SlideShare a Scribd company logo

Cloud Monitoring And Forensic Using Security Metrics

Download as PPT, PDF
Sandeep Saxena
Sandeep Saxena

IEEE presentation on my paper

1 of 14
CLOUD MONITORING AND FORENSIC USING SECURITY METRICS Presented By: Sandeep Saxena Co-Author: Goutam Sanyal Galgotias college of Engineering & Technology, Greater Noida, India
Contents  INTRODUCTION  ANALYSIS OF PREVIOUS RESEARCHES  PROPOSED METHODOLOGY  PROPOSED GENERIC MODEL FOR CLOUD MONITORING AND FORENSICS  CONCLUSION AND FUTURE WORK  REFRENCES
Introduction Cloud computing is a new emerging technology in the era of science. This immediately brings up several important questions like-  Why we use cloud computing?  Is it real, or just another catchphrase?  How does it affect us? Cloud Computing : Cloud paradigm is used to enable expedient, on-demand network (cloud) access to a public pool of configurable computing resources ( e.g. networks, services, storage, application and services) that can be fast stipulated and released with minimal management effort or service provider interaction.
2 types of cloud: 1. Public Cloud 2. Private cloud Figure 1 : Public cloud ( Service Provider) and Private Cloud ( On- Premises)
Analysis of Previous Research Validation security design is based on model and methodology approaches. For example NIST  Security made presents telecommunication architecture as combination of 3 layers: a. Infrastructure level: The set of hardware and software components that provide telecommunication functionality. b. Service level: Billed customer traffic flows. c. Application level: It motivates users to pay for the control layer services.
 Security Issues : Confidentiality , Integrity , Availability  For such issues , we need to monitor the user’s activity as prevention measure to provide security to other users on network.  Monitoring and Forensic is major concern of security for taking appropriate action against intruder or attackers.  Architectural services of cloud computing: a) Software-as-a-Service (SaaS): Salesforce.com, GoogleApps etc. b) Platform-as-a-Service(PaaS):Google Apps Engine c) Infrastructure-as-a-service(IaaS): Amazon web services
 According to Jennifer Bayuk : Iaas service provides secure network and storage services and Saas provides secure application service.  According to D.Zissis and D.Lekkas : Trusted third part implemented to provide strong authentication for financial transaction, authorization, data confidentiality and non repudiation.  According to Gary C. Kessler: Find root cause of forensics.  According to M. Tayor: Forensic experts install packet sniffers and monitoring tools on targeted machine to collect information. In private cloud it would be easy but in a public cloud it will be more difficult.
Proposed Methodology Monitor Consumer Activity and Save Session log Records Find any Malicious activity Match with Signature Automated Forensic System will be activated to Store All Activities and Data in Metrics Stop Remote Access OR outside the cloud services ( at the same time massage send to consumer on phone and Email ) Administrator check security metrics and collect Data then send to higher authority for legal Processing Figure 2 : Monitoring and Forensic Methodology
Proposed Generic Model for Cloud Computing and Forensics  Here we proposed an complete architecture to provide service to our consumer included secure monitoring and forensic system.  Service level agreement ( SLA ) : Signed by Consumer.  In our architecture , we used Host- based IDS for monitoring of incoming and outgoing network communication on consumer system. IDS includes both anomaly detection and misuse detection techniques for identifying activities on host system.  It includes 6 steps which are shows in figure 2.
Figure 3: Generic architecture for cloud monitoring and forensic
Conclusion and Future work  We proposed a forensic methodology to assure the confidentiality of user of cloud.  Create security matrix and audit trail for investigation.  Establish service level agreement (SLA) with customer.  In future, focus on rule base security matrix and integrity of user’s data.
References [1] Cary Landis and Dan Blacharski,“Cloud Computing Made Easy” , Version 0.3. [2] G. Stoneburner, “Underlying Technical Models for Information Technology Security,” National Institute of Standards and Technology, 2001 [3] G. McGraw, Software Security: Addison-Wesley,2006 [4] Google App Engine, http://appengine.google.com [5]Amazon Elastic Compute Cloud(EC2), http://www.amazon.com/ec2 [6]Gary C. Kessler, “Anti-Forensic and the Digital Investigator” Champlain College Burlington, VT , USA Edith Cowan University, Mount Lawley, WA, Australia
[7] CSA cloud Security Alliance, top Threats to cloud Computing V1.0, 2010 [8] Shaftab Ahmad and M. yahin Akhtar Raja, “Tackling Cloud Security Issues And Forensic Model”, IEEE 2010 [9] Jennifer Bayuk, “Cloud Security Metrics”, 6th International Conference on System of Systems Engineering, Albuquerque, New Mexico, USA –June 27- 30,2011 (IEEE) [10] D. Zissis and D. Lekkas , “Addressing Cloud Computing Security issues”, Future Generation Computer System (2011) Elsevier, doi:10.1016/j.future.2010.12.006 [11] M.Tayor, J. Haggerty, D. Gresty and R. Hegarty, “Digital evidence in cloud computing systems”, Computer Law and Security Review 26 (2010)
THANK YOU

Recommended

Cloud Forensics- An IS Approach
Cloud Forensics- An IS ApproachCloud Forensics- An IS Approach
Cloud Forensics- An IS ApproachIOSR Journals
 
Log Management for PCI Compliance [OLD]
Log Management for PCI Compliance [OLD]Log Management for PCI Compliance [OLD]
Log Management for PCI Compliance [OLD]Anton Chuvakin
 
Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Amrit Chhetri
 
Developed security and privacy algorithms for cyber physical system
Developed security and privacy algorithms for cyber physical system Developed security and privacy algorithms for cyber physical system
Developed security and privacy algorithms for cyber physical system IJECEIAES
 
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...CODE BLUE
 
Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)Harsh Bhanushali
 
Security Issues and Challenges in Internet of Things – A Review
Security Issues and Challenges in Internet of Things – A ReviewSecurity Issues and Challenges in Internet of Things – A Review
Security Issues and Challenges in Internet of Things – A ReviewIJERA Editor
 
Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Priyanka Aash
 

Recommended

Cloud Forensics- An IS Approach
Cloud Forensics- An IS ApproachCloud Forensics- An IS Approach
Cloud Forensics- An IS ApproachIOSR Journals
 
Log Management for PCI Compliance [OLD]
Log Management for PCI Compliance [OLD]Log Management for PCI Compliance [OLD]
Log Management for PCI Compliance [OLD]Anton Chuvakin
 
Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Role of Forensic Triage In Cyber Security Trends 2021
Role of Forensic Triage In Cyber Security Trends 2021Amrit Chhetri
 
Developed security and privacy algorithms for cyber physical system
Developed security and privacy algorithms for cyber physical system Developed security and privacy algorithms for cyber physical system
Developed security and privacy algorithms for cyber physical system IJECEIAES
 
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...CODE BLUE
 
Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)Harsh Bhanushali
 
Security Issues and Challenges in Internet of Things – A Review
Security Issues and Challenges in Internet of Things – A ReviewSecurity Issues and Challenges in Internet of Things – A Review
Security Issues and Challenges in Internet of Things – A ReviewIJERA Editor
 
Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Priyanka Aash
 
Reference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- InsuranceReference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- InsurancePriyanka Aash
 
Guardians of the future what should we do to secure future cyberspace
Guardians of the future what should we do to secure future cyberspace Guardians of the future what should we do to secure future cyberspace
Guardians of the future what should we do to secure future cyberspace Aladdin Dandis
 
Cloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft CloudCloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft CloudTom Janetscheck
 
A Novel Security Approach for Communication using IOT
A Novel Security Approach for Communication using IOTA Novel Security Approach for Communication using IOT
A Novel Security Approach for Communication using IOTIJEACS
 
Iot cyber security
Iot cyber securityIot cyber security
Iot cyber securitysajid mehmood
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIntel® Software
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
 
