA

Abstract

Security adversaries are always constantly looking for targets to exploit. The mechanism of exploitation used by security adversaries varies significantly. Many focus on easy compromises as mere pivots to extend their attacks from these exploited systems to continue accomplishing their original goals. The cloud environment is a highly susceptible target for adversaries and provides a solid mechanism for observing adversary behavior. The sheer volume of attacks on the cloud provides insights into the attacker’s objectives and attack patterns, which can be leveraged for protecting infrastructure. This work deep dives into the practices used by adversaries on the commonly exposed protocols in the Amazon Web Services (AWS), Microsoft Azure (Azure), Google Cloud Platform (GCP), and Oracle Cloud Infrastructure (OCI) platforms. A robust honeypot model is documented that compares attacker behavior across various ports and protocols running in multiple cloud environments. This work illustrates that adversary activity is highly versatile in the public cloud environment, with an average of 700 new and unique IP addresses found attacking honeypot infrastructure daily. Further, this article illustrates the security safeguards a typical organization can leverage to mitigate the threats from these adversaries constantly probing insecure targets on the cloud platform.

Publisher

MDPI AG

Subject

Electrical and Electronic Engineering,Computer Networks and Communications,Hardware and Architecture,Signal Processing,Control and Systems Engineering

Link

https://www.mdpi.com/2079-9292/12/21/4493/pdf

Reference26 articles.

1. (2023, October 24). Gartner Forecasts Worldwide Public Cloud End-User Spending to Grow 23% in 2021. Available online: https://www.gartner.com/en/newsroom/press-releases/2021-04-21-gartner-forecasts-worldwide-public-cloud-end-user-spending-to-grow-23-percent-in-2021.

2. (2023, October 24). Shared Responsibility Model—Amazon Web Services (AWS). Available online: https://aws.amazon.com/compliance/shared-responsibility-model/.

3. (2023, October 24). 2021 Cloud Misconfigurations Report. Available online: https://www.rapid7.com/c/cloud-misconfigurations-2021/.

4. (2023, October 24). 2023 Cloud Security Study—The Challenges of Data Security and Sovereignty in a Multicloud World. Available online: https://cpl.thalesgroup.com/sites/default/files/content/CLOUD_AMI_pages/2023/2023-cloud-security-study-global-edition.pdf.

5. (2023, October 24). WKLD.06—Use Systems Manager instead of SSH or RDP. Available online: https://docs.aws.amazon.com/prescriptive-guidance/latest/aws-startup-security-baseline/wkld-06.html.

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Intelligent Threat Detection—AI-Driven Analysis of Honeypot Data to Counter Cyber Threats;Electronics;2024-06-24