@InProceedings{Manzoor:2022:Poster:MultiLayer,
    author = "Manzoor, Salman and Gouglidis, Antonios and Bradbury, Matthew and Suri, Neeraj",
    booktitle = "Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security",
    title = "{Poster: Multi-Layer Threat Analysis of the Cloud}",
    year = "2022",
    address = "Los Angeles, CA, USA",
    month = "7--11 November",
    pages = "3419--3421",
    publisher = "ACM",
    series = "CCS'22",
    abstract = "A variety of Threat Analysis (TA) techniques exist that typically target exploring threats to discrete assets (e.g., services, data, etc.) and reveal potential attacks pertinent to these assets. Furthermore, these techniques assume that the interconnection among the assets is static. However, in the Cloud, resources can instantiate or migrate across physical hosts at run-time, thus making the Cloud a dynamic environment. Additionally, the number of attacks targeting multiple assets/layers emphasizes the need for threat analysis approaches developed for Cloud environments. Therefore, this proposal presents a threat analysis approach that addresses multi-layer attacks. The proposed approach facilitates threat analysis by developing a technology-agnostic information flow model. It contributes to exploring a threat’s propagation across the operational stack of the Cloud and, consequently, assessing the security of the Cloud holistically.",
    doi = "10.1145/3548606.3563515",
    file = ":CCS2022-Cloud.pdf:PDF",
    isbn = "9781450394505",
    numpages = "3"
}