What operational technology cyber security is?
What operational technology cyber security is?What operational technology cyber security is?
What operational technology cyber security is?sohailAhmad304
 
Io t security_review_blockchain_solutions
Io t security_review_blockchain_solutionsIo t security_review_blockchain_solutions
Io t security_review_blockchain_solutionsShyam Goyal
 
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...Drjabez
 
A Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud ComputingA Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud Computingijsrd.com
 
First line of defense for cybersecurity : AI
First line of defense for cybersecurity : AIFirst line of defense for cybersecurity : AI
First line of defense for cybersecurity : AIAhmed Banafa
 
Summer internship - Cybersecurity
Summer internship - CybersecuritySummer internship - Cybersecurity
Summer internship - CybersecurityAbhilashYadav14
 
Practical risk management for the multi cloud
Practical risk management for the multi cloudPractical risk management for the multi cloud
Practical risk management for the multi cloudUlf Mattsson
 
76 s201918
76 s20191876 s201918
76 s201918IJRAT
 
IRJET- Authentication and Context Awareness Access Control in Internet of Things
IRJET- Authentication and Context Awareness Access Control in Internet of ThingsIRJET- Authentication and Context Awareness Access Control in Internet of Things
IRJET- Authentication and Context Awareness Access Control in Internet of ThingsIRJET Journal
 
A survey on secure communication protocols for io t systems
A survey on secure communication protocols for io t systemsA survey on secure communication protocols for io t systems
A survey on secure communication protocols for io t systemsVishwesh Nagamalla
 
A Study and Comparative analysis of Conditional Random Fields for Intrusion d...
A Study and Comparative analysis of Conditional Random Fields for Intrusion d...A Study and Comparative analysis of Conditional Random Fields for Intrusion d...
A Study and Comparative analysis of Conditional Random Fields for Intrusion d...IJORCS
 
IRJET- Crypto-Currencies How Secure are they?
IRJET- Crypto-Currencies How Secure are they?IRJET- Crypto-Currencies How Secure are they?
IRJET- Crypto-Currencies How Secure are they?IRJET Journal
 
ABANACLE_5x8_brochure - USA
ABANACLE_5x8_brochure - USAABANACLE_5x8_brochure - USA
ABANACLE_5x8_brochure - USACatherine Moji Renner
 
Security Metrics
Security MetricsSecurity Metrics
Security MetricsConferencias FIST
 
11.cyber forensics in cloud computing
11.cyber forensics in cloud computing11.cyber forensics in cloud computing
11.cyber forensics in cloud computingAlexander Decker
 

More Related Content

What's hot

Reference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- InsuranceReference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- InsurancePriyanka Aash
 
Guardians of the future what should we do to secure future cyberspace
Guardians of the future what should we do to secure future cyberspace Guardians of the future what should we do to secure future cyberspace
Guardians of the future what should we do to secure future cyberspace Aladdin Dandis
 
Cloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft CloudCloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft CloudTom Janetscheck
 
A Novel Security Approach for Communication using IOT
A Novel Security Approach for Communication using IOTA Novel Security Approach for Communication using IOT
A Novel Security Approach for Communication using IOTIJEACS
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIntel® Software
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
 
What operational technology cyber security is?
What operational technology cyber security is?What operational technology cyber security is?
What operational technology cyber security is?sohailAhmad304
 
Io t security_review_blockchain_solutions
Io t security_review_blockchain_solutionsIo t security_review_blockchain_solutions
Io t security_review_blockchain_solutionsShyam Goyal
 
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...Drjabez
 
A Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud ComputingA Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud Computingijsrd.com
 
First line of defense for cybersecurity : AI
First line of defense for cybersecurity : AIFirst line of defense for cybersecurity : AI
First line of defense for cybersecurity : AIAhmed Banafa
 
Summer internship - Cybersecurity
Summer internship - CybersecuritySummer internship - Cybersecurity
Summer internship - CybersecurityAbhilashYadav14
 
Practical risk management for the multi cloud
Practical risk management for the multi cloudPractical risk management for the multi cloud
Practical risk management for the multi cloudUlf Mattsson
 
76 s201918
76 s20191876 s201918
76 s201918IJRAT
 
IRJET- Authentication and Context Awareness Access Control in Internet of Things
IRJET- Authentication and Context Awareness Access Control in Internet of ThingsIRJET- Authentication and Context Awareness Access Control in Internet of Things
IRJET- Authentication and Context Awareness Access Control in Internet of ThingsIRJET Journal
 
A survey on secure communication protocols for io t systems
A survey on secure communication protocols for io t systemsA survey on secure communication protocols for io t systems
A survey on secure communication protocols for io t systemsVishwesh Nagamalla
 
A Study and Comparative analysis of Conditional Random Fields for Intrusion d...
A Study and Comparative analysis of Conditional Random Fields for Intrusion d...A Study and Comparative analysis of Conditional Random Fields for Intrusion d...
A Study and Comparative analysis of Conditional Random Fields for Intrusion d...IJORCS
 
IRJET- Crypto-Currencies How Secure are they?
IRJET- Crypto-Currencies How Secure are they?IRJET- Crypto-Currencies How Secure are they?
IRJET- Crypto-Currencies How Secure are they?IRJET Journal
 

What's hot (20)

Reference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- InsuranceReference Security Architecture for Mobility- Insurance
Reference Security Architecture for Mobility- Insurance
 
Guardians of the future what should we do to secure future cyberspace
Guardians of the future what should we do to secure future cyberspace Guardians of the future what should we do to secure future cyberspace
Guardians of the future what should we do to secure future cyberspace
 
Cloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft CloudCloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft Cloud
 
A Novel Security Approach for Communication using IOT
A Novel Security Approach for Communication using IOTA Novel Security Approach for Communication using IOT
A Novel Security Approach for Communication using IOT
 
Iot cyber security
Iot cyber securityIot cyber security
Iot cyber security
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
 
IoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address themIoT security and privacy: main challenges and how ISOC-OTA address them
IoT security and privacy: main challenges and how ISOC-OTA address them
 
What operational technology cyber security is?
What operational technology cyber security is?What operational technology cyber security is?
What operational technology cyber security is?
 
Io t security_review_blockchain_solutions
Io t security_review_blockchain_solutionsIo t security_review_blockchain_solutions
Io t security_review_blockchain_solutions
 
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...
 
A Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud ComputingA Collaborative Intrusion Detection System for Cloud Computing
A Collaborative Intrusion Detection System for Cloud Computing
 
First line of defense for cybersecurity : AI
First line of defense for cybersecurity : AIFirst line of defense for cybersecurity : AI
First line of defense for cybersecurity : AI
 
Summer internship - Cybersecurity
Summer internship - CybersecuritySummer internship - Cybersecurity
Summer internship - Cybersecurity
 
Practical risk management for the multi cloud
Practical risk management for the multi cloudPractical risk management for the multi cloud
Practical risk management for the multi cloud
 
76 s201918
76 s20191876 s201918
76 s201918
 
IRJET- Authentication and Context Awareness Access Control in Internet of Things
IRJET- Authentication and Context Awareness Access Control in Internet of ThingsIRJET- Authentication and Context Awareness Access Control in Internet of Things
IRJET- Authentication and Context Awareness Access Control in Internet of Things
 
A survey on secure communication protocols for io t systems
A survey on secure communication protocols for io t systemsA survey on secure communication protocols for io t systems
A survey on secure communication protocols for io t systems
 
A Study and Comparative analysis of Conditional Random Fields for Intrusion d...
A Study and Comparative analysis of Conditional Random Fields for Intrusion d...A Study and Comparative analysis of Conditional Random Fields for Intrusion d...
A Study and Comparative analysis of Conditional Random Fields for Intrusion d...
 
