Using Azure VMs for Research purposes

Question

Using Azure VMs for Research purposes

Bigboy-7680 20

Dear Community,

I am a research in computer security domain. I am considering to use Azure VM for my research. Before starting using it, I want to make sure my purposes is fully aligned with terms and usage.

I have two scenario for usage and need to know which one is fine. For first scenario, I want to host an internet facing customized application (web application or desktop application) on my server. Then wait to see what happens to it in reality. Will attackers are able to exploit it or not? My research is recording runtime behavior of attackers. We anticipate that attackers take advantage of VM resources including HDD(file system) and CPU(any cpu consumer application). Each experiment run will take around a 1 or 2 depending if it attracts anything. Is this usage aligned with Azure's terms and use?

I am using a customized forensic engine for recording runtime behavior of this application. Thus I am monitoring most possible side effects. For example, we will set BW limit to make sure no our machines will not contributes to long term DDoS.

Nikhil Duserla 8,015 Reputation points Microsoft External Staff Moderator

2025-01-06T17:41:33.85+00:00

Hi @Bigboy-7680,

Thank you for submitting your question to the Microsoft Q&A Platform. I am currently reviewing it and will respond shortly.

Accepted answer

0 additional answers

Your answer

Nikhil Duserla 8,015 Reputation points Microsoft External Staff Moderator

2025-01-06T17:41:33.85+00:00

Hi @Bigboy-7680,

Thank you for submitting your question to the Microsoft Q&A Platform. I am currently reviewing it and will respond shortly.

Answer 1

Nikhil Duserla 8,015 Microsoft External Staff Moderator

Hi @Bigboy-7680,

Thank you for your patience.

Based on your scenario, it seems like you want to use Azure VMs to host an internet-facing customized application and monitor its runtime behavior to see if attackers can exploit it. Knowing that your data is secure and protected in highly secure data centers, while an Azure virtual machine offers the advantages of virtualization without the need to purchase and manage the physical hardware.

This usage is aligned with Azure's terms and use, as long as you comply with Azure's Acceptable Use Policy and do not engage in any illegal or harmful activities.

It's important to note that Azure provides a secure and compliant cloud platform, but the security of your application ultimately depends on how you configure and manage it. You should follow Azure's security best practices and guidelines to ensure that your application is secure and protected against attacks.

All Microsoft employees are trained to identify and escalate potential security incidents. A dedicated team of security engineers within the Microsoft Security Response Center (MSRC) is responsible for always managing the security incident response for Azure.

With Azure, you can build security-enhanced, compliant solutions that:

Protect your virtual machines from viruses and malware.
Encrypt your sensitive data.
Secure network traffic.
Identify and detect threats.
Meet compliance requirements.

If the information is helpful, please consider by clicking the "Accept answer and Upvote" on the post.

Nikhil Duserla 8,015 Reputation points Microsoft External Staff Moderator

2025-01-08T13:54:26.51+00:00

Hi @Bigboy-7680,

Did you have a chance to check if the information provided above was helpful? If it was, please consider it a token of appreciation.

If you have any further questions, feel free to let us know.
Bigboy-7680 20 Reputation points

2025-01-09T03:07:16.18+00:00

Thanks for replying this question. For research purposes, can we also host vulnerable app (for example Apache+ vulnerable log4j plugin) for recording runtime behavior while we already know what part of application is vulnerable?
In another scenario, Do you have any specific environment for running malware? We want to use forensic engine for recording behavior of system. The experiment lifetime is super short (like 5min).

For sure, in two scenarios, our setup will not contribute to DDoS traffic and we will try to minimize the risk of illegal activity in the research.

Thanks.
Nikhil Duserla 8,015 Reputation points Microsoft External Staff Moderator

2025-01-09T16:23:51.95+00:00

Hi @Bigboy-7680,

Thank you for contacting us again.

It is typically permissible to host a vulnerable application on an Azure VM for research purposes, provided it aligns with Azure's terms and conditions. However, it is crucial to ensure that the vulnerable application does not create security risks for other users or the Azure platform. Additionally, you should implement proper security measures and continuously monitor the application for any potential attacks.

When it comes to running malware, Azure offers a range of security tools and features, such as Azure Security Center and Azure Defender, to help protect your virtual machines. However, running malware on an Azure VM is typically prohibited due to the potential security risks it may pose to other users and the platform. If you need to run malware for research, it is advisable to use a dedicated, isolated environment that is disconnected from the internet and does not threaten the security of other users or the Azure platform.

In both scenarios, it is important to ensure that your research is ethical, legal, and compliant with Azure's terms and usage.

If you have any further questions or concerns, please let me know. We are happy to assist you!

Share via

Using Azure VMs for Research purposes

0 additional answers

Your answer