C. Phillips and L. P. Swiler, A graph-based system for network-vulnerability analysis, Proceedings of the 1998 workshop on New security paradigms, pp.71-79, 1998.

L. P. Swiler, C. Phillips, D. Ellis, and S. Chakerian, Computer-attack graph generation tool, DARPA Information Survivability Conference & Exposition II, 2001. DISCEX'01. Proceedings, vol.2, pp.307-321, 2001.

O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J. M. Wing, Automated generation and analysis of attack graphs, Proceedings. 2002 IEEE Symposium on, pp.273-284, 2002.

O. Sheyner and J. Wing, Tools for generating and analyzing attack graphs, International Symposium on Formal Methods for Components and Objects, pp.344-371, 2003.

P. Ammann, J. Pamula, R. Ritchey, and J. Street, A host-based approach to network attack chaining analysis, Computer Security Applications Conference, p.10, 2005.

P. Ammann, D. Wijesekera, and S. Kaushik, Scalable, graph-based network vulnerability analysis, Proceedings of the 9th ACM Conference on Computer and Communications Security, pp.217-224, 2002.

S. Jajodia, S. Noel, and B. O'berry, Topological analysis of network attack vulnerability, Managing Cyber Threats, pp.247-266, 2005.

K. Ingols, R. Lippmann, and K. Piwowarski, Practical attack graph generation for network defense, Computer Security Applications Conference, 2006. ACSAC'06. 22nd Annual, pp.121-130, 2006.

, SDN Architecture -Open Networking Foundation

. Accessed, , p.135, 2019.

, Cloud management platform architecture

. Accessed, , 2019.

, Specification, OpenFlow Switch, V1. 3.1," tech. rep., Open Networking Foundation, 2012.

, Specification, OpenFlow Switch, V1. 5.1," tech. rep., Open Networking Foundation, 2015.

, AWS template -asynchronous online gaming

. Accessed, , 2019.

. Gartner, Gartner revenue prediction, 2018.

. Accessed, , 2019.

. Gartner, Gartner revenue prediction 2017

. Accessed, , 2019.

T. Garfinkel and M. Rosenblum, When virtual is harder than real: Security challenges in virtual machine based computing environments, HotOS, 2005.

K. Hashizume, D. G. Rosado, E. Fernández-medina, and E. B. Fernandez, An analysis of security issues for cloud computing, Journal of internet services and applications, vol.4, issue.1, p.5, 2013.

O. Abdelrahem, A. M. Bahaa-eldin, and A. Taha, Virtualization security: A survey, Computer Engineering & Systems (ICCES), 2016 11th International Conference on, pp.32-40, 2016.

J. Oberheide, E. Cooke, and F. Jahanian, Exploiting live virtual machine migration, BlackHat DC Briefings, 2008.

, Survey report: Behind the growing confidence in cloud security, tech. rep., MIT SMR Custom Studio, 2017.

M. Lipp, M. Schwarz, D. Gruss, T. Prescher, W. Haas et al., , 2018.

P. Kocher, D. Genkin, D. Gruss, W. Haas, M. Hamburg et al., Spectre attacks: Exploiting speculative execution, 2018.

K. Kortchinsky, Cloudburst: A vmware guest to host escape story, Black Hat USA, vol.19, 2009.

N. Poolsappasit, R. Dewri, and I. Ray, Dynamic security risk management using bayesian attack graphs, IEEE Transactions on Dependable and Secure Computing, vol.9, issue.1, pp.61-74, 2012.

S. Noel, S. Jajodia, L. Wang, and A. Singhal, Measuring security risk of networks using attack graphs, International Journal of Next-Generation Computing, vol.1, issue.1, pp.135-147, 2010.

L. Wang, S. Jajodia, A. Singhal, and S. Noel, k-zero day safety: Measuring the security risk of networks against unknown attacks, European Symposium on Research in Computer Security, pp.573-587, 2010.

S. Jha, O. Sheyner, and J. Wing, Two formal analyses of attack graphs, Computer Security Foundations Workshop, pp.49-63, 2002.

S. Noel and S. Jajodia, Optimal ids sensor placement and alert prioritization using attack graphs, Journal of Network and Systems Management, vol.16, issue.3, pp.259-275, 2008.

C. Liu, A. Singhal, and D. Wijesekera, Using attack graphs in forensic examinations, 2012 Seventh International Conference on, pp.596-603, 2012.

