This thesis seeks to leverage the advances in cloud computing in order to address modernsecurity threats, allowing for completely novel architectures that provide dramaticimprovements and asymmetric gains beyond what is possible using current approaches.Indeed, many of the critical security problems facing the Internet and its users are inadequatelyaddressed by current security technologies. Current security measures often are deployedin an exclusively network-based or host-based model, limiting their efficacy againstmodern threats. However, recent advancements in the past decade in cloud computing andhigh-speed networking have ushered in a new era of software services. Software servicesthat were previously deployed on-premise in organizations and enterprises are now beingoutsourced to the cloud, leading to fundamentally new models in how software services aresold, consumed, and managed.This thesis focuses on how novel software security services can be deployed that leveragethe cloud to scale elegantly in their capabilities, performance, and management. First,we introduce a novel architecture for malware detection in the cloud. Next, we proposea cloud service to protect modern mobile devices, an ever-increasing target for maliciousattackers. Then, we discuss and demonstrate the ability for attackers to leverage the samebenefits of cloud-centric services for malicious purposes. Next, we present new techniquesfor the large-scale analysis and classification of malicious software. Lastly, to demonstratethe benefits of cloud-centric architectures outside the realm of malicious software,we present a threshold signature scheme that leverages the cloud for robustness and resiliency.
【 预 览 】
附件列表
Files
Size
Format
View
Leveraging the Cloud for Software Security Services.