A Large-scale Analysis of Cloud Service Abuse

Naoki Fukushi, Daiki Chiba, Mitsuaki Akiyama, Masato Uchida

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Cyber-attackers abuse cloud services as an infrastructure for their attacks. In a cloud service, the assigned Internet Protocol (IP) address for a server is owned by the cloud service provider. When the server is shut down, the assigned IP address is released and then assigned to another server in the same cloud service. Thus, cyber-attackers abusing cloud services pose a risk to legitimate service providers, developers, and end users of potentially being falsely blacklisted, which results in a poorer reputation for the service. In this study, we conducted a large-scale measurement of cloud service abuse using blacklisted IP addresses. Our analysis of four cloud services over 154 days using 39 blacklists revealed that a total of 61, 060 IP addresses from these cloud service providers were blacklisted, approximately 14, 000 IP addresses continue to be blacklisted, and approximately 5% are replaced daily. Moreover, our study revealed trends in attacks that abuse cloud services with respect to attack type, region, duration, and anti-abuse actions. Finally, we discussed recommendations for cloud service users, cloud service providers, and blacklist providers.

Original languageEnglish
Title of host publication2020 IEEE Conference on Communications and Network Security, CNS 2020
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781728147604
DOIs
Publication statusPublished - 2020 Jun
Event2020 IEEE Conference on Communications and Network Security, CNS 2020 - Virtual, Online, France
Duration: 2020 Jun 292020 Jul 1

Publication series

Name2020 IEEE Conference on Communications and Network Security, CNS 2020

Conference

Conference2020 IEEE Conference on Communications and Network Security, CNS 2020
CountryFrance
CityVirtual, Online
Period20/6/2920/7/1

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality
  • Control and Optimization

Fingerprint Dive into the research topics of 'A Large-scale Analysis of Cloud Service Abuse'. Together they form a unique fingerprint.

Cite this