Jia Xu,Jia Yan,Liang He,Purui Su,Dengguo Feng

DOI: https://doi.org/10.1109/CloudCom.2010.16

2010-01-01

Abstract:Massive Internet invasions implemented through the distributed platform fabricated by rapid diffusion of malwares, has become a significant issue in network security. We argue that the notion of “Collaborative Security” is an emerging trend in resisting distributed attacks originated from malware. Therefore, this paper proposes a new architecture: CloudSEC, for composing collaborative security-related services in clouds, such as correlated intrusion analysis, anti-spam, anti-DDOS, automated malware detection and containment. CloudSEC is modeled as a dynamic peer-to-peer overlay hierarchy with three types of top-down architectural components. Based on, this architecture, both data distribution and task scheduling overlays can be simultaneously implemented in a loosely coupled fashion, which can efficiently retrieve data resources from heterogeneous network security facilities, and harness distributed collection of computational resources to process data-intensive tasks. Hence, CloudSEC endues the network security infrastructure with the capability of dynamic adaptation and collaboration on an inter-organizational scale. The results of preliminary evaluation demonstrate that, CloudSEC not only delivers a sample service of distributed intrusion correlation with high scalability and robustness, but also achieves remarkable effectiveness in data sharing and task scheduling.

Hootan Alavizadeh,Hooman Alavizadeh,Julian Jang-Jaccard

DOI: https://doi.org/10.1109/trustcom50675.2020.00171

2020-12-01

Abstract:The cloud model allows many enterprises able to outsource computing resources at an affordable price without having to commit the expense upfront. Although the cloud providers are responsible for the security of the cloud, there are still many security concerns due to inherently complex model the cloud providers operate on (e.g.,multi-tenancy). In addition, the enterprises whose services have migrated into the cloud have a preference for their own cybersecurity situation awareness capability on top of the security mechanisms provided by the cloud providers. In this way, the enterprises can monitor the performance of the security offerings of the cloud and have a choice to decide and select potential response strategies more appropriate to the enterprise in the presence of the attack where the defense provided by the cloud doesn't work for them. However, some response strategies, such as Moving Target Defense (MTD) techniques shown to be effective to secure cloud, cannot be deployed by the enterprise themselves. In this paper, we propose a framework that enables better collaboration between enterprises and cloud providers. Our proposed framework, which offers more in-depth security analysis based on the set of most advanced security metrics, allows the security experts of the enterprise to obtain better situational awareness in the cloud. With better and more effective situation awareness of cloud security, our framework can support better decision-making and further allows to deploy more appropriate threat responses to protect the outsourced resources. We also propose a secure protocol which can facilitate more secure communication between the enterprises and cloud provider. Using our proposed secure protocol, which is based on authentication and key exchange mechanism, the enterprises can send a secure request to the cloud provider to perform a selected defensive strategy.

David W. Chadwick,Wenjun Fan,Gianpiero Costantino,Rogerio de Lemos,Francesco Di Cerbo,Ian Herwono,Mirko Manea,Paolo Mori,Ali Sajjad,Xiao-Si Wang

DOI: https://doi.org/10.1016/j.future.2019.06.026

IF: 7.307

2020-01-01

Future Generation Computer Systems

Abstract:Cyber-attacks affect every aspect of our lives. These attacks have serious consequences, not only for cyber-security, but also for safety, as the cyber and physical worlds are increasingly linked. Providing effective cyber-security requires cooperation and collaboration among all the entities involved. Increasing the amount of cyber threat information (CTI) available for analysis allows better prediction, prevention and mitigation of cyber-attacks. However, organizations are deterred from sharing their CTI over concerns that sensitive and confidential information may be revealed to others. We address this concern by providing a flexible framework that allows the confidential sharing of CTI for analysis between collaborators. We propose a five-level trust model for a cloud-edge based data sharing infrastructure. The data owner can choose an appropriate trust level and CTI data sanitization approach, ranging from plain text, through anonymization/pseudonymization to homomorphic encryption, in order to manipulate the CTI data prior to sharing it for analysis. Furthermore, this sanitization can be performed by either an edge device or by the cloud service provider, depending upon the level of trust the organization has in the latter. We describe our trust model, our cloud-edge infrastructure, and its deployment model, which are designed to satisfy the broadest range of requirements for confidential CTI data sharing. Finally we briefly describe our implementation and the testing that has been carried out so far by four pilot projects that are validating our infrastructure.

