Faculty Advisor

Sarkozy, Gabor N

Faculty Advisor

Selkow, Stanley M.

Project Center

Budapest, Hungary


In this study, we reassess vulnerability assessment in the Cloud and develop the open-source 'cvaFrame' framework. This framework reports to the cloud administrator, vulnerabilities and exploits discovered in virtual images. Our contribution to the cloud vulnerability assessment research community is our framework. We build our framework on top of existing tools like Metasploit and OpenVAS and implement it in an existing cloud service 'OpenNebula', to prove that our system works. We tested our software in a production cloud and it was able to find vulnerabilities and exploits hiding in dormant virtual machine images. At this date, we believe we are the first to develop an open-source framework that performs vulnerability assessment within the cloud on dormant images.


Worcester Polytechnic Institute

Date Accepted

April 2012


Computer Science

Project Type

Major Qualifying Project



Advisor Department

Computer Science