On cloud security attacks: A taxonomy and intrusion detection and prevention as a service

Major provisioning of cloud computing is mainly delivered via Software as a Service, Platform as a Service and Infrastructure as a Service. However, these service delivery models are vulnerable to a range of security attacks, exploiting both cloud specific and existing web service vulnerabilities. Taxonomies are a useful tool for system designers as they provide a systematic way of understanding, identifying and addressing security risks. In this research work, Cloud based attacks and vulnerabilities are collected and classify with respect to their cloud models. We also present taxonomy of cloud security attacks and potential mitigation strategies with the aim of providing an in-depth understanding of security requirements in the cloud environment. We also highlight the importance of intrusion detection and prevention as a service. Display Omitted Cloud Security Attacks Taxonomy.Cloud Intrusion Detection and Prevention as a Service.Intrusion detection in cloud computing service models.Need for in-depth advanced cloud protection systems.

[1]  David Lee,et al.  Traceback Attacks in Cloud -- Pebbletrace Botnet , 2012, 2012 32nd International Conference on Distributed Computing Systems Workshops.

[2]  Dimitrios Zissis,et al.  Addressing cloud computing security issues , 2012, Future Gener. Comput. Syst..

[3]  Ainuddin Wahid Abdul Wahab,et al.  Cloud Log Forensics , 2016, ACM Comput. Surv..

[4]  Michael K. Reiter,et al.  Cross-VM side channels and their use to extract private keys , 2012, CCS.

[5]  Sanjam Garg,et al.  Anti-DDoS Virtualized Operating System , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[6]  Luis Miguel Vaquero Gonzalez,et al.  Building safe PaaS clouds: A survey on security in multitenant software platforms , 2012, Comput. Secur..

[7]  Amir Herzberg,et al.  CDN-on-Demand: An affordable DDoS Defense via Untrusted Clouds , 2016, NDSS.

[8]  Sugata Sanyal,et al.  Survey on Security Issues in Cloud Computing and Associated Mitigation Techniques , 2012, ArXiv.

[9]  Madihah Mohd Saudi,et al.  Designing a new E-Commerce authentication framework for a cloud-based environment , 2013, 2013 IEEE 4th Control and System Graduate Research Colloquium.

[10]  Kim-Kwang Raymond Choo,et al.  Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework , 2016, J. Netw. Comput. Appl..

[11]  Ainuddin Wahid Abdul Wahab,et al.  Forensic challenges in mobile cloud computing , 2014, 2014 International Conference on Computer, Communications, and Control Technology (I4CT).

[12]  Mohamed Almorsy,et al.  CloudSec: A security monitoring appliance for Virtual Machines in the IaaS cloud model , 2011, 2011 5th International Conference on Network and System Security.

[13]  Jie Xu,et al.  An Abstract Model for Integrated Intrusion Detection and Severity Analysis for Clouds , 2011, Int. J. Cloud Appl. Comput..

[14]  Syed Adeel Ali Shah,et al.  A Study on the Critical Analysis of Computational Offloading Frameworks for Mobile Cloud Computing , 2015, J. Netw. Comput. Appl..

[15]  Ozgur Koray Sahingoz,et al.  A circular chain intrusion detection for cloud computing based on improved AdjointVM approach , 2013, 2013 IEEE 14th International Symposium on Computational Intelligence and Informatics (CINTI).

[16]  Ahmed Patel,et al.  An intrusion detection and prevention system in cloud computing: A systematic review , 2013, J. Netw. Comput. Appl..

[17]  Dongsheng Wang,et al.  Virtual-Machine-based Intrusion Detection on File-aware Block Level Storage , 2006, 2006 18th International Symposium on Computer Architecture and High Performance Computing (SBAC-PAD'06).

[18]  Chi-Chun Lo,et al.  A Cooperative Intrusion Detection System Framework for Cloud Computing Networks , 2010, 2010 39th International Conference on Parallel Processing Workshops.

[19]  A. B. M. Shawkat Ali,et al.  Monitoring Insiders Activities in Cloud Computing Using Rule Based Learning , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.

[20]  S VivinSandar,et al.  Economic Denial of Sustainability (EDoS) in Cloud Services using HTTP and XML based DDoS Attacks , 2012 .

[21]  Tal Garfinkel,et al.  Terra: a virtual machine-based platform for trusted computing , 2003, SOSP '03.

[22]  Xiaolin Gui,et al.  An approach with two-stage mode to detect cache-based side channel attacks , 2013, The International Conference on Information Networking 2013 (ICOIN).

