Threat Modeling for Cloud Data Center Infrastructures

  • Nawaf AlhebaishiEmail author
  • Lingyu Wang
  • Sushil Jajodia
  • Anoop Singhal
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10128)


Cloud computing has undergone rapid expansion throughout the last decade. Many companies and organizations have made the transition from traditional data centers to the cloud due to its flexibility and lower cost. However, traditional data centers are still being relied upon by those who are less certain about the security of cloud. This problem is highlighted by the fact that there only exist limited efforts on threat modeling for cloud data centers. In this paper, we conduct comprehensive threat modeling exercises based on two representative cloud infrastructures using several popular threat modeling methods, including attack surface, attack trees, attack graphs, and security metrics based on attack trees and attack graphs, respectively. Those threat modeling efforts provide cloud providers practical lessons and means toward better evaluating, understanding, and improving their cloud infrastructures. Our results may also imbed more confidence in potential cloud tenants by providing them a clearer picture about potential threats in cloud infrastructures and corresponding solutions.


Cloud Provider Cloud Infrastructure Authentication Server Domain Name System Attack Tree 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



The authors thank the anonymous reviewers for their valuable comments. This work was partially supported by the National Institutes of Standard and Technology under grant number 60NANB16D287, by the National Science Foundation under grant number IIP-1266147, and by Natural Sciences and Engineering Research Council of Canada under Discovery Grant N01035.


  1. 1.
    National vulnerability database. Accessed 20 Feb 2015
  2. 2.
    National Institute of Standards and Technology: Cloud Computing Service Metrics Description (2015). Accessed 17 June 2015
  3. 3.
    Adler, B.: Google Compute Engine Performance Test with RightScale and Apica (2013). Accessed 26 March 2016
  4. 4.
    Bakshi, K.: Cisco cloud computing-data center strategy, architecture, and solutions (2009).
  5. 5.
    Barr, J.: Building three-tier architectures with security groups (2010). Accessed 28 March 2016
  6. 6.
    Dahbur, K., Mohammad, B., Tarakji, A.B.: A survey of risks, threats and vulnerabilities in cloud computing. In: Proceedings of the 2011 International Conference on Intelligent Semantic Web-Services and Applications, ISWSA 2011, New York, NY, USA, pp. 12: 1–12: 6. ACM (2011)Google Scholar
  7. 7.
    Dewri, R., Ray, I., Poolsappasit, N., Whitley, D.: Optimal security hardening on attack tree models of networks: a cost-benefit analysis. Int. J. Inf. Secur. 11(3), 167–188 (2012)CrossRefGoogle Scholar
  8. 8.
    Edge, K.S., Dalton, G.C., Raines, R.A., Mills, R.F.: Using attack and protection trees to analyze threats and defenses to homeland security. In: MILCOM 2006–2006 IEEE Military Communications conference, pp. 1–7, October 2006Google Scholar
  9. 9.
    Frigault, M., Wang, L.: Measuring network security using Bayesian network-based attack graphs. In: 32nd Annual IEEE International Computer Software and Applications, COMPSAC 2008, pp. 698–703, July 2008Google Scholar
  10. 10.
    Grobauer, B., Walloschek, T., Stöcker, E.: Understanding cloud computing vulnerabilities. IEEE Secur. Priv. 9(2), 50–57 (2011)CrossRefGoogle Scholar
  11. 11.
    Gruschka, N., Jensen, M.: Attack surfaces: a taxonomy for attacks on cloud services. In: 2010 IEEE 3rd International Conference on Cloud Computing, pp. 276–279, July 2010Google Scholar
  12. 12.
    Hany, M.: VMware VSphere in the Enterprise. Accessed 05 Feb 2015
  13. 13.
    Ingalsbe, J.A., Shoemaker, D., Mead, N.R.: Threat modeling the cloud computing, mobile device toting, consumerized enterprise-an overview of considerations. In: AMCIS (2011)Google Scholar
  14. 14.
    Luna, J., Ghani, H., Germanus, D., Suri, N.: A security metrics framework for the cloud. In: 2011 Proceedings of the International Conference on Security and Cryptography (SECRYPT), pp. 245–250, July 2011Google Scholar
  15. 15.
    Manadhata, P., Wing, J.: An attack surface metric. IEEE Trans. Softw. Eng. 37(3), 371–386 (2011)CrossRefGoogle Scholar
  16. 16.
    Mell, P., Scarfone, K., Romanosky, S.: Common vulnerability scoring system. IEEE Secur. Priv. 4(6), 85–89 (2006)CrossRefGoogle Scholar
  17. 17.
    Openstack. Openstack Operations Guide. Accessed 27 Aug 2015
  18. 18.
    Ray, I., Poolsapassit, N.: Using attack trees to identify malicious attacks from authorized insiders. In: Vimercati, S.C., Syverson, P., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 231–246. Springer, Heidelberg (2005). doi: 10.1007/11555827_14 CrossRefGoogle Scholar
  19. 19.
    Saripalli, P., Walters, B.: Quirc: a quantitative impact and risk assessment framework for cloud security. In: 2010 IEEE 3rd International Conference on Cloud Computing, pp. 280–288, July 2010Google Scholar
  20. 20.
    Schneier, B.: Attack trees. Dr. Dobb’s J. 24(12), 21–29 (1999)Google Scholar
  21. 21.
    Shaikh, F.B., Haider, S.: Security threats in cloud computing. In: 2011 International Conference for Internet Technology and Secured Transactions (ICITST), pp. 214–219, December 2011Google Scholar
  22. 22.
    Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 273–284 (2002)Google Scholar
  23. 23.
    Squillace, R.: Azure infrastructure services implementation guidelines (2015). Accessed 28 March 2016
  24. 24.
    Wang, L., Islam, T., Long, T., Singhal, A., Jajodia, S.: An attack graph-based probabilistic security metric. In: Atluri, V. (ed.) DBSec 2008. LNCS, vol. 5094, pp. 283–296. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-70567-3_22 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Nawaf Alhebaishi
    • 1
    • 2
    Email author
  • Lingyu Wang
    • 1
  • Sushil Jajodia
    • 3
  • Anoop Singhal
    • 4
  1. 1.Concordia Institute for Information Systems EngineeringConcordia UniversityMontrealCanada
  2. 2.Faculty of Computing and Information TechnologyKing Abdulaziz UniversityJeddahSaudi Arabia
  3. 3.Center for Secure Information SystemsGeorge Mason UniversityFairfaxUSA
  4. 4.Computer Security DivisionNational Institute of Standards and TechnologyGaithersburgUSA

Personalised recommendations