3 Threat analysis in cloud computing
Cloud provides an ideal environment for botnets. First, cloud has rich
and elastic computing resources, such as storage, bandwidth and
processors, which are easy to access. Attackers can compromise a
cloud-based server as their C&C server or lease high performance
virtual machines with stolen credit card information. Second, hackers
can easily deploy C&C servers and stepping-stones in cloud, dynamically
change them to new domains, and delete their virtual images to remove
evidence of their activities. Third party VPNs, proxies and SSH
tunneling are commonly used stepping-stones, across which bot masters
access C&C server and hide their identities. Finally, clouds are
convenient for bot masters to select multiple cloud service providers in
multiple domains and countries, and that makes the trace back very
difficult.