[23]  Yubin Xia,et al.  Defending against VM rollback attack , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN 2012).

[24]  Xuejie Zhang,et al.  Identity-Based Authentication in Cloud Storage Sharing , 2010, 2010 International Conference on Multimedia Information Networking and Security.

[25]  Weiqing Sun,et al.  Collabra: A Xen Hypervisor Based Collaborative Intrusion Detection System , 2011, 2011 Eighth International Conference on Information Technology: New Generations.

[26]  Yeping He,et al.  Return-Oriented Programming Attack on the Xen Hypervisor , 2012, 2012 Seventh International Conference on Availability, Reliability and Security.

[27]  Hossam Afifi,et al.  Enforcing Trust-Based Intrusion Detection in Cloud Computing Using Algebraic Methods , 2012, 2012 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery.

[28]  Aziz Nasridinov,et al.  UNWRAP: An Approach on Wrapping-Attack Tolerant SOAP Messages , 2012, 2012 Second International Conference on Cloud and Green Computing.

[29]  B. B. Gupta,et al.  A Survey of Phishing Email Filtering Techniques , 2013, IEEE Communications Surveys & Tutorials.

[30]  Christoph Meinel,et al.  Infrastructure as a service security: Challenges and solutions , 2010, 2010 The 7th International Conference on Informatics and Systems (INFOS).

[31]  J. Thangakumar,et al.  A cloud-based intrusion detection system for Android smartphones , 2012, 2012 International Conference on Radar, Communication and Computing (ICRCC).

[32]  Haibo Chen,et al.  Limiting cache-based side-channel in multi-tenant cloud using dynamic page coloring , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[33]  Vamsi Popuri Intrusion detection for grid and cloud computing , 2011 .

[34]  Fagui Liu,et al.  The Design and Application of Xen-based Host System Firewall and its Extension , 2009, 2009 International Conference on Electronic Computer Technology.

[35]  Sadie Creese,et al.  Cloud Computing: Insider Attacks on Virtual Machines during Migration , 2013, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.

[36]  Shigeru Chiba,et al.  A Self-Protection Mechanism against Stepping-Stone Attacks for IaaS Clouds , 2012, 2012 9th International Conference on Ubiquitous Intelligence and Computing and 9th International Conference on Autonomic and Trusted Computing.

[37]  Stefanos Gritzalis,et al.  Cloud Forensics: Identifying the Major Issues and Challenges , 2014, CAiSE.

[38]  Saeed M. Alqahtani,et al.  An Intelligent Intrusion Detection System for Cloud Computing (SIDSCC) , 2014, 2014 International Conference on Computational Science and Computational Intelligence.

[39]  Sunilkumar S. Manvi,et al.  Resource management for Infrastructure as a Service (IaaS) in cloud computing: A survey , 2014, J. Netw. Comput. Appl..

[40]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[41]  Guiran Chang,et al.  Surveying and Analyzing Security, Privacy and Trust Issues in Cloud Computing Environments , 2011 .

[42]  Nur Izura Udzir,et al.  A Cloud-based Intrusion Detection Service framework , 2012, Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec).

[43]  Min-Woo Park,et al.  Multi-level Intrusion Detection System and log management in Cloud Computing , 2011, 13th International Conference on Advanced Communication Technology (ICACT2011).

[44]  Yizhang Guan,et al.  A CP Intrusion Detection Strategy on Cloud Computing , 2009 .

[45]  Mohammed El Ghazi,et al.  Cloud computing: Security challenges , 2012, 2012 Colloquium in Information Science and Technology.

[46]  Qiaoyan Wen,et al.  A View about Cloud Data Security from Data Life Cycle , 2010, 2010 International Conference on Computational Intelligence and Software Engineering.

[47]  Chu-Hsing Lin,et al.  A detection scheme for flooding attack on application layer based on semantic concept , 2010, 2010 International Computer Symposium (ICS2010).

[48]  Dijiang Huang,et al.  NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems , 2013, IEEE Transactions on Dependable and Secure Computing.

[49]  Shubhashis Sengupta,et al.  Detecting SOQL-injection vulnerabilities in SalesForce applications , 2013, 2013 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[50]  Youssef Iraqi,et al.  Phishing Detection: A Literature Survey , 2013, IEEE Communications Surveys & Tutorials.

