Date Added: Mar 2011
Many Cloud Service Providers (CSP) offer access to scalable, reliable computing resources following a pay-as-you-go model. Research into security of the Cloud focuses mainly on protecting legitimate users of Cloud services from attacks by external, malicious users. Little attention is given to prohibit malicious users from using the Cloud to launch attacks, such as those currently done by botnets. These attacks include launching a DDoS attack, sending spam and perpetrating click fraud. This paper discusses the threat of Cloud-based botnets, or botclouds and the need for new techniques to detect them. Two experiments show how simple and cheaply these attacks can be launched from botclouds.