The purpose of this directed project and related research was to demonstrate and catalog a new attack vector that utilizes cloud managed infrastructure. Cloud computing is a recent trend that is creating significant hype in the IT sector. Being that cloud computing is a new theme in the computing world, there are many security concerns that remain unknown and unexplored. The product of this directed project provides a documented taxonomy of the new attack vector and how to mitigate risk from this kind of attack.

The new attack vector creates efficiencies throughout the lifecycle of an attack and greatly reduces time and effort for the malicious user; however, efficiencies in time and effort are not the only characteristics of the demonstrated attack vector. This type of attack greatly increases the chance of success and reduces the odds of detection. All of these characteristics culminate to create a tool for the malicious user that is dangerous to every organization in existence.


information security, cloud enabled attack vector, security

Date of this Version



Computer Information Technology

Department Head

Jeffrey Whitten

Month of Graduation


Year of Graduation



Master of Science

Degree Type

Directed Project

Head of Graduate Program

Jeffrey Whitten

Advisor 1 or Chair of Committee

Phillip Rawles

Advisor 2

Anthony Smith

Committee Member 1

Raymond Hansen

Committee Member 2

Anthony Smith