Cloud platform comparison for malware development
Authors
Date
2019Copyright
This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
The cloud platforms such as AWS, Google Cloud or Azure are designed to cover most popular cases in terms of web development. They provide services that make it easy to create a new user based on his email address, provide tools for inter-service communication, tools to manage the access rights of different users. Malware and botnet development however is more of a corner case, where the client application running on the victim’s machine does not have an email address or a google account to authenticate itself and it does not run directly in the cloud, what can make it more difficult to manage the appropriate access rights. Also, the potential attacker may not want to write his own selfcontained service, since, especially when managing a large number of clients, it might be much cheaper to run the backend serverlessly. The big security companies always aim to lower the cost of development and maintenance of bots in order to provide their customers with their penetration expertise faster and cheaper. The paper collects he data through the compilation of scientific publications regarding the botnet architecture and communication, as well as technical documentations regarding each of the cloud platforms discussed in the paper. Additionally proofs of concept are implemented for each of the proposed architecture in order to verify the validity of the approach, as well as measure the performance of the proposed solution and uncover hidden costs related to running the application in the cloud.
The following paper explores possible malware backend architectures for different cloud platforms, aiming to optimise the performance, minimize the development time while keeping the code easy to maintain and to minimize the execution cost. After implementing proofs of concept for the standalone server-based CnC application as well as serverless running on GCP, AWS and Azure, it has been concluded that Azure is in fact the best platform for this sort of implementation due to simplicity of the architecture as well as ease of the implementation, while halving the execution costs compared to the standalone approach.
...
Keywords
Metadata
Show full item recordCollections
- Pro gradu -tutkielmat [28107]
Related items
Showing items with similar title or keywords.
-
SHAPES secure cloud platform for healthcare solutions and services
Rajamäki, Jyri; Hummelholm, Aarne (Academic Conferences International, 2020)The SHAPES project is an ambitious endeavour that gathers stakeholders from across Europe to create, deploy and pilot at large-scale a EU-standardised open platform incorporating and integrating a broad range of solutions, ... -
IoT -based adversarial attack's effect on cloud data platform services in a smart building context
Vähäkainu, Petri; Lehto, Martti; Kariluoto, Antti (Academic Conferences International, 2020)IoT sensors and sensor networks are widely employed in businesses. The common problem is a remarkable number of IoT device transactions are unencrypted. Lack of correctly implemented and robust defense leaves the organization's ... -
Dynamic aspects of industrial middleware architectures
Nikitin, Sergiy (University of Jyväskylä, 2011) -
Cross platform mobile application development : a comparison study of React Native Vs Flutter
Fentaw, Awel Eshetu (2020)With a dramatic increase in the usage of handheld devices such as smartphones and tablets, it became a matter of existence for businesses if they do not deliver their services to address mobile users. One critical problem ... -
Detection techniques of common malware features : a systematic review
Veini, Tuuli (2023)Tarkkojen ja vakaiden haittaohjelmatunnistimien luominen on välttämätöntä haittaohjelmien kehittyessä jatkuvasti. Tässä pro gradu -tutkielmassa suoritettiin systemaattinen kirjallisuuskatsaus tyypillisten haittaohjelmapiirteiden ...