*5.1. Lab Setup*

To demonstrate the attack we set up a test-bed that, on the one hand, mimicked a cloud environment with a Docker Swarm and multiple client's services; and, on the other hand, included a typical attackers' tool set.

Cloud nodes were simulated using virtual machines that ran the Ubuntu guest OS. We set up a Docker Swarm cluster in which all hosts were both manager and worker hosts. In addition, an external laptop was used as the attacking machine. The laptop ran the Kali Linux operating system version 2019.3.

One important tool that we used was the Metasploit framework [32], an open-source framework supporting various penetration testing tasks.

The lab's architecture is shown in Figure 4.

**Figure 4.** Diagram of the attack steps.