W. Kanoun, S. Papillon, and S. Dubus, Elementary risks: Bridging operational and strategic security realms, 11th International Conference on Signal-Image Technology & Internet-Based Systems, pp.278-286, 2015.

T. Garfinkel and M. Rosenblum, A virtual machine introspection based architecture for intrusion detection, Ndss, vol.3, pp.191-206, 2003.

B. Dolan-gavitt, T. Leek, M. Zhivich, J. Giffin, and W. Lee, Virtuoso: Narrowing the semantic gap in virtual machine introspection, p.2011

, IEEE Symposium on, pp.297-312, 2011.

B. D. Payne, Simplifying virtual machine introspection using libvmi, pp.43-44, 2012.

S. Rigas, G. Debrosses, K. Haralampidis, F. Vicente-angulo, K. A. Feldman et al., Trh1 encondes a potassium transporter required for tip growth in arabidopsis root hairs, The Plant Cell, vol.13, p.137, 2001.

R. Motamedi, R. Rejaie, and W. Willinger, A survey of techniques for internet topology discovery, IEEE Communications Surveys & Tutorials, vol.17, issue.2, pp.1044-1065, 2015.

B. Donnet and T. Friedman, Internet topology discovery: a survey, IEEE Communications Surveys and Tutorials, vol.9, issue.4, pp.2-15, 2007.
URL : https://hal.archives-ouvertes.fr/hal-01151820

C. Fraleigh, S. Moon, B. Lyles, C. Cotton, M. Khan et al., Packet-level traffic measurements from the sprint IP backbone, IEEE Network, vol.17, pp.6-16, 2003.

W. Tu, P. Thangaraj, J. Chiang, and T. Chiueh, Automated service discovery for enterprise network management, 2009.

B. Eriksson, P. Barford, and R. Nowak, Network Discovery from Passive Measurements, Proceedings of the ACM SIGCOMM 2008 Conference on Data Communication, SIG-COMM '08, pp.291-302, 2008.

W. Stallings, SNMP, SNMPv2, SNMPv3, and RMON 1 and 2

. Addison-wesley, , 1998.

Y. Breitbart, M. Garofalakis, B. Jai, C. Martin, R. Rastogi et al., Topology discovery in heterogeneous IP networks: the NetInventory system, IEEE/ACM Transactions on Networking, vol.12, pp.401-414, 2004.

B. Lowekamp, D. O'hallaron, and T. Gross, Topology Discovery for Large Ethernet Networks, Proceedings of the 2001 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, SIGCOMM '01, pp.237-248, 2001.

B. T. Nassu, T. Nanya, and E. P. Duarte, Topology discovery in dynamic and decentralized networks with mobile agents and swarm intelligence, Intelligent Systems Design and Applications, pp.685-690, 2007.

X. Jin, W. Yiu, G. S. Chan, and Y. Wang, Network topology inference based on endto-end measurements, IEEE Journal on Selected Areas in Communications, vol.24, issue.12, pp.2182-2195, 2006.

X. Jin, Y. Wang, and S. Chan, Fast overlay tree based on efficient end-to-end measurements, Communications, 2005. ICC 2005. 2005 IEEE International Conference on, vol.2, pp.1319-1323, 2005.

V. Jacobson, Traceroute software, p.138, 1988.

R. Siamwalla, R. Sharma, and S. Keshav, Discovering internet topology, 1998.

R. Bush, O. Maennel, M. Roughan, and S. Uhlig, Internet optometry: assessing the broken glasses in internet reachability, Proceedings of the 9th ACM SIGCOMM conference on Internet measurement, pp.242-253, 2009.

R. Beverly, A. Berger, and G. G. Xie, Primitives for active internet topology mapping: Toward high-frequency characterization, Proceedings of the 10th ACM SIGCOMM conference on Internet measurement, pp.165-171, 2010.

D. Mcrobb, K. Claffy, and T. Monk, Skitter: Caida's macroscopic internet topology discovery and tracking tool, 1999.

F. Georgatos, F. Gruber, D. Karrenberg, M. Santcroos, A. Susanj et al., Providing active measurements as a regular service for isps, 2001.

Y. Shavitt and E. Shir, Dimes: Let the internet measure itself, ACM SIGCOMM Computer Communication Review, vol.35, issue.5, pp.71-74, 2005.