Victor Chang,Yen-Hung Kuo,Muthu Ramachandran

DOI: https://doi.org/10.1016/j.future.2015.09.031

IF: 7.307

2016-04-01

Future Generation Computer Systems

Abstract:This article presents a cloud computing adoption framework (CCAF) security suitable for business clouds. CCAF multilayered security is based on the development and integration of three major security technologies: firewall, identity management, and encryption based on the development of enterprise file sync and share technologies. This article presents the vision, related works, and views on security framework. Core technologies have been explained in detail, and experiments were designed to demonstrate the robustness of the CCAF multilayered security. In penetration testing, CCAF multilayered security could detect and block 99.95% viruses and trojans, and could achieve ≥85% of blocking for 100 h of continuous attack. Detection and blocking took <0.012s/trojan or virus. A full CCAF multilayered security protection could block all SQL (structured query language) injection, providing real protection to data. CCAF multilayered security did not report any false alarm. All F-measures for CCAF test results were ≥99.75%. The mechanism of blending of CCAF multilayered security with policy, real services, and business activities has been illustrated. Research contributions have been justified and CCAF multilayered security can be beneficial for volume, velocity, and veracity of big data services operated in the cloud.

Lei Zhou,Wei Qi Yan,Yun Shu,Jian Yu

DOI: https://doi.org/10.4018/IJDCF.2018010107

2018-01-01

Abstract:AbstractA large amount of surveillance videos and images need sufficient storage. In this article, an architecture of cloud-based surveillance systems and its modules will be designed, the Cloud-based Visual Surveillance System CVSS will be implemented on a private cloud using a Virtual Machine VM. The users are able to link their cameras to the CVSS system so that the goal of this design can be achieved. The authors' CVSS system is able to push notification messages of captured videos to receivers, and their users could receive a surveillance video along with its events. The CVSS system fully makes use of the merits of cloud computing, which make it more advanced as stated in the evaluation section of this article. The contributions of this article are to be implemented in the CVSS system with: 1 video stream input, 2 intelligent visual surveillance, 3 real-time video transcoding and storage, 4 message pushing and media streaming output.

Victor Chang,Muthu Ramachandran

DOI: https://doi.org/10.1109/tsc.2015.2491281

IF: 11.019

2016-01-01

IEEE Transactions on Services Computing

Abstract:Offering real-time data security for petabytes of data is important for cloud computing. A recent survey on cloud security states that the security of users' data has the highest priority as well as concern. We believe this can only be able to achieve with an approach that is systematic, adoptable and well-structured. Therefore, this paper has developed a framework known as Cloud Computing Adoption Framework (CCAF) which has been customized for securing cloud data. This paper explains the overview, rationale and components in the CCAF to protect data security. CCAF is illustrated by the system design based on the requirements and the implementation demonstrated by the CCAF multi-layered security. Since our Data Center has 10 petabytes of data, there is a huge task to provide real-time protection and quarantine. We use Business Process Modeling Notation (BPMN) to simulate how data is in use. The use of BPMN simulation allows us to evaluate the chosen security performances before actual implementation. Results show that the time to take control of security breach can take between 50 and 125 hours. This means that additional security is required to ensure all data is well-protected in the crucial 125 hours. This paper has also demonstrated that CCAF multi-layered security can protect data in real-time and it has three layers of security: 1) firewall and access control; 2) identity management and intrusion prevention and 3) convergent encryption. To validate CCAF, this paper has undertaken two sets of ethical-hacking experiments involved with penetration testing with 10,000 trojans and viruses. The CCAF multi-layered security can block 9,919 viruses and trojans which can be destroyed in seconds and the remaining ones can be quarantined or isolated. The experiments show although the percentage of blocking can decrease for continuous injection of viruses and trojans, 97.43 percent of them can be quarantined. Our CCAF multi-layered security has an average of 20 percent better performance than the single-layered approach which could only block 7,438 viruses and trojans. CCAF can be more effective when combined with BPMN simulation to evaluate security process and penetrating testing results.

