Don't Wait to be Breached! Creating Asymmetric Uncertainty of Cloud Applications via Moving Target Defenses

Preprint English OPEN
Torkura, Kennedy A.; Meinel, Christoph; Kratzke, Nane;
(2019)
  • Subject: Computer Science - Distributed, Parallel, and Cluster Computing | Computer Science - Systems and Control | Computer Science - Networking and Internet Architecture | Computer Science - Cryptography and Security

Cloud applications expose - besides service endpoints - also potential or actual vulnerabilities. Therefore, cloud security engineering efforts focus on hardening the fortress walls but seldom assume that attacks may be successful. At least against zero-day exploits, th... View more
  • References (44)
    44 references, page 1 of 5

    N. Kratzke, “About an Immune System Understanding for Cloudnative Applications - Biology Inspired Thoughts to Immunize the Cloud Forensic Trail,” in Proc. of the 9th Int. Conf. on Cloud Computing, GRIDS, and Virtualization (CLOUD COMPUTING 2018, Barcelona, Spain), 2018.

    B. Duncan and M. Whittington, “Compliance with standards, assurance and audit: does this equal security?” in Proc. 7th Int. Conf. Secur.

    Inf. Networks - SIN '14. Glasgow: ACM, 2014, pp. 77-84. [Online].

    Available: http://dl.acm.org/citation.cfm?doid=2659651.2659711 N. Kratzke, “Smuggling Multi-Cloud Support into Cloud-native Applications using Elastic Container Platforms,” in Proc. of the 7th Int. Conf.

    on Cloud Computing and Services Science (CLOSER 2017), 2017.

    --, “About the complexity to transfer cloud applications at runtime and how container platforms can contribute?” in Cloud Computing and Service Sciences: 7th International Conference, CLOSER 2017, Revised Selected Papers, Communications in Computer and Information Science (CCIS). Springer International Publishing, 2018, to be published.

    N. Kratzke and P.-C. Quint, “Understanding Cloud-native Applications after 10 Years of Cloud Computing - A Systematic Mapping Study,” Journal of Systems and Software, vol. 126, no. April, 2017.

    N. Kratzke and R. Peinl, “ClouNS - a Cloud-Native Application Reference Model for Enterprise Architects,” in 2016 IEEE 20th Int.

    L. Bilge and T. Dumitras, “Before we knew it: an empirical study of zero-day attacks in the real world,” in ACM Conference on Computer and Communications Security, 2012.

    K. Krombholz, H. Hobel, M. Huber, and E. Weippl, “Advanced social engineering attacks,” Journal of Information Security and Applications, vol. 22, 2015.

  • Related Research Results (2)
  • Metrics
Share - Bookmark