Poster: Multi-Layer Threat Analysis of the Cloud

Manzoor, Salman and Gouglidis, Antonios and Bradbury, Matthew and Suri, Neeraj (2022) Poster: Multi-Layer Threat Analysis of the Cloud. In: ACM Conference on Computer and Communications Security, 2022-11-07 - 2022-11-11.

[thumbnail of ACM_CCS__ThreatPro_Poster_]
Text (ACM_CCS__ThreatPro_Poster_)
ACM_CCS_ThreatPro_Poster_.pdf - Accepted Version
Available under License Creative Commons Attribution-NonCommercial.

Download (659kB)


A variety of Threat Analysis (TA) techniques exist that typically target exploring threats to discrete assets (e.g., services, data, etc.) and reveal potential attacks pertinent to these assets. Furthermore, these techniques assume that the interconnection among the assets is static. However, in the Cloud, resources can instantiate or migrate across physical hosts at run-time, thus making the Cloud a dynamic environment. Additionally, the number of attacks targeting multiple assets/layers emphasizes the need for threat analysis approaches developed for Cloud environments. Therefore, this proposal presents a novel threat analysis approach that specifically addresses multi-layer attacks. The proposed approach facilitates threat analysis by developing a technology-agnostic information flow model. It contributes to exploring a threat's propagation across the operational stack of the Cloud and, consequently, holistically assessing the security of the Cloud.

Item Type:
Contribution to Conference (Poster)
Journal or Publication Title:
ACM Conference on Computer and Communications Security
Additional Information:
© ACM, 2022. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security,
Uncontrolled Keywords:
Data Sharing Template/yes
?? yes ??
ID Code:
Deposited By:
Deposited On:
13 Jan 2023 15:50
Last Modified:
16 Jul 2024 08:04