B. Donnet, P. Raoult, T. Friedman, and M. Crovella, Efficient algorithms for large-scale topology discovery, ACM SIGMETRICS Performance Evaluation Review, vol.33, pp.327-338, 2005.
URL : https://hal.archives-ouvertes.fr/hal-01491665

B. Donnet, T. Friedman, and M. Crovella, Improved algorithms for network topology discovery, International Workshop on Passive and Active Network Measurement, pp.149-162, 2005.
URL : https://hal.archives-ouvertes.fr/hal-01487808

X. Ou, W. F. Boyer, and M. A. Mcqueen, A scalable approach to attack graph generation, Proceedings of the 13th ACM conference on Computer and communications security, pp.336-345, 2006.

X. Ou, S. Govindavajhala, and A. W. Appel, Mulval: A logic-based network security analyzer, USENIX Security Symposium, pp.8-8, 2005.

S. Zhong, D. Yan, and C. Liu, Automatic generation of host-based network attack graph, Computer Science and Information Engineering, vol.1, pp.93-98, 2009.

M. Dacier and Y. Deswarte, Privilege graph: an extension to the typed access matrix model, European Symposium on Research in Computer Security, p.139, 1994.

M. Dacier, Y. Deswarte, and M. Kaâniche, Quantitative assessment of operational security: Models and tools, pp.179-86, 1996.

S. Jajodia and S. Noel, Topological vulnerability analysis: A powerful new approach for network attack prevention, detection, and response," in Algorithms, architectures and information systems security, pp.285-305, 2009.

S. Jajodia and S. Noel, Topological vulnerability analysis, Cyber situational awareness, pp.139-154, 2010.

M. L. Artz, Netspa: A network security planning architecture, 2002.

R. W. Ritchey and P. Ammann, Using model checking to analyze network vulnerabilities, S&P 2000. Proceedings. 2000 IEEE Symposium on, pp.156-165, 2000.

C. Ramakrishnan and R. Sekar, Model-based analysis of configuration vulnerabilities 1, Journal of Computer Security, vol.10, issue.1-2, pp.189-209, 2002.

M. S. Barik, A. Sengupta, and C. Mazumdar, Attack graph generation and analysis techniques, Defence Science Journal, vol.66, issue.6, p.559, 2016.

J. T. Jing, L. W. Yong, D. M. Divakaran, and V. L. Thing, Augmenting mulval with automated extraction of vulnerabilities descriptions, Region 10 Conference, pp.476-481, 2017.

P. Rao, K. Sagonas, T. Swift, D. S. Warren, and J. Freire, Xsb: A system for efficiently computing well-founded semantics, International Conference on Logic Programming and Nonmonotonic Reasoning, pp.430-440, 1997.

A. Colmerauer, An introduction to prolog iii, Computational Logic, pp.37-79, 1990.

R. Lippmann, K. Ingols, C. Scott, K. Piwowarski, K. Kratkiewicz et al., Validating and restoring defense in depth using attack graphs, 2006.

, Accessed, 2019.

, Responsibilities in the cloud -microsoft developer website

. Accessed, , p.140, 2019.

R. J. Creasy, The origin of the vm/370 time-sharing system, IBM Journal of Research and Development, vol.25, issue.5, pp.483-490, 1981.

R. A. Meyer and L. H. Seawright, A virtual machine time-sharing system, IBM Systems Journal, vol.9, issue.3, pp.199-218, 1970.

P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris et al., Xen and the art of virtualization, ACM SIGOPS operating systems review, vol.37, pp.164-177, 2003.

A. Wang, M. Iyer, R. Dutta, G. N. Rouskas, and I. Baldine, Network virtualization: Technologies, perspectives, and frontiers, Journal of Lightwave Technology, vol.31, issue.4, pp.523-537, 2013.

J. Moy, Rfc 7348: Virtual extensible local area network (vxlan): A framework for overlaying virtualized layer 2 networks over layer 3 networks, Tech. Rep, 2014.

P. Garg and Y. Wang, Nvgre: Network virtualization using generic routing encapsulation, 2015.

J. Gross, T. Sridhar, P. Garg, C. Wright, I. Ganga et al., Geneve: Generic network virtualization encapsulation, 2014.

, SNIA technical tutorial -storage virtualization, tech. rep., Storage Networking Industry Association (SNIA)

. Accessed, , 2019.

