Overview
Explore the risks and vulnerabilities associated with IP reuse on public cloud platforms in this 21-minute IEEE conference talk. Delve into the concept of cloud squatting, learn about measuring IP reuse through bottom-up approaches, and understand the types of latent configurations that can lead to security issues. Examine the characterization of cloud IP reuse, vulnerable cloud services, and exploitable third-party services. Discover the implications for domain names and learn about the disclosures made to cloud providers. Gain insights into potential defenses, mitigations, and actions taken by Amazon to address these concerns.
Syllabus
Intro
Public Clouds: Disruption at Scale
Vulnerabilities due to Resource Sharing
Issue: Resource Reuse
Cloud Internet Telescope
Cloud Squatting: Vulnerability at Scale
Measuring IP Reuse: Bottom-Up
Characterizing Cloud IP Reuse
Types of Latent Configuration
Measuring Cloud Services
Cloud Services are Vulnerable
Filtering Third-Party Services
Exploitable third-party services
Vulnerable Domain Names
Disclosures and Root Causes
Defenses and Mitigations
Amazon Actions
Taught by
IEEE Symposium on Security and Privacy