Revisiting Cloud Security Attacks: Credential Attack

@inproceedings{Singh2020RevisitingCS,
  title={Revisiting Cloud Security Attacks: Credential Attack},
  author={Vaishali Singh and S. K. Pandey},
  year={2020}
}
Security has a ubiquitous influence on cloud services. With technology advancement, the superiority of attacks is continuously scaling in volume. In response, the security experts have increased the defensive perimeters, enhanced the malware protection and upgraded the countermeasures to detect malicious activity. However, weak identity and access management system and destabilized privilege system has created loopholes for cloud security, resulting in abnormal development using unsecured… 

References

SHOWING 1-10 OF 11 REFERENCES
Minimizing Internal Data Theft in Cloud Through Disinformation Attacks
TLDR
The empirical results revealed that the mechanism is capable of providing security against insider data theft attacks and was implemented by building a web based prototype that demonstrates the efficiency of the decoy technology.
Data Breaches, Phishing, or Malware?: Understanding the Risks of Stolen Credentials
TLDR
The first longitudinal measurement study of the underground ecosystem fueling credential theft and the risk it poses to millions of users is presented and a remarkable lack of external pressure on bad actors is observed, with phishing kit playbooks and keylogger capabilities remaining largely unchanged since the mid-2000s.
Security and Privacy of Sensitive Data in Cloud Computing: A Survey of Recent Developments
TLDR
The existing technologies and a wide array of both earlier and state-of-the-art projects on cloud security and privacy are reviewed, in addition to reviewing the existing developments in privacy-preserving sensitive data approaches in cloud computing such as privacy threat modeling and privacy enhancing protocols and solutions.
Cloud Computing: Security Issues and Challenges
TLDR
The weaknesses in Cloud architecture, internet protocols, operating system and application software, and in crypto system are surveyed and the challenges related to Cloud security and counter measures to resolve those issues are identified.
CloudFence: Data Flow Tracking as a Cloud Service
TLDR
CloudFence is proposed, a framework for cloud hosting environments that provides transparent, fine-grained data tracking capabilities to both service providers, as well as their users, and allows users to independently audit the treatment of their data by third-party services through the intervention of the infrastructure provider that hosts these services.
Revisiting Cloud Security Issues and Challenges
TLDR
The aim of this paper is to render a more elaborated and complete understanding of the issues and challenges related to Cloud security and provide major research directions for future to the researchers in concerned area/s.
Storageless Credentials And Secure Login
TLDR
A novel concept for login systems which does not store such credentials in the database is proposed, which is generated and verified algorithmically and ensured that the generated credentials are human friendly for uses.
Detecting and Mitigating Secret-Key Leaks in Source Code Repositories
TLDR
A handful of methods for detecting API keys embedded within source code, and a possible solution that combines these techniques to provide tool support for protecting against key leaks in version control systems are outlined.
...
...