Sharing is Caring: Towards Analyzing Attack Surfaces on Shared Hosting Providers
- Abstract In this paper, we shed light on shared hosting services’ security and trust implications and measure their attack surfaces. To do so, we analyzed 30 shared hosters and found that all of them might leak relevant information, which could be abused unnoticed. An adversary could use this attack surface to covertly extract data from various third parties registered with a shared hoster. Furthermore, we found that most hosters suffer from vulnerabilities that can be used by an internal attacker (i.e., someone using the service) to compromise other hosted services or the entire system.
| Author: | Jan HörnemannORCiD, Norbert PohlmannORCiD, Tobias UrbanORCiD, Matteo Große-KampmannORCiD |
|---|---|
| DOI: | https://doi.org/10.18420/sicherheit2024_014 |
| Parent Title (English): | Sicherheit 2024. Lecture Notes in Informatics (LNI), Full Paper Session 7 – Netzwerk- und Softwaresicherheit. Worms. 09.-11.04.2024 |
| Publisher: | Gesellschaft für Informatik e.V. |
| Place of publication: | Bonn |
| Document Type: | Conference Proceeding |
| Language: | English |
| Date of Publication (online): | 2024/04/19 |
| Date of first Publication: | 2024/04/19 |
| Publishing Institution: | Westfälische Hochschule Gelsenkirchen Bocholt Recklinghausen |
| Release Date: | 2025/05/08 |
| Tag: | cloud computing; data leaks; shared hosting |
| Pagenumber: | 13 Seiten |
| First Page: | 217 |
| Last Page: | 229 |
| Departments / faculties: | Institute / Institut für Internetsicherheit |
| Licence (German): |  Creative Commons - Namensnennung - Nicht kommerziell |