[51]  Christoph Meinel,et al.  An Extensible and Virtualization-Compatible IDS Management Architecture , 2009, 2009 Fifth International Conference on Information Assurance and Security.

[52]  Jemal H. Abawajy,et al.  Detecting and Mitigating HX-DoS Attacks against Cloud Web Services , 2012, 2012 15th International Conference on Network-Based Information Systems.

[53]  Chen Zhang,et al.  Cloud-based RFID authentication , 2013, 2013 IEEE International Conference on RFID (RFID).

[54]  A. Volokyta,et al.  Secure virtualization in cloud computing , 2012, Proceedings of International Conference on Modern Problem of Radio Engineering, Telecommunications and Computer Science.

[55]  Vijay Varadharajan,et al.  Intrusion Detection Techniques for Infrastructure as a Service Cloud , 2011, 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing.

[56]  Kim-Kwang Raymond Choo,et al.  A survey of information security incident handling in the cloud , 2015, Comput. Secur..

[57]  Jennifer Rexford,et al.  Eliminating the hypervisor attack surface for a more secure cloud , 2011, CCS '11.

[58]  Farzad Sabahi,et al.  Virtualization-level security in cloud computing , 2011, 2011 IEEE 3rd International Conference on Communication Software and Networks.

[59]  Rajkumar Buyya,et al.  Application partitioning algorithms in mobile cloud computing: Taxonomy, review and future directions , 2015, J. Netw. Comput. Appl..

[60]  Huy Kang Kim,et al.  Self-similarity Based Lightweight Intrusion Detection Method for Cloud Computing , 2011, ACIIDS.

[61]  Tim Storer,et al.  Cloud Security Challenges: Investigating Policies, Standards, And Guidelines In A Fortune 500 Organization , 2013, ECIS.

[62]  Jordan Shropshire,et al.  Breakpoints: An analysis of potential hypervisor attack vectors , 2013, 2013 Proceedings of IEEE Southeastcon.

[63]  Thomas Hess,et al.  Software as a Service , 2008, Wirtschaftsinf..

[64]  Medromi Hicham,et al.  A collaborative intrusion detection and Prevention System in Cloud Computing , 2013, 2013 Africon.

[65]  M. Adigun,et al.  Detecting a malicious insider in the cloud environment using sequential rule mining , 2013, 2013 International Conference on Adaptive Science and Technology.

[66]  Kamalrulnizam Abu Bakar,et al.  Distributed Intrusion Detection in Clouds Using Mobile Agents , 2009, 2009 Third International Conference on Advanced Engineering Computing and Applications in Sciences.

[67]  Kim-Kwang Raymond Choo,et al.  Web application protection techniques: A taxonomy , 2016, J. Netw. Comput. Appl..

[68]  J. Zhan,et al.  Cloud Computing Security Case Studies and Research , 2013 .

[69]  Mohammad Zulkernine,et al.  A Server-Side Solution to Cache-Based Side-Channel Attacks in the Cloud , 2013, 2013 IEEE Sixth International Conference on Cloud Computing.

[70]  Saeed M. Alqahtani,et al.  An Intelligent Intrusion Prevention System for Cloud Computing (SIPSCC) , 2014, 2014 International Conference on Computational Science and Computational Intelligence.

[71]  Brajendra Panda,et al.  Malicious Modification Attacks by Insiders in Relational Databases: Prediction and Prevention , 2010, 2010 IEEE Second International Conference on Social Computing.

[72]  Benny Pinkas,et al.  Side Channels in Cloud Services: Deduplication in Cloud Storage , 2010, IEEE Security & Privacy.

[73]  Michael K. Reiter,et al.  HomeAlone: Co-residency Detection in the Cloud via Side-Channel Analysis , 2011, 2011 IEEE Symposium on Security and Privacy.

[74]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[75]  Ralf Steinmetz,et al.  Detecting VM Live Migration using a Hybrid External Approach , 2013, CLOSER.

[76]  Mojtaba Alizadeh,et al.  Authentication in mobile cloud computing: A survey , 2016, J. Netw. Comput. Appl..

[77]  Kim-Kwang Raymond Choo,et al.  CATRA: Conceptual cloud attack taxonomy and risk assessment framework , 2015, The Cloud Security Ecosystem.

[78]  Srivaths Ravi,et al.  Aiding Side-Channel Attacks on Cryptographic Software With Satisfiability-Based Analysis , 2007, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[79]  Saman A. Zonouz,et al.  A cloud-based intrusion detection and response system for mobile phones , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[80]  Muttukrishnan Rajarajan,et al.  A survey on security issues and solutions at different layers of Cloud computing , 2013, The Journal of Supercomputing.

