Need a perfect paper? Place your first order and save 5% with this code:   SAVE5NOW

Securing the Cloud

Introduction

Information technology has advanced over the years, and organizations use it to improve their production and service delivery systems. Among the developments made in smart technologies is cloud computing. Cloud computing assists in reducing the cost of purchasing, installing, and maintenance of software and hardware. It improves efficiency in accessing resources because of its ability to provide information at any point so long as it has internet supply. It is therefore essential to secure the cloud platforms and ensure that the users of the facilities have trust in the providers. The providers would identify the threats related to cloud computing and identify ways of detecting, preventing, and investigating them.

The Data Wiping Process.

Data wiping is the process of securely erasing sensitive data from a system. Some attackers would also create malware to delete critical information like legal evidence from the data centres. The method of data wiping would also be important in securing confidential data from a hard drive or storage system that needed to use the data for some time and remove the data from its surface. The wiping techniques need to preserve the data from possible destruction capabilities and ensure that it cannot get exposed to data recovery software or applications. It is a process that protects data loss from stolen hardware, especially if the device would have traces of previously stored private data.

It is not secure to delete information through the operating system functions because it marks the previously occupied disk areas and retains the information on the hard drive until new files occupy the same locations marked to provide space for new data (Ölvecký & Gabriška, 2018). A malicious attacker would recover the data using the available essential software recovery tools. Most applications also store previously deleted data on the hard drive like the web browsers that store web pages, images, and videos as the browser’s cache. Although such storage enables users to locate the sites faster as the browsing history, it provides a realistic portrait of the user’s activity on the computer. The data wiping process aims at removing all the traces left by windows and other applications through the following procedure:

  • The user should find all the files and registry keys that have activity traces.
  • The secure deletion involves the use of operations that repeatedly overwrite the encryption key, making it completely unrecoverable.

The process makes normal users find it challenging to find the information, and if they manage to access the data, they will take a lot of time recovering it. Data wiping applications are initially configured to delete the files automatically and permanently. The apps would remain concealed to prevent detection by anti-spyware software that would prevent the action of the deletion software. Data wiping processes are essential in safeguarding confidential information from leaking from stolen, lost, or poorly disposed of devices.

Reducing the Risk of DDOS Attacks.

There are various defence mechanisms to protect cloud computing surfaces from DDOS attacks of diverse types. The internet protocol (IP) spoofing attack is a Distributed Denial-of-Service attack where packet transmissions occurring between the end-user and the cloud provider are intercepted and modified, and a legitimate IP address or unreachable IP address would forge the given IP packet (Bonguet & Bellaiche, 2017). It isn’t easy to modify and upgrade various kinds of network resources in a precise cloud system. Therefore, hop-count filtering can hold distinguish legitimate IPs from spoofed IPs in the Platform as a Service (PaaS) layer.

Synchronization flooding attacks would also happen when an attacker sends a large number of packets to the server without following the set transmission control protocol (TCP). This action prevents the server from processing legitimate requests. Synchronization caches and cookies would help the provider in protecting cloud-based systems against these flooding attacks. The cloud provider would also use detection mechanisms like firewall, active monitoring, and filtering in the software as a service (SaaS) layer.

Filtering configures the internal and external router interfaces to protect the cloud platforms against synchronization flooding attacks (Somani, Gaur, Sanghi, Conti & Buyya, 2017). Firewall techniques involve the splitting of the transmission control protocol (TCP) connection in the Infrastructure as a service (IaaS) layer. Active monitoring systems help in evaluating the behaviour of traffic of the TCP in the software as a service (SaaS) layer. The defensive systems have associated negative impacts, notably increased delays and possible reduction in performance. However, the cloud provider should research to provide safe and efficient cloud systems.

Other methods of safeguarding cloud computing systems include configuration of the virtual machines in the Platform as a service (PaaS) layer. Cloud providers would also configure network resources in the Infrastructure as a service layer to prevent the system against smurf attacks. They would also perform the array-bound checking technique in the SaaS layer to protect the system against buffer overflow. Other mechanisms embedded in the software as a service (SaaS) layer to protect the system against buffer overflows include the runtime instrumentation mechanism and the method of analyzing the static and dynamic code. There are extensive attacks on cloud computing frameworks that require prevention using currently available and studied tools to increase the efficiency of the advancement.

