During the last years, cloud computing has emerged and imposed itself as a cost-effective solution for providing high quality Information Technology services. However, beyond a legitimate usage, the benefits of cloud computing are being exploited by attackers in nefarious ways and botnets are among the greatest beneficiaries of this malicious use. This botnet trend is a major issue because it strongly increases the power of massive distributed attacks when leveraging the capabilities of cloud service providers that do not have appropriate detection approaches in place to detect botnets exploiting cloud resources (also referred to as botclouds). We developed a free experimental intra–Cloud Service Provider (CSP) botnet that exploits CSPs' trial versions. We used this intra-CSP botnet to execute numerous TCP SYN flood and UDP flood attacks during one week. Our empirical results demonstrate that, contrary to what CSPs claim, all the CSPs (with the exception of one) we have tested still cannot detect or issued no warnings when malicious activities were launched from their cloud computing platforms. Besides, CSP's trial versions can easily be exploited to perpetrate large scale cyberattacks. We argue that efficient, cost-effective, scalable detection approaches that can detect botclouds need to be developed in the future to address this challenge.
|Journal||Transactions on Emerging Telecommunications Technologies|
|State||Published - Mar 2019|
Bibliographical notePublisher Copyright:
© 2018 John Wiley & Sons, Ltd.
ASJC Scopus subject areas
- Electrical and Electronic Engineering