Authors :
Austin Orumwense; Mansoor Ihsan
Volume/Issue :
Volume 9 - 2024, Issue 12 - December
Google Scholar :
https://tinyurl.com/4bfx4k6m
Scribd :
https://tinyurl.com/5fz8fztb
DOI :
https://doi.org/10.5281/zenodo.14598602
Abstract :
The rapid advancement in cloud computing
technology is continually evolving, with threat actors
refining their tactics, exploiting new vulnerabilities, and
expanding their influence. This dynamic environment
exposes cloud infrastructure to emerging cyber-attacks,
including Advanced Persistent Threats (APT), impacting
both customers and service providers. Understanding the
gap in APT detection literature is crucial for researchers.
The research aims to comprehensively understand APTs'
influence on cloud security, analyse existing approaches,
emulate adversary plans, simulate attacks using Mitre
Caldera, employ Snort for detection, and utilise the
Nessus vulnerability scanning tool.
The study addresses critical questions about APTs'
exploitation of cloud environments, strengths and
weaknesses of mitigation methods, impacts of successful
APT attacks, vulnerabilities in cloud infrastructures, and
techniques for detecting APTs. The findings underscore
the intricate interplay between APT activities and cloud
environments, emphasising the need for robust detection
and mitigation strategies. The combination of APT
simulation, vulnerability assessment, and detection
mechanism analysis yields invaluable insights into the
evolving threat landscape within cloud ecosystems. As
organisations increasingly embrace cloud technologies,
the lessons from this study contribute substantially to the
ongoing discourse on fortifying cloud security against
persistent and evolving cyber threats.
Keywords :
Advanced Persistent Threats (APT), Cloud Security, Emulation, Mitre Caldera, Vulnerability Scanning, Adversary Emulation.
References :
- Adelaiye, O. I., Showole, A., and Faki, S. A. (2018) Evaluating advanced persistent threats mitigation effects: a review. International Journal of Information Security Science, 7(4), 159-171.
- ATT&CK Evaluations (2019) Apt29 Enterprise Evaluation 2019, [Online]. Available: https://attackevals.mitre-engenuity.org/enterprise/apt29. [Accessed: June 19, 2023].
- Buyya, R., Broberg, J., and Goscinski, A. M. (Eds.). (2010) Cloud computing: Principles and paradigms. John Wiley & Sons.
- Chen, J., Su, C., Yeh, K. H., and Yung, M. (2018) Special issue on advanced persistent threat. Future Generation Computer Systems, 79, 243-246.
- Gjerstad, J. L. (2022) Generating labelled network datasets of APT with the MITRE CALDERA framework. MSc. University of Oslo.
- Karabacak, B., & Whittaker, T. (2022, March). Zero Trust and Advanced Persistent Threats: Who Will Win the War?. In International Conference on Cyber Warfare and Security (Vol. 17, No. 1, pp. 92-101
- Khaleefa, E. J., and Abdulah, D. A. (2022) Concept and difficulties of advanced persistent threats (APT): Survey. International Journal of Nonlinear Analysis and Applications, 13(1), 4037-4052.
- Khalid, M. I., Ehsan, I., Al-Ani, A. K., Iqbal, J., Hussain, S., & Ullah, S. S. (2023). A comprehensive survey on blockchain-based decentralized storage networks. IEEE Access, 11, 10995-11015.
- Khan, S., Nicho, M., and Takruri, H. (2016) IT controls in the public cloud: Success factors for allocation of roles and responsibilities. Journal of information technology case and application research, 18(3), 155-180.
- Knapp, K. J., Denney, G. D., & Barner, M. E. (2011). Key issues in data center security: An investigation of government audit reports. Government Information Quarterly, 28(4), 533-541.
- Kumar, R., Kela, R., Singh, S., and Trujillo-Rasua, R. (2022) APT attacks on industrial control systems: A tale of three incidents. International Journal of Critical Infrastructure Protection, 37, 100521.
- Li, M., Huang, W., Wang, Y., Fan, W., and Li, J. (2016) The study of APT attack stage model. In 2016 IEEE/ACIS 15th International Conference on Computer and Information Science (ICIS) (pp. 1-5). IEEE.
- Li, Y., Zhang, T., Li, X., and Li, T. (2019) A model of APT attack defense based on cyber threat detection. In Cyber Security: 15th International Annual Conference, CNCERT 2018, Beijing, China, August 14–16, 2018, Revised Selected Papers 15 (pp. 122-135). Springer Singapore.
- Singh, A. K., Koshy, A. S., & Gupta, M. (2023). Cloud Computing for Machine Learning and Cognitive Application. In Cloud-based Intelligent Informative Engineering for Society 5.0 (pp. 107-121). Chapman and Hall/CRC.
- Sun, Y., Zhang, J., Xiong, Y., & Zhu, G. (2014). Data security and privacy in cloud computing. International Journal of Distributed Sensor Networks, 10(7), 190903.
- Taherdoost, H. (2022). Cybersecurity vs. Information Security. Procedia Computer Science, 215, 483-487.
- Wang X., Zheng, K., Xinxin N., Bin, W. and Wu, C. (2016) Detection of command and control in advanced persistent threat based on independent access. IEEE International Conference on Communications (ICC). IEEE.
- Xiao, L., Xu, D., Xie, C., Mandayam, N. B., & Poor, H. V. (2017). Cloud storage defense against advanced persistent threats: A prospect theoretic study. IEEE Journal on Selected Areas in Communications, 35(3), 534-544.
- Xu, M., & Buyya, R. (2020). Managing renewable energy and carbon footprint in multi-cloud computing environments. Journal of Parallel and Distributed Computing, 135, 191-202.
- Zulkefli, Z., Singh, M. M., & Malim, N. H. A. H. (2015). Advanced persistent threat mitigation using multi level security–access control framework. In Computational Science and Its Applications--ICCSA 2015: 15th International Conference, Banff, AB, Canada, June 22-25, 2015, Proceedings, Part IV 15 (pp. 90-105). Springer International Publishing.
The rapid advancement in cloud computing
technology is continually evolving, with threat actors
refining their tactics, exploiting new vulnerabilities, and
expanding their influence. This dynamic environment
exposes cloud infrastructure to emerging cyber-attacks,
including Advanced Persistent Threats (APT), impacting
both customers and service providers. Understanding the
gap in APT detection literature is crucial for researchers.
The research aims to comprehensively understand APTs'
influence on cloud security, analyse existing approaches,
emulate adversary plans, simulate attacks using Mitre
Caldera, employ Snort for detection, and utilise the
Nessus vulnerability scanning tool.
The study addresses critical questions about APTs'
exploitation of cloud environments, strengths and
weaknesses of mitigation methods, impacts of successful
APT attacks, vulnerabilities in cloud infrastructures, and
techniques for detecting APTs. The findings underscore
the intricate interplay between APT activities and cloud
environments, emphasising the need for robust detection
and mitigation strategies. The combination of APT
simulation, vulnerability assessment, and detection
mechanism analysis yields invaluable insights into the
evolving threat landscape within cloud ecosystems. As
organisations increasingly embrace cloud technologies,
the lessons from this study contribute substantially to the
ongoing discourse on fortifying cloud security against
persistent and evolving cyber threats.
Keywords :
Advanced Persistent Threats (APT), Cloud Security, Emulation, Mitre Caldera, Vulnerability Scanning, Adversary Emulation.