computer science, information systems, software engineering

Weiliang Luo,Li Xu,Zhenxin Zhan,Qingji Zheng,Shouhuai Xu

DOI: https://doi.org/10.1007/978-1-4614-3296-8_7

2013-08-01

Abstract:Cyber threats against clouds have evolved rapidly. Traditional reactive cyber defense technologies are not effective and sufficient to protect federated clouds. This chapter introduces the novel federated cloud security architecture that includes proactive cloud defense technologies for secure and agile cloud development. The federated security architecture consists of a set of seamlessly integrated systematic security mechanisms at the application layer, the network layer and the system layer in federated cloud computing environments. Features of the architecture include: (1) it is centered on proactive cyber defense; (2) it facilitates to detect early warning cyber attacks against at one layer and deploy early warning signs of attacks to other layers for countermeasures; (3) it uses command and control (C2) to coordinate both in-cloud and cross-cloud defense activities via federated cloud security centers.

Gang Shi,Yuechen Yang

DOI: https://doi.org/10.1088/1742-6596/2095/1/012046

2021-11-01

Journal of Physics: Conference Series

Abstract:Abstract In the process of analysing and processing terminal sensor information, a large number of terminal sensors are needed to collect front-end information. These front-end data collection, analysis and processing require high real-time, and need the support of location aware mobile computing services. Traditional cloud computing architecture is not the best choice for service scenarios with high real-time requirements. The fog computing architecture is to extend cloud computing services to the edge of the sensor network, coupled with appropriate fitness algorithms, can effectively improve the information analysis and early warning response speed of the geological disaster information early warning system.

Hongwei Jiang

DOI: https://doi.org/10.12694/scpe.v24i4.2069

2023-11-17

Abstract:Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources. User’s data is stored in large database. The stored data can be accessed and modified by the clients over the Internet. The data is monitored by the Third Party Auditor (TPA) on behalf of the client. Therefore, integrity is lacked by the data stored on the servers. The data integrity is ensured by the cloud services that provide trust to the privacy of users. Aiming at the urgent problem of network data security in cloud computing operations, this paper proposed a security situation assessment system to grasp the security situation in real time. A set of cloud computing network data storage security is proposed. Through this model, the extraction of network data storage security situation elements, the design of network data storage security situation assessment scheme and the calculation method of network data storage security situation value are completed. The experimental results show the error of the predicted value obtained by the network data storage security situation assessment system. The effectiveness of the system model and the superiority of the improved algorithm is verified by the experimental results. This paper uses the cloud model to predict the cloud computing network security situation. On the other hand, the security situation value obtained by the situation assessment process can be used directly without training the original situation value. Performance improvement by the proposed technique over existing technique is seen and it is observe that the proposed technique is 23% and 34% better than the existing techniques.

English Else

ZeYuan Fu

DOI: https://doi.org/10.1371/journal.pone.0271546

IF: 3.7

2022-10-07

PLoS ONE

Abstract:To improve the cybersecurity of Cloud Computing (CC) system. This paper proposes a Network Anomaly Detection (NAD) model based on the Fuzzy-C-Means (FCM) clustering algorithm. Secondly, the Cybersecurity Assessment Model (CAM) based on Grey Relational Grade (GRG) is creatively constructed. Finally, combined with Rivest Shamir Adleman (RSA) algorithm, this work proposes a CC network-oriented data encryption technology, selects different data sets for different models, and tests each model through design experiments. The results show that the average Correct Detection Rate (CDR) of the NAD model for different types of abnormal data is 93.33%. The average False Positive Rate (FPR) and the average Unreported Rate (UR) are 6.65% and 16.27%, respectively. Thus, the NAD model can ensure a high detection accuracy in the case of sufficient data. Meanwhile, the cybersecurity situation prediction by the CAM is in good agreement with the actual situation. The error between the average value of cybersecurity situation prediction and the actual value is only 0.82%, and the prediction accuracy is high. The RSA algorithm can control the average encryption time for very large text, about 12s. The decryption time is slightly longer but within a reasonable range. For different-size text, the encryption time is maintained within 0.5s. This work aims to provide important technical support for anomaly detection, overall security situation analysis, and data transmission security protection of CC systems to improve their cybersecurity.

multidisciplinary sciences

Hootan Alavizadeh,Hooman Alavizadeh,Dong Seong Kim,Julian Jang-Jaccard,Masood Niazi Torshiz

DOI: https://doi.org/10.48550/arXiv.1904.01758

2019-04-03

Abstract:Cloud service providers offer their customers with on-demand and cost-effective services, scalable computing, and network infrastructures. Enterprises migrate their services to the cloud to utilize the benefit of cloud computing such as eliminating the capital expense of their computing need. There are security vulnerabilities and threats in the cloud. Many researches have been proposed to analyze the cloud security using Graphical Security Models (GSMs) and security metrics. In addition, it has been widely researched in finding appropriate defensive strategies for the security of the cloud. Moving Target Defense (MTD) techniques can utilize the cloud elasticity features to change the attack surface and confuse attackers. Most of the previous work incorporating MTDs into the GSMs are theoretical and the performance was evaluated based on the simulation. In this paper, we realized the previous framework and designed, implemented and tested a cloud security assessment tool in a real cloud platform named UniteCloud. Our security solution can (1) monitor cloud computing in real-time, (2) automate the security modeling and analysis and visualize the GSMs using a Graphical User Interface via a web application, and (3) deploy three MTD techniques including Diversity, Redundancy, and Shuffle on the real cloud infrastructure. We analyzed the automation process using the APIs and showed the practicality and feasibility of automation of deploying all the three MTD techniques on the UniteCloud.

Cryptography and Security

Seoungmo An,Taehoon Eom,Jong Sou Park,Jin B. Hong,Armstrong Nhlabatsi,Noora Fetais,Khaled M. Khan,Dong Seong Kim

DOI: https://doi.org/10.48550/arXiv.1903.04271

2019-03-11

Abstract:Cloud computing has been adopted widely, providing on-demand computing resources to improve perfornance and reduce the operational costs. However, these new functionalities also bring new ways to exploit the cloud computing environment. To assess the security of the cloud, graphical security models can be used, such as Attack Graphs and Attack Trees. However, existing models do not consider all types of threats, and also automating the security assessment functions are difficult. In this paper, we propose a new security assessment tool for the cloud named CloudSafe, an automated security assessment for the cloud. The CloudSafe tool collates various tools and frameworks to automate the security assessment process. To demonstrate the applicability of the CloudSafe, we conducted security assessment in Amazon AWS, where our experimental results showed that we can effectively gather security information of the cloud and carry out security assessment to produce security reports. Users and cloud service providers can use the security report generated by the CloudSafe to understand the security posture of the cloud being used/provided.

Cryptography and Security

Ying Zhou,Guodong Zhao,Roobaea Alroobaea,Abdullah M. Baqasah,Rajan Miglani

DOI: https://doi.org/10.1515/jisys-2022-0037

2022-01-01

Journal of Intelligent Systems

Abstract:Abstract Due to the complexity and versatility of network security alarm data, a cloud-based network security data extraction method is proposed to address the inability to effectively understand the network security situation. The information properties of the situation are generated by creating a set of spatial characteristics classification of network security knowledge, which is then used to analyze and optimize the processing of hybrid network security situation information using cloud computing technology and co-filtering technology. Knowledge and information about the security situation of a hybrid network has been analyzed using cloud computing strategy. The simulation results show that a cyber security crash occurs in window 20, after which the protection index drops to window 500. The increase in the security index of 500 windows is consistent with the effectiveness of the concept of this document method, indicating that this document method can sense changes in the network security situation. Starting from the first attacked window, the defense index began to decrease. In order to simulate the added network defense, the network security events in the 295th time window were reduced in the original data, and the defense index increased significantly in the corresponding time period, which is consistent with the method perception results, which further verifies the effectiveness and reliability of this method on the network security event perception. This method provides high-precision knowledge of network security situations and improves the security and stability of cloud-based networks.

