Investigating Characteristics of Attacks on Public Cloud Systems

被引:6
作者
Bove, Davide [1 ]
Mueller, Tilo [1 ]
机构
[1] Friedrich Alexander Univ Erlangen Nuremberg, IT Secur Infrastruct, Erlangen, Germany
来源
2019 6TH IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND CLOUD COMPUTING (IEEE CSCLOUD 2019) / 2019 5TH IEEE INTERNATIONAL CONFERENCE ON EDGE COMPUTING AND SCALABLE CLOUD (IEEE EDGECOM 2019) | 2019年
关键词
cloud computing; security; public cloud; attack; intrusion detection; honeypot;
D O I
10.1109/CSCloud/EdgeCom.2019.00-13
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
In this work, honeypots were set up on several public cloud infrastructures of Amazon, Microsoft and Google located in different regions around the world, including North America, Asia and Europe. The honeypots, simulating different popular services like SSH and VNC, were used to collect data over a period of two month, resulting in over 170 million log entries. Further analysis of the log entries regarding attack patterns and geographic characteristics are presented in this paper. For example, the attacks originated from 216 countries involving 268,614 unique IPs, dominated by China with a share of 25.83%.
引用
收藏
页码:89 / 94
页数:6
相关论文
共 29 条
[1]   Cyber Threat Intelligence from Honeypot Data using Elasticsearch [J].
AL-Mohannadi, Hamad ;
Awan, Irfan ;
Al Hamar, Jassim ;
Cullen, Andrea ;
Disso, Jules Pagan ;
Armitage, Lorna .
PROCEEDINGS 2018 IEEE 32ND INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS (AINA), 2018, :900-906
[2]  
[Anonymous], P 2016 NEW YORK NY U, DOI DOI 10.1145/2978178.2978184
[3]  
Baecher P, 2006, LECT NOTES COMPUT SC, V4219, P165
[4]  
Brandon Edmunds, MAILONEY
[5]  
Brown S., 2012, Honeypots in the Cloud
[6]  
Challoo Rajab, 2011, INT J COMPUTER SCI S, V5, P496
[7]  
Chinn Richard E., 2015, THESIS
[8]  
Deutsche Telekom AG, T POT
[9]  
Elasticsearch, LOGST
[10]  
Eligibility, MEDICAID.GOV
123