cloud computing v.s. cyber security
TRANSCRIPT
Agenda
Cloud Computing Definition
Cloud Properties and Benefits
Cloud Computing fo Cyber Defense
Cloud Computing for Cyber Offense
Case Study: Cloud Based Cyber Attack
2
Cloud Computing
Cloud Computing Definiton
“Cloud computing is a model for enabling convenient, on-demand network
access to a shared pool of configurable computing resources (e.g. ,networks,
servers, storage,applications, and services) that can be rapidly provisioned and
released with minimal management effort or service provider interaction.”
NIST
Cloud computing refers to the on-demand provision of computational
resources (data, software) via a computer network, rather than from a local
computer.
Wikipedia
4
• On-demand self-service
• Dynamic Resource Allocation
• Device / Location Independence
• Distributed architecture
• Scalable and Elastic
• High Computing Power
• High Bandwith
• High Storage Capacity
Cloud Characteristics
5
Cloud Computing Benefits
6
Cloud Models
7
Cloud for Cyber Defense
• DDoS Protection
• Web Application Attack Prevention
• Backup and Disaster Recovery
• Vulnerability Scan
• Penetration Testing & Security Audit
• Log Managamenet / SIEM
• Forensics as a Service
Cloud Usage for Cyber Defense
9
DDoS Protection
Cloud Based DDoS Protection Services
• CloudFlare, Incapsula
10
Web Application Attack Prevention
11
Vulnerability Scanning
12
Vulnerability Scanning
13
Penetration Testing & Security Audit
14
Forensics as a Service
15
Cloud for Cyber Offense
Cloud for Cyber Offense
Hacking as a Service
• Cloud properties for criminals
– Scalability,
– Quick Deployment
– Dynamic resource usage
– High computing power
– High bandwith
• Cyber criminals adapted their
tools and techniques for cloud
computing
• Unfortunately they are better at
using cloud platforms
17
Cloud for Cyber Offense
Cloud Usage in Cyber Offense
• DDoS as a Service
• Botnet as a Service
• Malware as a Service
• Password Cracking
• BotClouds
• C&C Servers
• Warez as a Service
18
DDoS as a Service
19
Source: McAfee
Botnet as a Service
20Source: McAfee
Malware as a Service
21
Source: Solutionary
Password Cracking as a Service
Password Cracking Experiment
• Lentgth: 1-6 character
• Algorithm: SHA1
• Method: Brute Force
• Hardware:
– Amazon cg1.4xlarge
– 22 GB memory
– 2 x Intel Xeon X5570, quad-core
– 2 x NVIDIA Tesla M2050 GPUs
– 1690 GB of instance storage
• Crack time: 49 min
• Price: 2100 $
22
Password Cracking as a Service
23
Command & Control Servers
24
Case Study: Cloud Based Cyber Attack
• How easy it is to build cyberattack infrastructure at cloud?
• Can we build it at no cost ?
• Can we build it anonymously?
Case Study: Cloud Based Cyber Attack
26
Get anonymous e-mail account
Register to cloud provider
Get free trial of cloud Linux image
Install attack software on VM
Register free DNS domain
Start attack
Large scale attack
Attack Scenario
27
• Known e-mail providers: – Gmail,
– Yahoo,
– Yandex,
– Mail.ru
• One-time mail providers– Mailinator
Attack Step 1: Get Anonymous E-mail
28
• Lots of cloud providersgive free trial accounts
– 1 week – 1 year trial
– Amazon
– Rackspace
– Siemens CloudServices
– …
Attack Step 2: Register to Cloud Provider
29
Attack Step 3: Get a Trial of Linux VM Image
30
Attack Step 4: Install Attack Software on VM
31
Attack Step 5: Register Free DNS Domain
32
Attack Step 6: Launch an Attack
Possible Attacks
• Denial of Service
• Port Scanning
• Vulnerability Scan
• Exploitation
• Pshishing Site
• Malware Server
• Password Cracking
33
Attack Step 7: Large Scale Attacks
Creating 20 Cloud Bots
• Script for creating 20 cloud bot servers
34
Attack Step 7: Large Scale Attacks
Creating 1000 Cloud Bots
• Script for creating 1000 cloud bot servers
35