A Novel Architecture for Self-Propagating Malicious Software within Cloud Infrastructures

Security within Cloud environments is a key issue for those both considering adopting the Cloud paradigm and those who already have. One reason for this is due to a lack of knowledge concerning security within the Cloud, mostly due to its novelty. This paper examines the feasibility of malware which may propagate around Cloud based infrastructures. The majority of Cloud infrastructure is built upon virtualization technology and as such the focus of this research is concerned with the security of such software so as to assess its appropriateness as an environment for self-propagating software. This is accomplished via an overview of malicious software and by reviewing vulnerabilities and attack vectors within the virtualization software. As a proof of concept a practical implementation of a worm is developed within a virtual network environment to emulate a Cloud. This concept is then adapted for Cloud based infrastructures where a solution design is proposed. The significance of the work is a novel architecture for self-propagating software within Cloud environments.