Fenglian Cao,Lihong Zhang,Darshana A. Naik,José Luis Arias Gonzáles,Neha Verma,Amit Jain,Rituraj Jain,Ashutosh Sharma

DOI: https://doi.org/10.1155/2022/4767725

2022-09-16

Scientific Programming

Abstract:To investigate the use of cloud computing technologies in safe computer storage, firstly, it is proposed to complete the central control function by building a cloud computing data center, collect multiple platforms and network safety technologies, and then connect computers in unlike sites to confirm computer information security. Then, based on the implementation advantages of cloud computing technique in computer network safe storage, specific applications are analyzed. Finally, a cloud computing secure modeling and analysis idea based on multiqueue and multiserver is proposed. The proposed cloud security approach ensures that both data and applications are easily accessible to authorized users. One always has a consistent way to access your cloud data and applications, allowing you to address any potential security issues as soon as they arise. It has greatly improved computer security storage convenience while also greatly improving computer network storage security. After verification, with the cloud computing technology platform to carry out relevant businesses at any time, the operation effectiveness has been meaningfully enhanced by 80%. At the same time, it promotes the construction of information sharing and gives full performance to the benefits of hardware, accelerates the process of resource integration, and provides information support for the formulation of enterprise strategic plans. Combined with the actual situation, the current study discusses the development and application direction of cloud computing, so as to add new impetus to the economic growth of enterprises.

computer science, software engineering

Masoumeh Zareapoor,Pourya Shamsolmoali,M. Afshar Alam

DOI: https://doi.org/10.1504/ijcse.2018.10012837

2018-01-01

International Journal of Computational Science and Engineering

Abstract:Distributed denial of service (DDoS) attacks have become a serious attack on internet security and cloud computing. This kind of attacks is the most complex form of denial of service (DoS) attacks. This type of attack can simply duplicate its source address, such as spoofing attack, which disguises the real location of the attack. Therefore, DDoS attack is the most significant challenge for network security. In this paper, we present a model to detect and mitigate DDoS attacks in cloud computing. The proposed model requires very small storage and has the ability of fast detection. The experimental results show that the system is able to mitigate most of the attacks. Detection accuracy and processing time were the metrics used to evaluate the performance of proposed model. From the results, it is evident that the system achieved high detection accuracy (97%) with some minor false alarms.

Upakar Bhatta

2024-05-20

Abstract:The combination of cloud technology, machine learning, and data visualization techniques allows hybrid enterprise networks to hold massive volumes of data and provide employees and customers easy access to these cloud data. These massive collections of complex data sets are facing security challenges. While cloud platforms are more vulnerable to security threats and traditional security technologies are unable to cope with the rapid data explosion in cloud platforms, machine learning powered security solutions and data visualization techniques are playing instrumental roles in detecting security threat, data breaches, and automatic finding software vulnerabilities. The purpose of this paper is to present some of the widely used cloud services, machine learning techniques and data visualization approach and demonstrate how to integrate cloud service, data analytic and machine learning techniques that can be used to detect and reduce cyber risks associated with the modern cloud based infrastructure. In this paper I applied the machine learning supervised classifier to design a model based on well-known UNSW-NB15 dataset to predict the network behavior metrics and demonstrated how data analytics techniques can be integrated to visualize network traffics.

Machine Learning,Computational Engineering, Finance, and Science

Pengfei Dai,Chaokun Wang,Zhiwei Yu,Yongsheng Yue,Jianmin Wang

DOI: https://doi.org/10.1007/978-3-642-29253-8_23

2012-01-01

Abstract:Cloud Computing has emerged as a resource sharing platform, which allows different service providers to deliver software as services. However, for many security sensitive applications such as critical data processing and e-business, we must provide necessary security protection for mitigating the threats in the shared open cloud infrastructures. In this paper, we propose a software watermark enhanced platform to assure that only the software with authorized watermark is allowed to run on the platform. Experimental results show that our architecture could provide a great protection with a small overhead.

