A new focus on cloud infrastructure
Businesses and organisations do increasingly outsource their ICT services to cloud environments, mostly driven by considerations about costs, processes and security. In her PhD work Sousan Tarahomi is addressing a fundamental question: ‘Does the cloud really make us more secure,’ she wonders, ‘or is it merely changing the type of threads we are exposed to?’.
Although the motivation behind outsourcing varies, including easing processes and cost savings, improving security is one of the leading reasons for migrating to the cloud. Additionally, there is a growing trend towards building ”cloud on cloud” systems. Here, one cloud service (e.g. a cloud system for managing company finances) is built upon another cloud service (e.g. a provider of virtual machines).
Dominant players
Sousan Tarahomi studies the deeper coherence of cloud infrastructure. For good reasons: ‘As one moves further down the infrastructure stack, there is an increased likelihood of becoming reliant on one of the dominant players,’ she says.
In particular in the infrastructure-as-a-service (virtual machine) market, a small number of large players dominate the landscape, including Amazon, Cloudflare, and Microsoft. Since cloud providers offer various critical services such as DNS (Domain Name System) resolving, an attack on the cloud infrastructure can take down many other services that rely on that. The Domain Name System (DNS) is the phonebook of the Internet: humans access information online through domain names; DNS translates domain names into IP addresses.
Security risks
‘Our focus is on identifying vulnerabilities and single points of failure at the network and infrastructure level, using a data-driven approach,’ Sousan states. ‘This is a completely new approach in this research theme. By doing so, we contribute to a more comprehensive understanding of security risks in cloud environments.’
In the first phase of the research, Sousan delves deeply into fundamental questions: how is the cloud defined; how can it be characterized; and by what new methods of research can it be analysed?’ Using Open Intelligence as a tool, Sousan gains a deeper understanding of the market share and domination of the major cloud providers in different services such as DNS, mail and web hosting.
Conference
In a first publication at the NetSoft Conference in Madrid, in June 2023, Sousan’s research questions and research design were approved, specifying the testing method to detect clouds by open intelligence in combination with machine learning tools.
Sousan: ‘I am motivated to shed a new light on how people think about cloud identity and security issues. Relying on big providers is not a cure-all, in my opinion. On the contrary: small providers can be helpful to make businesses and organizations less vulnerable to business-threatening attacks and overall cybersecurity.’
‘It is still a long way to prove this convincingly,’ she says.‘The dynamics and impact of research determine my personal motivation. In this PhD project, it all comes together. Also for my future career I plan to find this balance again. A job in industry is especially interesting, in my experience, if the company or organization is open to develop new technologies and gives new research methods a fair chance. Working as an academic researcher could be fulfilling as well, if impact in society is a true motivation in addition to scientific publications.’
Would you like to tell something about your background?
I have a Bachelor's degree in Information Technology, and a master's degree in Secure Telecommunications.
Sousan worked on text steganography, covert channels and published a paper in machine learning and security, in collaboration with University of Padova.
How far along are you in your PhD program?
I am in the second year of my PhD, I started at Oct 2022.
Which faculty are you affiliated with?
EEMCS faculty/ DACS group: Design and Analysis of Communication Systems
Are you working full-time on your PhD research?
I am a full-time PhD researcher