CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
ALCOL: Probabilistic Threat Modelling of the Amazon Elastic Container Service Domain
KTH, School of Electrical Engineering and Computer Science (EECS).
2019 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesisAlternative title
ALCOL : Probabilistisk hotmodellering av Amazon Elastic Container Service miljön (Swedish)
Abstract [en]

Cloud computing is becoming an increasingly popular computation model for IT-infrastructures which has changed the notion of computing resources. Another concept that has become popular is containers which provides the capability to run applications isolated from each other while sharing the host’s operating system kernel. These two concepts have been combined to run containerised environments in the cloud, a cloud service type which has become popular among customers. The increased deployment of IT-infrastructures built on cloud environments running containers results in an increased exposure to cyber attacks within this domain which requires that proper security measures are taken.

Assessing the security of a system can, however, be difficult. Attack simulations can be used to provide an overview of how an adversary can attack the system to simplify this task. This thesis proposes a probabilistic threat modelling language which can be used to simulate attacks against infrastructures based on Amazon Elastic Container Service (ECS), a cloud service provided by Amazon Web Services which allow customers to run containerised applications in the cloud. The language, called ALCOL (Amazon eLastic COntainer Language), is based on the Meta Attack Language and the domain-specific language AWSLang.

The language was developed using multiple literature studies to discover the different components in Amazon ECS that should be modelled in the language, as well as the different attacks possible to perform against Amazon ECS infrastructures. The language was evaluated using test cases representing different attack scenarios and also through an interview with a domain expert.

The developed language is able to accurately simulate cyber attacks against Amazon ECS infrastructures, although with some limitations, which lead to propositions for future research.

Abstract [sv]

Molntjänster blir en alltmer populär beräkningsmodell för IT-infrastrukturer vilket har ändrat uppfattningen kring innebörden av beräkningsresurser. Ett annat koncept som blivit populärt är containers vilket möjliggör exekvering av applikationer som är isolerade från varandra trots att de båda använder värddatorns operativsystemkärna. Dessa två koncept har blivit kombinerade till att exekvera containermiljöer i molnet, en molntjänst som blivit populär bland kunder. Den ökade driftsättningen av IT-infrastrukturer baserade på molnmiljöer som exekverar containers resulterar i en ökad exponering mot cyberattacker inom denna domän vilket kräver lämpliga säkerhetsåtgärder.

Att bedöma säkerheten i ett system kan däremot vara svårt. Attacksimuleringar kan användas för att förenkla denna process genom att ge en överblick av hur en attackerare kan attackera systemet. Detta examensarbete presenterar ett probabilistiskt hotmodelleringsspråk som kan användas för att simulera attacker mot infrastrukturer baserade på Amazon Elastic Container Service (ECS), en molntjänst som tillhandahålls av Amazon Web Services som möjliggör för användare att exekvera applikationer i containers i molnet. Språket, som kallas ALCOL (Amazon eLastic COntainer Language), är baserat på Meta Attack Language och det domänspecifika språket AWSLang.

Språket utvecklades genom att flera litteraturstudier gjordes för att undersöka vilka komponenter i Amazon ECS som skulle modelleras i språket samt för att hitta alla attacker som kan utföras mot infrastrukturer baserade på Amazon ECS. Språket evaluerades genom testfall som representerade olika attackscenarion samt genom en intervju med en domänexpert.

Det utvecklade språket kan på ett korrekt sätt simulera cyberattacker mot infrastrukturer baserade på Amazon ECS, dock med vissa begränsningar, vilket resulterade i förslag på framtida forskning.

Place, publisher, year, edition, pages
2019. , p. 82
Series
TRITA-EECS-EX ; 2019:500
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:kth:diva-261421OAI: oai:DiVA.org:kth-261421DiVA, id: diva2:1358409
External cooperation
Foreseeti AB
Supervisors
Examiners
Available from: 2019-10-08 Created: 2019-10-07 Last updated: 2019-10-08Bibliographically approved

Open Access in DiVA

fulltext(1494 kB)2 downloads
File information
File name FULLTEXT01.pdfFile size 1494 kBChecksum SHA-512
5cfa73d93ba1fea60bc8ed4f0aa16b3e7cc6b2d41da087eb28fcc2f84cb5eb8592146487ea7a220e7ebb7793f7d94c70ad18947671a66130438ebe376465c95e
Type fulltextMimetype application/pdf

By organisation
School of Electrical Engineering and Computer Science (EECS)
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 2 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 15 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf