Sharing of attacks information across clouds for improving security: A conceptual framework

Cloud computing has recently emerged as a new paradigm for hosting and delivering services over the Internet. It is evolving as a key computing platform for sharing resources that include infrastructures, software, applications, and business processes. The cloud environment is required to have efficient security techniques as it contains precious assets such as data, users, technologies, resources and business transactions. Most of the proposed architectures for cloud computing implementations are for individual clouds which do not allow the sharing of attack information with other clouds and hence the other clouds are not able to safe themselves from the same attack. The aim of this research is to propose a conceptual framework for connected or federated clouds that can share information regarding attacks and attackers for securing themselves.

[1]  Wanlei Zhou,et al.  Cloud security defence to protect cloud computing against HTTP-DoS and XML-DoS attacks , 2011, J. Netw. Comput. Appl..

[2]  Martin Knahl,et al.  Validating Cloud Infrastructure Changes by Cloud Audits , 2012, 2012 IEEE Eighth World Congress on Services.

[3]  R. K. Bunkar,et al.  Data Security and Privacy Protection Issues in Cloud Computing , 2014 .

[4]  M. Phil,et al.  PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING , 2015 .

[5]  Asadullah Shah,et al.  A Security-Based Survey and Classification of Cloud Architectures, State of Art and Future Directions , 2013, 2013 International Conference on Advanced Computer Science Applications and Technologies.

[6]  V. T. Kamble,et al.  Ensuring Distributed Accountability for Data Sharing in the Cloud , 2014 .

[7]  N. Jeyanthi,et al.  An Enhanced Entropy Approach to Detect and Prevent DDoS in Cloud Environment , 2013, Int. J. Commun. Networks Inf. Secur..

[8]  Benny Rochwerger,et al.  A Monitoring and Audit Logging Architecture for Data Location Compliance in Federated Cloud Infrastructures , 2011, 2011 IEEE International Symposium on Parallel and Distributed Processing Workshops and Phd Forum.

[9]  Rose F. Gamble,et al.  A Tiered Strategy for Auditing in the Cloud , 2012, 2012 IEEE Fifth International Conference on Cloud Computing.

[10]  Rusli Abdullah,et al.  Security framework of cloud data storage based on Multi Agent system architecture - A pilot study , 2012, 2012 International Conference on Information Retrieval & Knowledge Management.

[11]  Alina Madalina Lonea,et al.  Detecting DDoS Attacks in Cloud Computing Environment , 2012, Int. J. Comput. Commun. Control.

[12]  Sadie Creese,et al.  Insider Attacks in Cloud Computing , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[13]  Asadullah Shah,et al.  ReSA: Architecture for resources sharing between clouds , 2014, 2014 Conference on Information Assurance and Cyber Security (CIACS).

[14]  B. Joshi,et al.  Securing cloud computing environment against DDoS attacks , 2012, 2012 International Conference on Computer Communication and Informatics.

[15]  Zhidong Shen,et al.  The security of cloud computing system enabled by trusted computing technology , 2010, 2010 2nd International Conference on Signal Processing Systems.

[16]  A. Waqas,et al.  Fault tolerant cloud auditing , 2013, 2013 5th International Conference on Information and Communication Technology for the Muslim World (ICT4M).

[17]  P. Ramachandra Rao,et al.  Efficient Audit Service Outsourcing for Data Integrity in Clouds , 2013 .

[18]  K. Sankar,et al.  On-Demand Security Architecture for Cloud Computing , 2014 .

[19]  Jin Tong,et al.  NIST Cloud Computing Reference Architecture: Recommendations of the National Institute of Standards and Technology (Special Publication 500-292) , 2012 .

[20]  R. Chitra,et al.  Securing cloud from ddos attacks using intrusion detection system in virtual machine , 2013 .

[21]  Bu-Sung Lee,et al.  Tracking of Data Leaving the Cloud , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[22]  Irfan Gul,et al.  Distributed Cloud Intrusion Detection Model , 2011 .

[23]  Shui Yu,et al.  CBF: A Packet Filtering Method for DDoS Attack Defense in Cloud Environment , 2011, 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing.

[24]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .