A System for Detecting Malicious Insider Data Theft in IaaS Cloud Environments

The Cloud Security Alliance lists data theft and insider attacks as critical threats to cloud security. Our work puts forth an approach using a train, monitor, detect pattern which leverages a stateful rule based k-nearest neighbors anomaly detection technique and system state data to detect inside attacker data theft on Infrastructure as a Service (IaaS) nodes. We posit, instantiate, and demonstrate our approach using the Eucalyptus cloud computing infrastructure where we observe a 100 percent detection rate for abnormal login events and data copies to outside systems

A survey on security issues and solutions at different layers of Cloud computing

Cloud computing offers scalable on-demand services to consumers with greater flexibility and lesser infrastructure investment. Since Cloud services are delivered using classical network protocols and formats over the Internet, implicit vulnerabilities existing in these protocols as well as threats introduced by newer architectures raise many security and privacy concerns. In this paper, we survey the factors affecting Cloud computing adoption, vulnerabilities and attacks, and identify relevant solution directives to strengthen security and privacy in the Cloud environment

A survey of intrusion detection techniques in Cloud

Cloud computing provides scalable, virtualized on-demand services to the end users with greater flexibility and lesser infrastructural investment. These services are provided over the Internet using known networking protocols, standards and formats under the supervision of different managements. Existing bugs and vulnerabilities in underlying technologies and legacy protocols tend to open doors for intrusion. This paper, surveys different intrusions affecting availability, confidentiality and integrity of Cloud resources and services. It examines proposals incorporating Intrusion Detection Systems (IDS) in Cloud and discusses various types and techniques of IDS and Intrusion Prevention Systems (IPS), and recommends IDS/IPS positioning in Cloud architecture to achieve desired security in the next generation networks

Security Challenges from Abuse of Cloud Service Threat

Cloud computing is an ever-growing technology that leverages dynamic and versatile provision of computational resources and services. In spite of countless benefits that cloud service has to offer, there is always a security concern for new threats and risks. The paper provides a useful introduction to the rising security issues of Abuse of cloud service threat, which has no standard security measures to mitigate its risks and vulnerabilities. The threat can result an unbearable system gridlock and can make cloud services unavailable or even complete shutdown. The study has identified the potential challenges, as BotNet, BotCloud, Shared Technology Vulnerability and Malicious Insiders, from Abuse of cloud service threat. It has further described the attacking methods, impacts and the reasons due to the identified challenges. The study has evaluated the current available solutions and proposed mitigating security controls for the security risks and challenges from Abuse of cloud services threat

Detection Of Insider Attacks In Block Chain Network Using The Trusted Two Way Intrusion Detection System

For data privacy, system reliability, and security, Blockchain technologies have become more popular in recent years. Despite its usefulness, the blockchain is vulnerable to cyber assaults; for example, in January 2019 a 51% attack on Ethereum Classic successfully exposed flaws in the platform's security. From a statistical point of view, attacks represent a highly unusual occurrence that deviates significantly from the norm. Blockchain attack detection may benefit from Deep Learning, a field of study whose aim is to discover insights, patterns, and anomalies within massive data repositories. In this work, we define an trusted two way intrusion detection system based on a Hierarchical weighed fuzzy algorithm and self-organized stacked network (SOSN) deep learning model, that is trained exploiting aggregate information extracted by monitoring blockchain activities. Here initially the smart contract handles the node authentication. The purpose of authenticating the node is to ensure that only specific nodes can submit and retrieve the information. We implement Hierarchical weighed fuzzy algorithm to evaluate the trust ability of the transaction nodes. Then the transaction verification step ensures that all malicious transactions or activities on the submitted transaction by self-organized stacked network deep learning model. The whole experimentation was carried out under matlab environment. Extensive experimental results confirm that our suggested detection method has better performance over important indicators such as Precision, Recall, F-Score, overhead

Impact and key challenges of insider threats on organizations and critical businesses

The insider threat has consistently been identified as a key threat to organizations and governments. Understanding the nature of insider threats and the related threat landscape can help in forming mitigation strategies, including non-technical means. In this paper, we survey and highlight challenges associated with the identification and detection of insider threats in both public and private sector organizations, especially those part of a nation’s critical infrastructure. We explore the utility of the cyber kill chain to understand insider threats, as well as understanding the underpinning human behavior and psychological factors. The existing defense techniques are discussed and critically analyzed, and improvements are suggested, in line with the current state-of-the-art cyber security requirements. Finally, open problems related to the insider threat are identified and future research directions are discussed

Combating cyber attacks in cloud computing using machine learning techniques.

An extensive investigative survey on Cloud Computing with the main focus on gaps that is slowing down Cloud adoption as well as reviewing the threat remediation challenges. Some experimentally supported thoughts on novel approaches to address some of the widely discussed cyber-attack types using machine learning techniques. The thoughts have been constructed in such a way so that Cloud customers can detect the cyber-attacks in their VM without much help from Cloud service provide