Lili Gao,Xiaopeng Deng,Weimin Yang

DOI: https://doi.org/10.1007/s00521-021-05733-0

2021-01-27

Neural Computing and Applications

Abstract:The most important problems that occur during the extraction of knowledge from data streams are related to the properties characterizing "BigData," namely high speed of information flow (velocity), variety of used forms, variability of data and diversity of information accuracy diagnosis methods (veracity). The use of online or sequential learning methods offers a specialized solution for solving real-time data processing problems. Data are provided without a clear knowledge of their particular inherent characteristics. Conventional approaches focus on applying heuristic or logical analysis rules. They fail to effectively handle new patterns (produced as a function of time) and to consider the dynamic change rate of their characteristics. In most cases, these methods approximate, by creating general rather than clear imprints of knowledge, which is hidden in the flows. Moreover, their function requires significant computational resources. This paper introduces (to the best of our knowledge, for the first time in the literature) the implementation of a specialized online reservoir computing architecture for smart city infrastructure protection which has low requirements in computing resources; it is efficient and suitable for real-time data flow analysis. More specifically, it describes the development of an echo state network, comprised of analog neurons with sparse random connections at the input levels and at the dynamical reservoir. Its training at the output level is performed with the recursive least square method. A complex data set was selected for the testing of the proposed model, which fully simulates the digital attacks that can be faced by the mechatronic equipment used in smart water supply networks located in the front end of the smart cities.

computer science, artificial intelligence

Wei-Fa Liao,Hung-Min Sun,Wei Wu

DOI: https://doi.org/10.1109/dasc-picom-datacom-cyberscitec.2016.159

2016-01-01

Abstract:In recent years, Cloud computing has become increasingly popular. Many companies have replaced traditional hosting to cloud hosting. Cloud providers are responsible for tenant isolation, if a tenant (virtual machine) is infected, other tenants will be affected. Because the virtual network environment is very complex, the traditional intrusion detection systems can only detect attacks from external networks, but can not effectively detect the internal traffic (virtual network). In order to full defend from a threat, we need to redesign the architecture of the intrusion detection system. In this thesis, we propose a flexible distributed architecture for intrusion detection, and uses software-defined networking technology for defensive purposes. In addition, our system collects alerts from different nodes, and analyzes their correlation to generate security rules to achieve the effect of a joint defense. To make the administrator more effective in management purposes, we also provide a web-based management center to reduce the burden on administrators. Finally, we analyze the performance of the proposed system with an original system. The results show that our system adds slightly overhead, and it can effectively block the malicious flow.

Jingyu Xing,Zheng Zhang

DOI: https://doi.org/10.1155/2022/6783223

IF: 1.968

2022-03-23

Security and Communication Networks

Abstract:This paper presents an in-depth study and analysis of hierarchical network security measurement and optimal active defense in the cloud computing environment. All the cloud platform security-related data collected through cloud platform monitoring is collected, and then the relevant security data is summarized and analyzed, so that the specific security posture index of the cloud platform can be derived, thus providing a reference for cloud platform managers to judge the security risks of the cloud platform. It provides a reference for cloud platform managers to judge the security risks of cloud platforms. Through the cloud platform security situation awareness system, we mainly study the construction of cloud platform, the construction of security situation awareness system, and the calculation of security situation value and use, thus greatly improving the stability, security, and reliability of the cloud platform. The application of the method avoids the drawbacks of traditional network security management, which relies entirely on past data and cannot sense changes in the security state of the system in real time. At the same time, the predicted results are added to the input of the fuzzy decision-making system, improving the accuracy of the assessment. The method improves the real-time and effectiveness of network security posture prediction, increases the convergence speed and prediction accuracy of the algorithm, and avoids the occurrence of overfitting. Simulation experiments based on the internet network security posture dataset show that this research method has less prediction error than the traditional machine learning methods and other deep learning methods, has higher learning efficiency, and is more rapid, accurate, and effective in predicting the trend of network security posture in the big data environment in the future period.

computer science, information systems,telecommunications