Review of data leakage attack techniques in cloud systems
Manipulating and delivering data in heterogeneous environments such as those underlying cloud systems is a critical task because of confidentiality issues. Cloud technology remains vulnerable to data leakage attacks due to its applications in gathering information about multiple independent entities (e.g. end users and VMs) and sharing cloud resources. Furthermore, the number of threats are increased when the cloud users are using cloud computing services compared to PC users, due to loss of control, privacy and outsourced data storage. Consequently, hackers exploit security vulnerabilities to launch attacks to take advantage of sensitive data such as secret keys. When data is manipulated and shared between different parties in cloud systems, it will be vulnerable to threats in cloud systems. This chapter explores data vulnerability throughout its life cycle to categorise existing data leakage attack techniques in terms of where they can be implemented and what can be stolen in this untrusted environment, and also classifies data leakage attack techniques according to the type of data, such as files and secret keys. Furthermore, this study explores core technologies upon which cloud computing is built, such as the web, virtualisation and cryptography, and their vulnerabilities prone to such attacks. We also propose existing data leakage detection and protection techniques to mitigate and alleviate such attacks.
Review of data leakage attack techniques in cloud systems, Page 1 of 2
< Previous page Next page > /docserver/preview/fulltext/books/sc/pbse007e/PBSE007E_ch9-1.gif /docserver/preview/fulltext/books/sc/pbse007e/PBSE007E_ch9-2.gif