• Corpus ID: 7450329

Crime in the Cloud: An Analysis of the Use of Cloud Services for Cybercrime

  title={Crime in the Cloud: An Analysis of the Use of Cloud Services for Cybercrime},
  author={Daan Kolthof},
With the rise of cloud computing services, cybercriminals discover new and improved ways of conducting cybercrime, using cloud services as their instrument of choice. This paper presents an overview of the misuse of cloud computing services for several malicious purposes, through a literature study and through studying real examples of misuse. Furthermore, a quantication of misuse of cloud services will be presented, for the specic case of email spam. Our study shows that there are major… 

Figures and Tables from this paper

Forensic Investigation Framework on Server Side of Private Cloud Computing

The results of the research conducted can be a reference for investigators to conduct forensic investigations in cloud computing on the server-side and the novel investigation framework will become a reference to be used as a guide to the investigation on private cloud computing in theServer-side.

Exploration of Security Challenges in Cloud Computing: Issues, Threats, and Attacks with their Alleviating Techniques

Cloud data security risks, cloud attacks, and identified vulnerabilities for different variables impacting cloud computing were presented in this study analysis.

Design and Validation of the Bright Internet

Bright Internet research was launched as a core project of the AIS Bright ICT Initiative, which aims to build an ICT-enabled Bright Society. To facilitate research on the Bright Internet, we



A survey of risks, threats and vulnerabilities in cloud computing

This paper highlights and categorizes many of security issues introduced by the "cloud"; surveys the risks, threats and vulnerabilities, and makes the necessary recommendations that can help promote the benefits and mitigate the risks associated with Cloud Computing.

Botnet Command and Control Mechanisms

This paper provides a classification of Botnets C & C channels and evaluates well-known protocols (e.g. IRC, HTTP, and P2P) which are being used in each of them.

What's New About Cloud Computing Security?

This work strives to frame the full space of cloud-computing security issues, attempting to separate justified concerns from possible over-reactions, and argues that two facets are to some degree new and fundamental to cloud computing: the complexities of multi-party trust considerations, and the ensuing need for mutual auditability.

Anatomy of Drive-by Download Attack

This paper presents a framework derived from an analysis of of drive-by download attacks that focus upon potential state changes seen when Internet browsers render HTML documents that can be used to identify potential features that have not yet been exploited and to reason about the challenges for using those features in detection drive- by download attack.

Empirical research of IP blacklists

It is revealed that a lot of spam originates from short-lived IP addresses which are often not blocked by IP blacklists, which raises the need of highly dynamic blacklists.

A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks

The primary intention for this work is to stimulate the research community into developing creative, effective, efficient, and comprehensive prevention, detection, and response mechanisms that address the DDoS flooding problem before, during and after an actual attack.

Behind Phishing: An Examination of Phisher Modi Operandi

The anatomy of phishing URLs and domains, registration ofphishing domains and time to activation, and the machines used to host the phishing sites are examined.

An empirical study of spam traffic and the use of DNS black lists

This paper presents quantitative data about SMTP traffic to MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) based on packet traces taken in December 2000 and February 2004.

The NIST Definition of Cloud Computing

This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.

An evaluation of Naive Bayesian anti-spam filtering

It is reached that additional safety nets are needed for the Naive Bayesian anti-spam filter to be viable in practice.