R. Sherwood and N. Spring, Touring the internet in a tcp sidecar, Proceedings of the 6th ACM SIGCOMM conference on Internet measurement, pp.339-344, 2006.

B. Donnet, P. Raoult, T. Friedman, and M. Crovella, Deployment of an algorithm for largescale topology discovery, IEEE journal on selected areas in communications, vol.24, issue.12, pp.2210-2220, 2006.
URL : https://hal.archives-ouvertes.fr/hal-01152941

B. Fabian, A. Baumann, and J. Lackner, Topological analysis of cloud service connectivity, Computers and Industrial Engineering, vol.88, pp.151-165, 2015.

S. Paredes, N. N. El-aawar, G. R. Ratterree, T. J. Williamson, and T. Wagner, Virtualized connectivity in a cloud services environment, 2012.

A. Us-patent, , p.589

L. Velasco, A. Asensio, J. L. Berral, A. Castro, and V. López, Towards a carrier sdn: An example for elastic inter-datacenter connectivity, Optics express, vol.22, issue.1, p.141, 2014.

S. Chen, S. Nepal, and R. Liu, Secure connectivity for intra-cloud and inter-cloud communication, Parallel Processing Workshops (ICPPW), 2011 40th International Conference on, pp.154-159, 2011.

T. Mundt and J. Vetterick, Network topology analysis in the cloud, Proceedings on the International Conference on Internet Computing (ICOMP), p. 1, The Steering Committee of The World Congress in Computer Science, Computer, 2011.

T. Madi, S. Majumdar, Y. Wang, M. Pourzandi, and L. Wang, Auditing security Compliance of the Virtualized Infrastructure in the Cloud: Application to OpenStack, 6th ACM Conference on Data and Application Security and Privacy ACM CODASPY 2016, 2016.

S. Bleikertz, C. Vogel, and T. Gross, Cloud Radar: Near Real-Time Detection of Security Failures in Dynamic Virtualized Infrastructures, Annual Computer Security Applications Conference (ACSAC), 2014.

S. Bleikertz, T. Gross, M. Schunter, and K. Eriksson, Automated Information Flow Analysis of Virtualized Infrastructures, Proceedings of the 16th European Conference on Research in Computer Security, ESORICS'11, pp.392-415, 2011.

P. Dinadayalan, S. Jegadeeswari, and D. Gnanambigai, Data security issues in cloud environment and solutions, Computing and Communication Technologies (WCCCT), 2014 World Congress on, pp.88-91, 2014.

M. D. Ryan, Cloud computing security: The scientific challenge, and a survey of solutions, Journal of Systems and Software, vol.86, issue.9, pp.2263-2268, 2013.

H. Takabi, J. B. Joshi, and G. Ahn, Security and privacy challenges in cloud computing environments, IEEE Security & Privacy, issue.6, pp.24-31, 2010.

M. Ali, S. U. Khan, and A. V. Vasilakos, Security in cloud computing: Opportunities and challenges, Information sciences, vol.305, pp.357-383, 2015.

N. C. Paxton, Cloud security: a review of current issues and proposed solutions, Collaboration and Internet Computing (CIC), pp.452-455, 2016.

N. H. Rahman and K. R. Choo, A survey of information security incident handling in the cloud, Computers & Security, vol.49, pp.45-69, 2015.

N. Kheir, N. Cuppens-boulahia, F. Cuppens, and H. Debar, A service dependency model for cost-sensitive intrusion response, European Symposium on Research in Computer Security, p.142, 2010.
URL : https://hal.archives-ouvertes.fr/hal-01164601

A. Shameli-sendi, N. Ezzati-jivan, M. Jabbarifar, and M. Dagenais, Intrusion response systems: survey and taxonomy, Int. J. Comput. Sci. Netw. Secur, vol.12, issue.1, pp.1-14, 2012.

C. Chung, P. Khatkar, T. Xing, J. Lee, and D. Huang, Nice: Network intrusion detection and countermeasure selection in virtual network systems, IEEE transactions on dependable and secure computing, vol.10, issue.4, pp.198-211, 2013.

O. Mjihil, D. S. Kim, and A. Haqiq, Masat: Model-based automated security assessment tool for cloud computing, Information Assurance and Security (IAS), 2015 11th International Conference on, pp.97-103, 2015.

