Taxonomy of Security Attacks and Risk Assessment of Cloud Computing

Cloud Computing is an international collection of hardware and software from thousands of computer network. It permits digital information to be shared and distributed at very less cost and very fast to use. Cloud is attacked by viruses, worms, hackers, and cybercrimes. Attackers try to steal confidential information, interrupt services, and cause damage to the enterprise cloud computing network. The survey focuses on various attacks on cloud security and their countermeasures. Existing taxonomies have been widely documented in the literature. They provide a systematic way of understanding, identifying, and addressing security risks. This paper presents taxonomy of cloud security attacks and potential risk assessment with the aim of providing an in depth understanding of security requirements in the cloud environment. A review revealed that previous papers have not accounted for all the aspects of risk assessment and security attacks. The risk elements which are not dealt elaborately in other works are also identified, classified, quantified, and prioritized. This paper provides an overview of conceptual cloud attack and risk assessment taxonomy.

[1]  William R. Claycomb,et al.  Insider Threats to Cloud Computing: Directions for New Research Challenges , 2012, 2012 IEEE 36th Annual Computer Software and Applications Conference.

[2]  Vern Paxson,et al.  Outside the Closed World: On Using Machine Learning for Network Intrusion Detection , 2010, 2010 IEEE Symposium on Security and Privacy.

[3]  Kim-Kwang Raymond Choo,et al.  On cloud security attacks: A taxonomy and intrusion detection and prevention as a service , 2016, J. Netw. Comput. Appl..

[4]  Kim-Kwang Raymond Choo,et al.  Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework , 2016, J. Netw. Comput. Appl..

[5]  Ram Kumar Singh,et al.  Security and Privacy Concerns in Cloud Computing , 2012 .

[6]  Carla Merkle Westphall,et al.  Intrusion Detection for Grid and Cloud Computing , 2010, IT Professional.

[7]  Ainuddin Wahid Abdul Wahab,et al.  SIDNFF: Source identification network forensics framework for cloud computing , 2015, 2015 IEEE International Conference on Consumer Electronics - Taiwan.

[8]  Abdelwahab Hamou-Lhadj,et al.  A host-based anomaly detection approach by representing system calls as states of kernel modules , 2013, 2013 IEEE 24th International Symposium on Software Reliability Engineering (ISSRE).

[9]  Kim-Kwang Raymond Choo,et al.  A Taxonomy of Cloud Attack Consequences and Mitigation Strategies: The Role of Access Control and Privileged Access Management , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[10]  Aman Bakshi,et al.  Securing Cloud from DDOS Attacks Using Intrusion Detection System in Virtual Machine , 2010, 2010 Second International Conference on Communication Software and Networks.

[11]  Kim-Kwang Raymond Choo,et al.  CATRA: Conceptual cloud attack taxonomy and risk assessment framework , 2015, The Cloud Security Ecosystem.

[12]  Liu Shufen,et al.  Security Threats And Security Policy In Wireless Sensor Networks , 2012 .

[13]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[14]  Salim Hariri,et al.  An efficient network intrusion detection method based on information theory and genetic algorithm , 2005, PCCC 2005. 24th IEEE International Performance, Computing, and Communications Conference, 2005..

[15]  Ainuddin Wahid Abdul Wahab,et al.  Cloud Log Forensics , 2016, ACM Comput. Surv..

[16]  Qishi Wu,et al.  AVOIDIT: A Cyber Attack Taxonomy , 2009 .

[17]  C. Peake,et al.  Security in the cloud: Understanding the risks of cloud-as-a-service , 2012, 2012 IEEE Conference on Technologies for Homeland Security (HST).

[18]  Junho Choi,et al.  Ontology Based APT Attack Behavior Analysis in Cloud Computing , 2015, 2015 10th International Conference on Broadband and Wireless Computing, Communication and Applications (BWCCA).

[19]  Kim-Kwang Raymond Choo,et al.  Cloud Attack and Risk Assessment Taxonomy , 2015, IEEE Cloud Computing.

[20]  Chia-Mei Chen,et al.  State-based attack detection for cloud , 2013, 2013 International Symposium on Next-Generation Electronics.

[21]  Ray Hunt,et al.  A taxonomy of network and computer attacks , 2005, Comput. Secur..

[22]  Ainuddin Wahid Abdul Wahab,et al.  Network forensics: Review, taxonomy, and open challenges , 2016, J. Netw. Comput. Appl..

[23]  Prachi Deshpande,et al.  Security threats in cloud computing , 2015, International Conference on Computing, Communication & Automation.

[24]  Barrie Sosinsky,et al.  Cloud Computing Bible , 2010 .

[25]  Pradnyesh Rane Securing SaaS Applications: A Cloud Security Perspective for Application Providers , 2011 .

[26]  Alessio Merlo,et al.  Anomaly Detection in Computer Networks: A State-of-the-Art Review , 2014, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[27]  Sateesh K. Peddoju,et al.  Implementation of a Private Cloud: A Case Study , 2013, SocProS.

[28]  Muttukrishnan Rajarajan,et al.  A survey on security issues and solutions at different layers of Cloud computing , 2013, The Journal of Supercomputing.

[29]  Zafar Iqbal,et al.  Classification of cyber attacks based on rough set theory , 2015, 2015 First International Conference on Anti-Cybercrime (ICACC).

[30]  Jörg Schwenk,et al.  On Technical Security Issues in Cloud Computing , 2009, 2009 IEEE International Conference on Cloud Computing.

[31]  Asma A. Shaikh Attacks on cloud computing and its countermeasures , 2016, 2016 International Conference on Signal Processing, Communication, Power and Embedded System (SCOPES).

[32]  Akhil Behl Emerging security challenges in cloud computing: An insight to cloud security challenges and their mitigation , 2011, 2011 World Congress on Information and Communication Technologies.

[33]  Harjinder Kaur,et al.  Host based Anomaly Detection using Fuzzy Genetic Approach (FGA) , 2013 .

[34]  Jill Slay,et al.  A new approach to developing attack taxonomies for network security - including case studies , 2011, 2011 17th IEEE International Conference on Networks.

[35]  Nils Gruschka,et al.  Attack Surfaces: A Taxonomy for Attacks on Cloud Services , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[36]  A. B. M. Shawkat Ali,et al.  A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing , 2012, Future Gener. Comput. Syst..

[37]  Kim-Kwang Raymond Choo,et al.  A survey of information security incident handling in the cloud , 2015, Comput. Secur..