Use this URL to cite or link to this record in EThOS:
Title: Detecting cloud virtual network isolation security for data leakage
Author: Al Nasseri, Haifa Mohamed
ISNI:       0000 0004 7960 8122
Awarding Body: University of St Andrews
Current Institution: University of St Andrews
Date of Award: 2019
Availability of Full Text:
Access from EThOS:
Access from Institution:
This thesis considers information leakage in cloud virtually isolated networks. Virtual Network (VN) Isolation is a core element of cloud security yet research literature shows that no experimental work, to date, has been conducted to test, discover and evaluate VN isolation data leakage. Consequently, this research focussed on that gap. Deep Dives of the cloud infrastructures were performed, followed by (Kali) penetration tests to detect any leakage. This data was compared to information gathered in the Deep Dive, to determine the level of cloud network infrastructure being exposed. As a major contribution to research, this is the first empirical work to use a Deep Dive approach and a penetration testing methodology applied to both CloudStack and OpenStack to demonstrate cloud network isolation vulnerabilities. The outcomes indicated that Cloud manufacturers need to test their isolation mechanisms more fully and enhance them with available solutions. However, this field needs more industrial data to confirm if the found issues are applicable to non-open source cloud technologies. If the problems revealed are widespread then this is a major issue for cloud security. Due to the time constraints, only two cloud testbeds were built and analysed, but many potential future works are listed for analysing more complicated VN, analysing leveraged VN plugins and testing if system complexity will cause more leakage or protect the VN. This research is one of the first empirical building blocks in the field and gives future researchers the basis for building their research on top of the presented methodology and results and for proposing more effective solutions.
Supervisor: Duncan, Ishbel Mary Macdonald Sponsor: Ministry of Manpower, Oman
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
Keywords: Cloud computing ; Virtual network ; Security ; Virtual network isolation ; DeepDive ; Penetration testing ; Cloud virtual network ; QA76.585A6 ; Computer networks--Security measures ; Virtual computer systems