N. Alhebaishi, L. Wang, S. Jajodia, and A. Singhal, Threat modeling for cloud data center infrastructures, International Symposium on Foundations and Practice of Security, pp.302-319, 2016.

S. Bleikertz, M. Schunter, C. W. Probst, D. Pendarakis, and K. Eriksson, Security audits of multi-tier virtual infrastructures in public infrastructure clouds, Proceedings of the 2010 ACM workshop on Cloud computing security workshop, pp.93-102, 2010.

D. Perez-botero, J. Szefer, and R. B. Lee, Characterizing hypervisor vulnerabilities in cloud computing servers, Proceedings of the 2013 international workshop on Security in cloud computing, pp.3-10, 2013.

S. T. King and P. M. Chen, Subvirt: Implementing malware with virtual machines, Security and Privacy, 2006 IEEE Symposium on, p.14, 2006.

T. Katsuki, Crisis: The advanced malware, Internet security threat report-2013., Symantec Corporation, vol.18, 2012.

I. Studnia, E. Alata, Y. Deswarte, M. Kaâniche, and V. Nicomette, Survey of security problems in cloud computing virtual machines, Computer and Electronics Security Applications Rendez-vous (C&ESAR 2012, p.61, 2012.
URL : https://hal.archives-ouvertes.fr/hal-00761206

G. Pék, L. Buttyán, and B. Bencsáth, A survey of security issues in hardware virtualization, ACM Computing Surveys (CSUR), vol.45, issue.3, p.40, 2013.

J. S. Reuben, A survey on virtual machine security, Helsinki University of Technology, vol.2, issue.36, 2007.

P. Ferrie, Attacks on more virtual machine emulators, Symantec Technology Exchange, vol.55, p.143, 2007.

T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds, Proceedings of the 16th ACM conference on Computer and communications security, pp.199-212, 2009.

A. Gkortzis, S. Rizou, and D. Spinellis, An empirical analysis of vulnerabilities in virtualization technologies, Cloud Computing Technology and Science, p.2016

, IEEE International Conference on, pp.533-538, 2016.

F. Zhang, J. Chen, H. Chen, and B. Zang, Cloudvisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization, Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, pp.203-216, 2011.

T. Probst, Evaluation et analyse des mécanismes de sécurité des réseaux dans les infrastructures virtuelles de cloud computing

. Phd-thesis and . Toulouse, , 2015.

P. Mensah, S. Dubus, W. Kanoun, C. Morin, G. Piolle et al., Connectivity graph reconstruction for networking cloud infrastructures, 2017 IEEE 16th International Symposium on, pp.1-9, 2017.
URL : https://hal.archives-ouvertes.fr/hal-01612988

P. R. Halmos and A. H. Book, Graduate Texts in Mathematics

. Springer, , 1971.

J. Bang-jensen and G. Z. Gutin, Digraphs: theory, algorithms and applications, 2008.

K. Oracle, Oracle and KPMG Cloud Threat Report, tech. rep., Oracle and KPMG, 2018.

X. Ou and A. Singhal, Attack graph techniques," in Quantitative Security Risk Assessment of Enterprise Networks, pp.5-8, 2012.

L. Piètre-cambacédès and M. Bouissou, The promising potential of the bdmp formalism for security modeling, Proceedings of the 39th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2009.

S. Kriaa, M. Bouissou, and L. Piètre-cambacédès, Modeling the stuxnet attack with bdmp: Towards more formal risk assessments, Risk and Security of Internet and Systems (CRiSIS), 2012 7th International Conference on, pp.1-8, 2012.
URL : https://hal.archives-ouvertes.fr/hal-01222960

, Apache cloudstack, 2019.

, Eucalyptus

. Accessed, , 2019.

, ONOS

. Accessed, , 2019.

, Opendaylight

. Accessed, , 2019.

, Neo4j

. Accessed, , 2019.

S. Jouili and V. Vansteenberghe, An empirical comparison of graph databases, 2013 International Conference on, pp.708-715, 2013.

R. Bolze, F. Cappello, E. Caron, M. Daydé, F. Desprez et al., Grid'5000: A large scale and highly reconfigurable experimental grid testbed, The International Journal of High Performance Computing Applications, vol.20, issue.4, pp.481-494, 2006.
URL : https://hal.archives-ouvertes.fr/hal-00684943

. Rightscale, State Of The Cloud Report, tech. rep, 2017.