Implicit Sensor-based Authentication of Smartphone Users with Smartwatch

Smartphones are now frequently used by end-users as the portals to cloud-based services, and smartphones are easily stolen or co-opted by an attacker. Beyond the initial log-in mechanism, it is highly desirable to re-authenticate end-users who are continuing to access security-critical services and data, whether in the cloud or in the smartphone. But attackers who have gained access to a logged-in smartphone have no incentive to re-authenticate, so this must be done in an automatic, non-bypassable way. Hence, this paper proposes a novel authentication system, iAuth, for implicit, continuous authentication of the end-user based on his or her behavioral characteristics, by leveraging the sensors already ubiquitously built into smartphones. We design a system that gives accurate authentication using machine learning and sensor data from multiple mobile devices. Our system can achieve 92.1% authentication accuracy with negligible system overhead and less than 2% battery consumption.Comment: Published in Hardware and Architectural Support for Security and Privacy (HASP), 201

Analysis of technical implementations of security processes for cloud computing services

Створення автоматизованої системи аналізу журналів для виявлення аномалій і загроз безпеки в комп'ютерній системі // Кваліфікаційна робота ОР «Бакалавр» //Микитюк Тарас Володимирович// Тернопільський національний технічний університет імені Івана Пулюя, факультет комп’ютерно-інформаційних систем і програмної інженерії, кафедра кібербезпеки, група СБ-41 // Тернопіль, 2023 // С. – 52, рис. – 25, ліст. – 3.Парадигма хмарних обчислень стала основним рішенням для розгортання бізнес-процесів і програм. У загальнодоступному хмарному баченні послуги інфраструктури, платформи та програмного забезпечення надаються споживачам (тобто клієнтам і постачальникам послуг) на основі оплати за використання. Орендарі хмари можуть використовувати хмарні ресурси за нижчими цінами, з вищою продуктивністю та гнучкістю, ніж традиційні локальні ресурси, не турбуючись про керування інфраструктурою. Тим не менш, орендарі хмари залишаються стурбовані рівнем обслуговування хмари та нефункціональними властивостями, на які можуть розраховувати їхні програми. В останні кілька років дослідницьке співтовариство зосередилося на нефункціональних аспектах парадигми хмари, серед яких виділяється безпека хмари. Дослідження в цій роботі зосереджено на інтерфейсі між безпекою в хмарі та процесами забезпеченням безпеки в хмарі. По-перше, пропонується огляд рівня безпеки в хмарі. Потім подано поняття забезпечення безпеки хмари та аналіз його зростаючого впливу. В роботі наведено ряд рекомендацій стосовно безпеки при використанні хмарних обчислень.The cloud computing paradigm has become the primary solution for deploying business processes and applications. In the public cloud vision, infrastructure, platform, and software services are provided to tenants (i.e., customers and service providers) on a actually utilized services fee basis. Cloud clients can use cloud resources at lower prices, with higher performance and flexibility than traditional on-premises resources. They do not worry about infrastructure management. However, cloud tenants remain concerned about cloud service levels and the non-functional features their applications can expect. Recent few years, the major researches was focused on the non-functional aspects of the cloud computing paradigm, with cloud security standing out. The research in this paper focuses on the interface between cloud security and cloud security processes. First, we provide an overview of the current state of cloud security. We then introduce the concept of cloud security and analyze its growing impact. The work gives a number of recommendations regarding security when using cloud computing for development.ВСТУП ... 7 РОЗДІЛ 1. АНАІЗ ПРОБЛЕМИ ФОРМУВАННЯ ВИМОГ В РОЗПОДІЛЕНИХ КОМАНДАХ ... 9 1.1 Критерії відбору ... 9 1.2 Виділення характеристик безпеки хмарних обчислень ... 10 1.3 Висновки до розділу ... 12 РОЗДІЛ 2. АНАЛІЗ ПУБЛІКАЦІЙ ВІДПОВІДНО ДО КЛАСИФІКАЦІЇ ... 13 2.1 Вразливості, загрози та атаки ... 13 2.1.1 Рівень програми ... 13 2.1.2 Рівень клієнт-клієнт ... 14 2.1.3 Рівень провайдер-клієнт та клієнт-провайдер ... 15 2.2 Безпека хмарних сервісів ... 16 2.2.1 Шифрування ... 17 2.2.2 Сигнатури ... 20 2.2.3 Управління доступом ... 21 2.2.4 Аутентифікація ... 23 2.2.5 Довірені обчислення ... 23 2.2.6 IDS/IPS ... 24 2.2.7 Узагальнення огляду методик забезпечення безпеки в хмарі ... 27 2.3 Забезпечення безпеки ... 27 2.3.1 Тестування ... 30 2.3.2 Моніторинг ... 30 2.3.3 Атестація ... 31 2.3.4 Хмарний аудит/відповідність ... 32 2.3.5 Угода про рівень обслуговування (SLA) ... 33 2.3.6 Узагальнення методів гарантування безпеки ... 34 2.4 Узагальнення результатів огляду літературних джерел ... 34 РОЗДІЛ 3. БЕЗПЕКА ЖИТТЄДІЯЛЬНОСТІ, ОСНОВИ ОХОРОНИ ПРАЦІ ... 41 3.1 Охорона праці та її актуальність в ІТ-сфері ... 41 3.2 Шкідлива дія шуту та вібрації і захист від неї ... 45 ВИСНОВОК ... 51 ПЕРЕЛІК ПОСИЛАНЬ ... 5

