Monitoring Insiders Activities in Cloud Computing Using Rule Based Learning

One of the essential but formidable tasks in cloud computing is to detect malicious attacks and their types. A cloud provider's constraints or inability in monitoring its employees, and lack of transparency, may make the detection process even harder. We found these insiders' activities form similar pattern in the monitoring systems as some other cyber attacks because these also uses huge computer resources. In this paper we first provide a brief overview on the importance of monitoring insiders' activities through a literature survey on cloud computing security. Then, we observe some of the real life insiders' activities that can be detected from the performance data in a hyper visor and its guest operating systems. Rule based learning is successfully used for identification of these activities in this research. We further observe that some of these insiders' activities can on occasions turn into a malicious insider's attack, and thus, need constant monitoring in the cloud environment.

[1]  Eric Grosse,et al.  Cloud Computing Roundtable , 2010, IEEE Security & Privacy Magazine.

[2]  Jemal H. Abawajy,et al.  A Layered Security Approach for Cloud Computing Infrastructure , 2009, 2009 10th International Symposium on Pervasive Systems, Algorithms, and Networks.

[3]  Daniele Catteddu and Giles Hogben Cloud Computing. Benefits, risks and recommendations for information security , 2009 .

[4]  Neal Leavitt,et al.  Is Cloud Computing Really Ready for Prime Time? , 2009, Computer.

[5]  C. Goose,et al.  Glossary of Terms , 2004, Machine Learning.

[6]  Mehrdad Mahdavi Boroujerdi,et al.  Cloud Computing: Changing Cogitation about Computing , 2009 .

[7]  Sawan Kumar,et al.  Ensuring data storage security in Cloud Computing , 2009, 2009 17th International Workshop on Quality of Service.

[8]  Kamal Dahbur,et al.  A survey of risks, threats and vulnerabilities in cloud computing , 2011, ISWSA '11.

[9]  J. Ross Quinlan,et al.  C4.5: Programs for Machine Learning , 1992 .

[10]  Rajkumar Buyya,et al.  Article in Press Future Generation Computer Systems ( ) – Future Generation Computer Systems Cloud Computing and Emerging It Platforms: Vision, Hype, and Reality for Delivering Computing as the 5th Utility , 2022 .

[11]  Eugenio Oñate,et al.  A Variational Formulation for the Multilayer Perceptron , 2006, ICANN.

[12]  David S. Linthicum,et al.  Cloud Computing and SOA Convergence in Your Enterprise: A Step-by-Step Guide , 2009 .

[13]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[14]  Martin Gilje Jaatun,et al.  Monitoring Intrusions and Security Breaches in Highly Distributed Cloud Environments , 2011, 2011 IEEE Third International Conference on Cloud Computing Technology and Science.

[15]  J. Hanley,et al.  The meaning and use of the area under a receiver operating characteristic (ROC) curve. , 1982, Radiology.

[16]  Pat Langley,et al.  Estimating Continuous Distributions in Bayesian Classifiers , 1995, UAI.

[17]  Ian H. Witten,et al.  Generating Accurate Rule Sets Without Global Optimization , 1998, ICML.

[18]  Miguel Correia,et al.  Lucy in the sky without diamonds: Stealing confidential data in the cloud , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[19]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[20]  Liang Yan,et al.  Strengthen Cloud Computing Security with Federal Identity Management Using Hierarchical Identity-Based Cryptography , 2009, CloudCom.

[21]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[22]  John C. Platt,et al.  Fast training of support vector machines using sequential minimal optimization, advances in kernel methods , 1999 .

[23]  Bernd Grobauer,et al.  Understanding Cloud Computing Vulnerabilities , 2011, IEEE Security & Privacy.

[24]  Wanlei Zhou,et al.  Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks , 2011, J. Netw. Comput. Appl..