IRJET- Crypto-Currencies How Secure are they?
IRJET- Crypto-Currencies How Secure are they?IRJET- Crypto-Currencies How Secure are they?
IRJET- Crypto-Currencies How Secure are they?
 
ABANACLE_5x8_brochure - USA
ABANACLE_5x8_brochure - USAABANACLE_5x8_brochure - USA
ABANACLE_5x8_brochure - USA
 

Viewers also liked

11.cyber forensics in cloud computing
11.cyber forensics in cloud computing11.cyber forensics in cloud computing
11.cyber forensics in cloud computingAlexander Decker
 
Cloud Application Logging for Forensics
Cloud Application Logging for ForensicsCloud Application Logging for Forensics
Cloud Application Logging for ForensicsRaffael Marty
 
Adding event reconstruction to a cloud forensic readiness
Adding event reconstruction to a cloud forensic readinessAdding event reconstruction to a cloud forensic readiness
Adding event reconstruction to a cloud forensic readinessVictor Kebande
 
Cloud Computing Forensic Science
Cloud Computing Forensic Science Cloud Computing Forensic Science
Cloud Computing Forensic Science David Sweigert
 
Memory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computingMemory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computingPriyanka Aash
 
Babadook
BabadookBabadook
Babadookjupton1
 
MEDIA ICMI EDISI 11
MEDIA ICMI EDISI 11 MEDIA ICMI EDISI 11
MEDIA ICMI EDISI 11 ICMI Pusat
 
Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...
Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...
Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...CSCJournals
 
Mobile security
Mobile securityMobile security
Mobile securityStefaan
 
Looking for Information Vacuums
Looking for Information VacuumsLooking for Information Vacuums
Looking for Information VacuumsInfo Ops HQ
 
Mobile security
Mobile securityMobile security
Mobile securityMphasis
 
Mobile Application Security by Design
Mobile Application Security by DesignMobile Application Security by Design
Mobile Application Security by DesignDMI
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security IssuesStelios Krasadakis
 
Cloud Forensics
Cloud ForensicsCloud Forensics
Cloud Forensicssdavis532
 
(130928) #fitalk cloud storage forensics - dropbox
(130928) #fitalk cloud storage forensics - dropbox(130928) #fitalk cloud storage forensics - dropbox
(130928) #fitalk cloud storage forensics - dropboxINSIGHT FORENSIC
 
Cloud Computing : Security and Forensics
Cloud Computing : Security and ForensicsCloud Computing : Security and Forensics
Cloud Computing : Security and ForensicsGovind Maheswaran
 
Mobile forensics
Mobile forensicsMobile forensics
Mobile forensicsnoorashams
 

Viewers also liked (20)

Security Metrics
Security MetricsSecurity Metrics
Security Metrics
 
11.cyber forensics in cloud computing
11.cyber forensics in cloud computing11.cyber forensics in cloud computing
11.cyber forensics in cloud computing
 
Cloud Application Logging for Forensics
Cloud Application Logging for ForensicsCloud Application Logging for Forensics
Cloud Application Logging for Forensics
 
Adding event reconstruction to a cloud forensic readiness
Adding event reconstruction to a cloud forensic readinessAdding event reconstruction to a cloud forensic readiness
Adding event reconstruction to a cloud forensic readiness
 
Cloud Computing Forensic Science
Cloud Computing Forensic Science Cloud Computing Forensic Science
Cloud Computing Forensic Science
 
Memory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computingMemory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computing
 
Updated CV
Updated CVUpdated CV
Updated CV
 
Babadook
BabadookBabadook
Babadook
 
MEDIA ICMI EDISI 11
MEDIA ICMI EDISI 11 MEDIA ICMI EDISI 11
MEDIA ICMI EDISI 11
 
Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...
Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...
Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...
 
