The Impact of Emerging Cloud Security Threats: A Focus on Advanced Persistent Threats


Authors : Austin Orumwense; Mansoor Ihsan

Volume/Issue : Volume 9 - 2024, Issue 12 - December

Google Scholar : https://tinyurl.com/4bfx4k6m

Scribd : https://tinyurl.com/5fz8fztb

DOI : https://doi.org/10.5281/zenodo.14598602

Abstract : The rapid advancement in cloud computing technology is continually evolving, with threat actors refining their tactics, exploiting new vulnerabilities, and expanding their influence. This dynamic environment exposes cloud infrastructure to emerging cyber-attacks, including Advanced Persistent Threats (APT), impacting both customers and service providers. Understanding the gap in APT detection literature is crucial for researchers. The research aims to comprehensively understand APTs' influence on cloud security, analyse existing approaches, emulate adversary plans, simulate attacks using Mitre Caldera, employ Snort for detection, and utilise the Nessus vulnerability scanning tool. The study addresses critical questions about APTs' exploitation of cloud environments, strengths and weaknesses of mitigation methods, impacts of successful APT attacks, vulnerabilities in cloud infrastructures, and techniques for detecting APTs. The findings underscore the intricate interplay between APT activities and cloud environments, emphasising the need for robust detection and mitigation strategies. The combination of APT simulation, vulnerability assessment, and detection mechanism analysis yields invaluable insights into the evolving threat landscape within cloud ecosystems. As organisations increasingly embrace cloud technologies, the lessons from this study contribute substantially to the ongoing discourse on fortifying cloud security against persistent and evolving cyber threats.

Keywords : Advanced Persistent Threats (APT), Cloud Security, Emulation, Mitre Caldera, Vulnerability Scanning, Adversary Emulation.

References :

  1. Adelaiye, O. I., Showole, A., and Faki, S. A. (2018) Evaluating advanced persistent threats mitigation effects: a review. International Journal of Information Security Science7(4), 159-171.
  2. ATT&CK Evaluations (2019) Apt29 Enterprise Evaluation 2019, [Online]. Available: https://attackevals.mitre-engenuity.org/enterprise/apt29. [Accessed: June 19, 2023].
  3. Buyya, R., Broberg, J., and Goscinski, A. M. (Eds.). (2010) Cloud computing: Principles and paradigms. John Wiley & Sons.
  4. Chen, J., Su, C., Yeh, K. H., and Yung, M. (2018) Special issue on advanced persistent threat. Future Generation Computer Systems79, 243-246.
  5. Gjerstad, J. L. (2022) Generating labelled network datasets of APT with the MITRE CALDERA framework. MSc. University of Oslo.
  6. Karabacak, B., & Whittaker, T. (2022, March). Zero Trust and Advanced Persistent Threats: Who Will Win the War?. In International Conference on Cyber Warfare and Security (Vol. 17, No. 1, pp. 92-101
  7. Khaleefa, E. J., and Abdulah, D. A. (2022) Concept and difficulties of advanced persistent threats (APT): Survey. International Journal of Nonlinear Analysis and Applications13(1), 4037-4052.
  8. Khalid, M. I., Ehsan, I., Al-Ani, A. K., Iqbal, J., Hussain, S., & Ullah, S. S. (2023). A comprehensive survey on blockchain-based decentralized storage networks. IEEE Access11, 10995-11015.
  9. Khan, S., Nicho, M., and Takruri, H. (2016) IT controls in the public cloud: Success factors for allocation of roles and responsibilities. Journal of information technology case and application research18(3), 155-180.
  10. Knapp, K. J., Denney, G. D., & Barner, M. E. (2011). Key issues in data center security: An investigation of government audit reports. Government Information Quarterly28(4), 533-541.
  11. Kumar, R., Kela, R., Singh, S., and Trujillo-Rasua, R. (2022) APT attacks on industrial control systems: A tale of three incidents. International Journal of Critical Infrastructure Protection37, 100521.
  12. Li, M., Huang, W., Wang, Y., Fan, W., and Li, J. (2016) The study of APT attack stage model. In 2016 IEEE/ACIS 15th International Conference on Computer and Information Science (ICIS) (pp. 1-5). IEEE.
  13. Li, Y., Zhang, T., Li, X., and Li, T. (2019) A model of APT attack defense based on cyber threat detection. In Cyber Security: 15th International Annual Conference, CNCERT 2018, Beijing, China, August 14–16, 2018, Revised Selected Papers 15 (pp. 122-135). Springer Singapore.
  14. Singh, A. K., Koshy, A. S., & Gupta, M. (2023). Cloud Computing for Machine Learning and Cognitive Application. In Cloud-based Intelligent Informative Engineering for Society 5.0 (pp. 107-121). Chapman and Hall/CRC.
  15. Sun, Y., Zhang, J., Xiong, Y., & Zhu, G. (2014). Data security and privacy in cloud computing. International Journal of Distributed Sensor Networks10(7), 190903.
  16. Taherdoost, H. (2022). Cybersecurity vs. Information Security. Procedia Computer Science, 215, 483-487.
  17. Wang X., Zheng, K., Xinxin N., Bin, W. and Wu, C. (2016) Detection of command and control in advanced persistent threat based on independent access. IEEE International Conference on Communications (ICC). IEEE.
  18. Xiao, L., Xu, D., Xie, C., Mandayam, N. B., & Poor, H. V. (2017). Cloud storage defense against advanced persistent threats: A prospect theoretic study. IEEE Journal on Selected Areas in Communications35(3), 534-544.
  19. Xu, M., & Buyya, R. (2020). Managing renewable energy and carbon footprint in multi-cloud computing environments. Journal of Parallel and Distributed Computing135, 191-202.
  20. Zulkefli, Z., Singh, M. M., & Malim, N. H. A. H. (2015). Advanced persistent threat mitigation using multi level security–access control framework. In Computational Science and Its Applications--ICCSA 2015: 15th International Conference, Banff, AB, Canada, June 22-25, 2015, Proceedings, Part IV 15 (pp. 90-105). Springer International Publishing.

The rapid advancement in cloud computing technology is continually evolving, with threat actors refining their tactics, exploiting new vulnerabilities, and expanding their influence. This dynamic environment exposes cloud infrastructure to emerging cyber-attacks, including Advanced Persistent Threats (APT), impacting both customers and service providers. Understanding the gap in APT detection literature is crucial for researchers. The research aims to comprehensively understand APTs' influence on cloud security, analyse existing approaches, emulate adversary plans, simulate attacks using Mitre Caldera, employ Snort for detection, and utilise the Nessus vulnerability scanning tool. The study addresses critical questions about APTs' exploitation of cloud environments, strengths and weaknesses of mitigation methods, impacts of successful APT attacks, vulnerabilities in cloud infrastructures, and techniques for detecting APTs. The findings underscore the intricate interplay between APT activities and cloud environments, emphasising the need for robust detection and mitigation strategies. The combination of APT simulation, vulnerability assessment, and detection mechanism analysis yields invaluable insights into the evolving threat landscape within cloud ecosystems. As organisations increasingly embrace cloud technologies, the lessons from this study contribute substantially to the ongoing discourse on fortifying cloud security against persistent and evolving cyber threats.

Keywords : Advanced Persistent Threats (APT), Cloud Security, Emulation, Mitre Caldera, Vulnerability Scanning, Adversary Emulation.

Never miss an update from Papermashup

Get notified about the latest tutorials and downloads.

Subscribe by Email

Get alerts directly into your inbox after each post and stay updated.
Subscribe
OR

Subscribe by RSS

Add our RSS to your feedreader to get regular updates from us.
Subscribe