Skip to main content

Table 3 Threats in cloud computing

From: An analysis of security issues for cloud computing

ID Threats Description Layer
T01 Account or service hijacking An account theft can be performed by different ways such as social engineering and weak credentials. If an attacker gains access to a user’s credential, he can perform malicious activities such as access sensitive data, manipulate data, and redirect any transaction [16]. SPI
T02 Data scavenging Since data cannot be completely removed from unless the device is destroyed, attackers may be able to recover this data [10, 17, 25]. SPI
T03 Data leakage Data leakage happens when the data gets into the wrong hands while it is being transferred, stored, audited or processed [16, 17, 20, 58]. SPI
T04 Denial of Service It is possible that a malicious user will take all the possible resources. Thus, the system cannot satisfy any request from other legitimate users due to resources being unavailable. SPI
T05 Customer-data manipulation Users attack web applications by manipulating data sent from their application component to the server’s application [20, 32]. For example, SQL injection, command injection, insecure direct object references, and cross-site scripting. S
T06 VM escape It is designed to exploit the hypervisor in order to take control of the underlying infrastructure [24, 61]. I
T07 VM hopping It happens when a VM is able to gain access to another VM (i.e. by exploting some hypervisor vulnerability) [17, 43] I
T08 Malicious VM creation An attacker who creates a valid account can create a VM image containing malicious code such as a Trojan horse and store it in the provider repository [20]. I
T09 Insecure VM migration Live migration of virtual machines exposes the contents of the VM state files to the network. An attacker can do the following actions: I
a) Access data illegally during migration [42]
b) Transfer a VM to an untrusted host [44]
c) Create and migrate several VM causing disruptions or DoS
T10 Sniffing/Spoofing virtual networks A malicious VM can listen to the virtual network or even use ARP spoofing to redirect packets from/to other VMs [45, 51]. I