Hyper-Jacking Attacks.

Hyper-jacking attacks are threats that target virtual machines and exploit a system from outside to subvert or inject a rogue module in a given order. The rogue module provides the adversary with a channel to manage the virtual machines that run under the same host. The attackers gain the ability to monitor the network traffic of the system, destroy other experiments, and damage the isolation requirements (Win, & Thwin, 2019). Hyper-jacking attacks cause problems in ensuring confidentiality, integrity, and availability of data.

Hyper-jacking attacks can affect container-based and hypervisor-based virtualization system through the exposure of the system’s vulnerabilities. These attacks take advantage of loopholes of the universal operating system to damage the isolation mechanisms of a network testbed. Virtualization forms a significant theme in cloud computing, and they require protection from hyper-jacking attacks. Hyper-jacking attacks exploit the hardware, including the hypervisor, which is a virtual machine that facilitates the running of multiple operating systems concurrently.

Guest-Hopping Attacks.

Guest-hopping attacks operate between guest operating systems. It is a guest-to-guest attack that utilizes vulnerable virtualization systems. The attack involves the injecting of malware in the virtualization platform at a given guest as a way to seek to manage a particular virtual machine. The attacker would then control the virtual machine and spread the malware to other virtual machines or even compromise the operations of the virtualization layer itself. It will create destructive impacts if the attacker gains control of all the virtual machines existing on a specific host machine.

The attacker would use the opportunity to track the use of various resources such as the central processing unit (CPU) and the memory. The impact would affect the integrity and privacy of the guest machine as the attacker manipulates the existing data in the virtual machine. The adversaries would inject malicious code to modify specific configurations and prevent the availability of authentic data. Attacks on cloud computing platforms would diminish the trust of users in a given provision.

Conclusion

Many attack vectors can affect cloud computing systems. The service provider is required to develop preventive and detective mechanisms to counter occurring threats and reduce their negative impacts. Cloud-based providers maintain, update, and secure the cloud services they offer. It is their role to identify the various ways they would prevent the software, Infrastructure, and platforms from attacks like distributed denial-of-service (DDOS). The network of the cloud computing systems is the most targeted and malicious adversaries would exploit weak networks to initiate attacks into connections that have poor detection and prevention mechanisms (Singh, Jeong & Park, 2016). DDOS attacks occur using various techniques such as bandwidth depletion and resource depletion. They would cause flood attacks, amplification attacks, protocol exploit attacks, and malformed packet attacks. These capabilities would cause destructive impacts to cloud computing systems.

References

Bonguet, A., & Bellaiche, M. (2017). A survey of denial-of-service and distributed denial of service attacks and defences in cloud computing. Future Internet9(3), 43.

Ölvecký, M., & Gabriška, D. (2018, September). Wiping techniques and anti-forensics methods. In 2018 IEEE 16th International Symposium on Intelligent Systems and Informatics (SISY) (pp. 000127-000132). IEEE.

Singh, S., Jeong, Y. S., & Park, J. H. (2016). A survey on cloud computing security: Issues, threats, and solutions. Journal of Network and Computer Applications75, 200-222.

Somani, G., Gaur, M. S., Sanghi, D., Conti, M., & Buyya, R. (2017). DDoS attacks in cloud computing: Issues, taxonomy, and future directions. Computer Communications107, 30-48.

Win, S. S., & Thwin, M. M. S. (2019). Handling the Hypervisor Hijacking Attacks on Virtual Cloud Environment. In Advances in Biometrics (pp. 25-50). Springer, Cham.

 

Don't have time to write this essay on your own?
Use our essay writing service and save your time. We guarantee high quality, on-time delivery and 100% confidentiality. All our papers are written from scratch according to your instructions and are plagiarism free.
Place an order

Cite This Work

To export a reference to this article please select a referencing style below:

APA
MLA
Harvard
Vancouver
Chicago
ASA
IEEE
AMA
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Need a plagiarism free essay written by an educator?
Order it today

Popular Essay Topics