[81]  E. Anitha,et al.  A packet marking approach to protect cloud environment against DDoS attacks , 2013, 2013 International Conference on Information Communication and Embedded Systems (ICICES).

[82]  Yoshihiro Oyama,et al.  A Hypervisor for Injecting Scenario-Based Attack Effects , 2011, 2011 IEEE 35th Annual Computer Software and Applications Conference.

[83]  Elaine Shi,et al.  ObliviStore: High Performance Oblivious Cloud Storage , 2013, 2013 IEEE Symposium on Security and Privacy.

[84]  Roberto Bifulco,et al.  Integrating a network IDS into an open source Cloud Computing environment , 2010, 2010 Sixth International Conference on Information Assurance and Security.

[85]  Wenjuan Li,et al.  Design of Cloud-Based Parallel Exclusive Signature Matching Model in Intrusion Detection , 2013, 2013 IEEE 10th International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing.

[86]  Ashish G. Revar,et al.  Securing user authentication using single sign-on in Cloud Computing , 2011, 2011 Nirma University International Conference on Engineering.

[87]  Ainuddin Wahid Abdul Wahab,et al.  A Comprehensive Review on Adaptability of Network Forensics Frameworks for Mobile Cloud Computing , 2014, TheScientificWorldJournal.

[88]  Rajkumar Buyya,et al.  A survey on vehicular cloud computing , 2014, J. Netw. Comput. Appl..

[89]  Ralph Deters,et al.  SaaS Authentication Middleware for Mobile Consumers of IaaS Cloud , 2013, 2013 IEEE Ninth World Congress on Services.

[90]  Shui Yu,et al.  CBF: A Packet Filtering Method for DDoS Attack Defense in Cloud Environment , 2011, 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing.

[91]  Mohamed Hamdi Security of cloud computing, storage, and networking , 2012, 2012 International Conference on Collaboration Technologies and Systems (CTS).

[92]  Shuai Ding,et al.  LARX: Large-Scale Anti-Phishing by Retrospective Data-Exploring Based on a Cloud Computing Platform , 2011, 2011 Proceedings of 20th International Conference on Computer Communications and Networks (ICCCN).

[93]  S. S. Chapade,et al.  Securing Cloud Servers Against Flooding Based DDOS Attacks , 2013, 2013 International Conference on Communication Systems and Network Technologies.

[94]  Karen A. Scarfone,et al.  Guide to Security for Full Virtualization Technologies , 2011 .

[95]  Xiaogang Wang,et al.  The Research and Design of Intelligent IPS Model Based on Dynamic Cloud Firewall Linkage , 2011 .

[96]  Dake He,et al.  Model Checking for the Defense against Cross-Site Scripting Attacks , 2012, 2012 International Conference on Computer Science and Service System.

[97]  Ainuddin Wahid Abdul Wahab,et al.  Network forensics: Review, taxonomy, and open challenges , 2016, J. Netw. Comput. Appl..

[98]  Ragib Hasan,et al.  Cloud Based Content Fetching: Using Cloud Infrastructure to Obfuscate Phishing Scam Analysis , 2012, 2012 IEEE Eighth World Congress on Services.

[99]  Gnanasekaran Aghila,et al.  A Filter Tree Approach to Protect Cloud Computing against XML DDoS and HTTP DDoS Attack , 2012, ISI.

[100]  Thomas Gross,et al.  Defense-in-Depth Against Malicious Insiders in the Cloud , 2013, 2013 IEEE International Conference on Cloud Engineering (IC2E).

[101]  Rajiv Ranjan,et al.  Trustworthy Processing of Healthcare Big Data in Hybrid Clouds , 2015, IEEE Cloud Computing.

[102]  Muhammad Shiraz,et al.  A review on interworking and mobility techniques for seamless connectivity in mobile cloud computing , 2014, J. Netw. Comput. Appl..

[103]  Zhi Wang,et al.  HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity , 2010, 2010 IEEE Symposium on Security and Privacy.

[104]  Ben Laurie Network Forensics , 2004, ACM Queue.

[105]  Gail-Joon Ahn,et al.  Security and Privacy Challenges in Cloud Computing Environments , 2010, IEEE Security & Privacy.

[106]  R. Chitra,et al.  Securing cloud from ddos attacks using intrusion detection system in virtual machine , 2013 .

