Faculty Advisor

Sarkozy, Gabor N

Faculty Advisor

Selkow, Stanley M.

Center

BUDAPEST / Budapest, Hungary

Abstract

In this study, we reassess vulnerability assessment in the Cloud and develop the open-source 'cvaFrame' framework. This framework reports to the cloud administrator, vulnerabilities and exploits discovered in virtual images. Our contribution to the cloud vulnerability assessment research community is our framework. We build our framework on top of existing tools like Metasploit and OpenVAS and implement it in an existing cloud service 'OpenNebula', to prove that our system works. We tested our software in a production cloud and it was able to find vulnerabilities and exploits hiding in dormant virtual machine images. At this date, we believe we are the first to develop an open-source framework that performs vulnerability assessment within the cloud on dormant images.

Publisher

Worcester Polytechnic Institute

Date Accepted

April 2012

Major

Computer Science

Project Type

Major Qualifying Project

Accessibility

Unrestricted

Advisor Department

Computer Science

Share

COinS