Cloud Radar: Near Real-Time Detection of Security Failures in Dynamic Virtualized Infrastructures

Sören Bleikertz, Carsten Vogel, Thomas Groß

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    28 Citations (Scopus)

    Abstract

    Cloud infrastructures are designed to share physical resources among many different tenants while ensuring overall secu- rity and tenant isolation. The complexity of dynamically changing and growing cloud environments, as well as insider attacks, can lead to misconfigurations that ultimately result in security failures. The detection of these misconfigura- tions and subsequent failures is a crucial challenge for cloud providers—an insurmountable challenge without tools. We establish an automated security analysis of dynamic virtualized infrastructures that detects misconfigurations and security failures in near real-time. The key is a systematic, differential approach that detects changes in the infrastruc- ture and uses those changes to update its analysis, rather than performing one from scratch. Our system, called Cloud Radar, monitors virtualized infrastructures for changes, up- dates a graph model representation of the infrastructure, and also maintains a dynamic information flow graph to determine isolation properties. Whereas existing research in this area performs analyses on static snapshots of such infrastructures, our change-based approach yields significant performance improvements as demonstrated with our proto- type for VMware environments.
    Original languageEnglish
    Title of host publicationACSAC '14
    Subtitle of host publicationProceedings of the 30th Annual Computer Security Applications Conference
    Place of PublicationNew York
    PublisherAssociation for Computing Machinery (ACM)
    Pages26-35
    Number of pages10
    ISBN (Print)9781450330053
    DOIs
    Publication statusPublished - Dec 2014
    Event30th Annual Computer Security Applications Conference, ACSAC 2014 - Hyatt French Quarter, New Orleans, United States
    Duration: 8 Dec 201412 Dec 2014
    Conference number: 30
    https://www.acsac.org/2014/

    Conference

    Conference30th Annual Computer Security Applications Conference, ACSAC 2014
    Abbreviated titleACSAC 2014
    CountryUnited States
    CityNew Orleans
    Period8/12/1412/12/14
    Internet address

    Keywords

    • EC Grant Agreement nr.: FP7/318003
    • EC Grant Agreement nr.: FP7/2007-2013

    Fingerprint Dive into the research topics of 'Cloud Radar: Near Real-Time Detection of Security Failures in Dynamic Virtualized Infrastructures'. Together they form a unique fingerprint.

    Cite this