[107]  Jörg Schwenk,et al.  On Technical Security Issues in Cloud Computing , 2009, 2009 IEEE International Conference on Cloud Computing.

[108]  Hai Jin,et al.  Anonymous Password Authentication Scheme by Using Digital Signature and Fingerprint in Cloud Computing , 2012, 2012 Second International Conference on Cloud and Green Computing.

[109]  Ajith Abraham,et al.  A fingerprinting system calls approach for intrusion detection in a cloud environment , 2012, 2012 Fourth International Conference on Computational Aspects of Social Networks (CASoN).

[110]  M. Sasikumar,et al.  Trust Model for Measuring Security Strength of Cloud Computing Service , 2015 .

[111]  Mohamed Cheriet,et al.  Taxonomy of Distributed Denial of Service mitigation approaches for cloud computing , 2015, J. Netw. Comput. Appl..

[112]  Haibo Chen,et al.  PALM: Security Preserving VM Live Migration for Systems with VMM-enforced Protection , 2008, 2008 Third Asia-Pacific Trusted Infrastructure Technologies Conference.

[113]  Ainuddin Wahid Abdul Wahab,et al.  SIDNFF: Source identification network forensics framework for cloud computing , 2015, 2015 IEEE International Conference on Consumer Electronics - Taiwan.

[114]  Zhendong Su,et al.  Bezoar: Automated virtual machine-based full-system recovery from control-flow hijacking attacks , 2008, NOMS 2008 - 2008 IEEE Network Operations and Management Symposium.

[115]  Ueman Oktay,et al.  Proxy Network Intrusion Detection System for cloud computing , 2013, 2013 The International Conference on Technological Advances in Electrical, Electronics and Computer Engineering (TAEECE).

[116]  Sugata Sanyal,et al.  A Survey on Security Issues in Cloud Computing , 2011, 1109.5388.

[117]  Zair Abdelouahab,et al.  Virtualization in Intrusion Detection Systems: A Study on Different Approaches for Cloud Computing Environments , 2012 .

[118]  Taiwo Ayodele,et al.  Cloud based emails boundaries and vulnerabilities , 2013, 2013 Science and Information Conference.

[119]  Han Qi,et al.  Sierpinski triangle based data center architecture in cloud computing , 2014, The Journal of Supercomputing.

[120]  Matthew O. Adigun,et al.  Insider threat detection model for the cloud , 2013, 2013 Information Security for South Africa.

[121]  J. Reuben,et al.  A Survey on Virtual Machine Security , 2007 .

[122]  Pradeep Kumar Tiwari,et al.  Security Issues and Solutions in Cloud Computing , 2017 .

[123]  Xin Jiang,et al.  Cloud computing-based forensic analysis for collaborative network security management system , 2013 .

[124]  Rachna Dhamija,et al.  The Seven Flaws of Identity Management: Usability and Security Challenges , 2008, IEEE Security & Privacy.

[125]  Hatem Hamad,et al.  Managing Intrusion Detection as a Service in Cloud Networks , 2012 .

[126]  Srinath Perera,et al.  Multi-tenant SOA Middleware for Cloud Computing , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[127]  Sadie Creese,et al.  Insider Attacks in Cloud Computing , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[128]  V. K. Agrawal,et al.  Multi-level authentication technique for accessing cloud services , 2012, 2012 International Conference on Computing, Communication and Applications.

[129]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[130]  Eric Pardede,et al.  MCDB: Using Multi-clouds to Ensure Security in Cloud Computing , 2011, 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing.

[131]  Ryan Shea,et al.  Understanding the impact of Denial of Service attacks on Virtual Machines , 2012, 2012 IEEE 20th International Workshop on Quality of Service.

[132]  Zhifeng Xiao,et al.  Security and Privacy in Cloud Computing , 2013, IEEE Communications Surveys & Tutorials.

[133]  Tao Zhang,et al.  Defense of DDoS attack for cloud computing , 2012, 2012 IEEE International Conference on Computer Science and Automation Engineering (CSAE).

[134]  Nick Feamster,et al.  SilverLine: Data and Network Isolation for Cloud Services , 2011, HotCloud.

[135]  Rajkumar Buyya,et al.  Interconnected Cloud Computing Environments , 2014, ACM Comput. Surv..

[136]  Yong Wang,et al.  Hypervisor-based cloud intrusion detection system , 2014, 2014 International Conference on Computing, Networking and Communications (ICNC).