Pattern Analytical Module for EDOS Attacker Recognition

Abstract: Cloud computing has provided a platform to its users where they are charged on the basis of usage of the cloud resources; this is known as "pay-as-you-use". Today, Cloud computin

Security Challenges from Abuse of Cloud Service Threat

Cloud computing is an ever-growing technology that leverages dynamic and versatile provision of computational resources and services. In spite of countless benefits that cloud service has to offer, there is always a security concern for new threats and risks. The paper provides a useful introduction to the rising security issues of Abuse of cloud service threat, which has no standard security measures to mitigate its risks and vulnerabilities. The threat can result an unbearable system gridlock and can make cloud services unavailable or even complete shutdown. The study has identified the potential challenges, as BotNet, BotCloud, Shared Technology Vulnerability and Malicious Insiders, from Abuse of cloud service threat. It has further described the attacking methods, impacts and the reasons due to the identified challenges. The study has evaluated the current available solutions and proposed mitigating security controls for the security risks and challenges from Abuse of cloud services threat

A survey of denial-of-service and distributed denial of service attacks and defenses in cloud computing

Cloud Computing is a computingmodel that allows ubiquitous, convenient and on-demand access to a shared pool of highly configurable resources (e.g., networks, servers, storage, applications and services). Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks are serious threats to the Cloud services’ availability due to numerous new vulnerabilities introduced by the nature of the Cloud, such as multi-tenancy and resource sharing. In this paper, new types of DoS and DDoS attacks in Cloud Computing are explored, especially the XML-DoS and HTTP-DoS attacks, and some possible detection and mitigation techniques are examined. This survey also provides an overview of the existing defense solutions and investigates the experiments and metrics that are usually designed and used to evaluate their performance, which is helpful for the future research in the domain

If you want to know about a hunter, study his prey: detection of network based attacks on KVM based cloud environments

Computational systems are gradually moving towards Cloud Computing Infrastructures, using the several advantages they have to offer and especially the economic advantages in the era of an economic crisis. In addition to this revolution, several security matters emerged and especially the confrontation of malicious insiders. This paper proposes a methodology for detecting the co-residency and network stressing attacks in the kernel layer of a Kvm-based cloud environment, using an implementation of the Smith-Waterman genetic algorithm. The proposed approach has been explored in a test bed environment, producing results that verify its effectiveness

Combating DDoS attacks in the cloud: Requirements, trends, and future directions

An overview of DDoS attacks against cloud targets is presented, together with solution requirements, and a guideline for efficient solutions, leading to a novel multilevel alert-flow. To orchestrate future solutions, we give a vision towards novel "Detection Near Impossible" attacks

Cyber-Storms Come from Clouds: Security of Cloud Computing in the IoT Era

The Internet of Things (IoT) is rapidly changing our society to a world where every "thing" is connected to the Internet, making computing pervasive like never before. This tsunami of connectivity and data collection relies more and more on the Cloud, where data analytics and intelligence actually reside. Cloud computing has indeed revolutionized the way computational resources and services can be used and accessed, implementing the concept of utility computing whose advantages are undeniable for every business. However, despite the benefits in terms of flexibility, economic savings, and support of new services, its widespread adoption is hindered by the security issues arising with its usage. From a security perspective, the technological revolution introduced by IoT and Cloud computing can represent a disaster, as each object might become inherently remotely hackable and, as a consequence, controllable by malicious actors. While the literature mostly focuses on security of IoT and Cloud computing as separate entities, in this article we provide an up-to-date and well-structured survey of the security issues of Cloud computing in the IoT era. We give a clear picture of where security issues occur and what their potential impact is. As a result, we claim that it is not enough to secure IoT devices, as cyber-storms come from Clouds

From security to assurance in the cloud: a survey

The cloud computing paradigm has become a mainstream solution for the deployment of business processes and applications. In the public cloud vision, infrastructure, platform, and software services are provisioned to tenants (i.e., customers and service providers) on a pay-as-you-go basis. Cloud tenants can use cloud resources at lower prices, and higher performance and flexibility, than traditional on-premises resources, without having to care about infrastructure management. Still, cloud tenants remain concerned with the cloud's level of service and the nonfunctional properties their applications can count on. In the last few years, the research community has been focusing on the nonfunctional aspects of the cloud paradigm, among which cloud security stands out. Several approaches to security have been described and summarized in general surveys on cloud security techniques. The survey in this article focuses on the interface between cloud security and cloud security assurance. First, we provide an overview of the state of the art on cloud security. Then, we introduce the notion of cloud security assurance and analyze its growing impact on cloud security approaches. Finally, we present some recommendations for the development of next-generation cloud security and assurance solutions