Mobile security
Mobile securityMobile security
Mobile security
 
Looking for Information Vacuums
Looking for Information VacuumsLooking for Information Vacuums
Looking for Information Vacuums
 
Mobile security
Mobile securityMobile security
Mobile security
 
Mobile Application Security by Design
Mobile Application Security by DesignMobile Application Security by Design
Mobile Application Security by Design
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security Issues
 
Mobile Apps Security
Mobile Apps SecurityMobile Apps Security
Mobile Apps Security
 
Cloud Forensics
Cloud ForensicsCloud Forensics
Cloud Forensics
 
(130928) #fitalk cloud storage forensics - dropbox
(130928) #fitalk cloud storage forensics - dropbox(130928) #fitalk cloud storage forensics - dropbox
(130928) #fitalk cloud storage forensics - dropbox
 
Cloud Computing : Security and Forensics
Cloud Computing : Security and ForensicsCloud Computing : Security and Forensics
Cloud Computing : Security and Forensics
 
Mobile forensics
Mobile forensicsMobile forensics
Mobile forensics
 

Similar to Cloud Monitoring And Forensic Using Security Metrics

Analysis of Cloud Computing Security Concerns and Methodologies
Analysis of Cloud Computing Security Concerns and MethodologiesAnalysis of Cloud Computing Security Concerns and Methodologies
Analysis of Cloud Computing Security Concerns and MethodologiesIRJET Journal
 
Insuring Security for Outsourced Data Stored in Cloud Environment
Insuring Security for Outsourced Data Stored in Cloud EnvironmentInsuring Security for Outsourced Data Stored in Cloud Environment
Insuring Security for Outsourced Data Stored in Cloud EnvironmentEditor IJCATR
 
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...IJERA Editor
 
Iaetsd cloud computing and security challenges
Iaetsd cloud computing and security challengesIaetsd cloud computing and security challenges
Iaetsd cloud computing and security challengesIaetsd Iaetsd
 
Secure hash based distributed framework for utpc based cloud authorization
Secure hash based distributed framework for utpc based cloud authorizationSecure hash based distributed framework for utpc based cloud authorization
Secure hash based distributed framework for utpc based cloud authorizationIAEME Publication
 
Secure hash based distributed framework for utpc based cloud authorization
Secure hash based distributed framework for utpc based cloud authorizationSecure hash based distributed framework for utpc based cloud authorization
Secure hash based distributed framework for utpc based cloud authorizationIAEME Publication
 
Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms IJECEIAES
 
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Editor IJCATR
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
 
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...IJCNCJournal
 
Maintaining Secure Cloud by Continuous Auditing
Maintaining Secure Cloud by Continuous AuditingMaintaining Secure Cloud by Continuous Auditing
Maintaining Secure Cloud by Continuous Auditingijtsrd
 
Remote data integrity checking with a third party auditor in public cloud usi...
Remote data integrity checking with a third party auditor in public cloud usi...Remote data integrity checking with a third party auditor in public cloud usi...
Remote data integrity checking with a third party auditor in public cloud usi...IJSRED
 
Enhanced security framework to ensure data security
Enhanced security framework to ensure data securityEnhanced security framework to ensure data security
Enhanced security framework to ensure data securityeSAT Publishing House
 
Simultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Simultaneously Supporting Privacy and Auditing in Cloud Computing SystemsSimultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Simultaneously Supporting Privacy and Auditing in Cloud Computing SystemsTyrone Grandison
 
Survey on cloud computing security techniques
Survey on cloud computing security techniquesSurvey on cloud computing security techniques
Survey on cloud computing security techniqueseSAT Journals
 
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREA SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREIJNSA Journal
 

Similar to Cloud Monitoring And Forensic Using Security Metrics (20)

Eb31854857
Eb31854857Eb31854857
Eb31854857
 
Analysis of Cloud Computing Security Concerns and Methodologies
Analysis of Cloud Computing Security Concerns and MethodologiesAnalysis of Cloud Computing Security Concerns and Methodologies
Analysis of Cloud Computing Security Concerns and Methodologies
 
Rp059 Icect2012 E694
Rp059 Icect2012 E694Rp059 Icect2012 E694
Rp059 Icect2012 E694
 
Insuring Security for Outsourced Data Stored in Cloud Environment
Insuring Security for Outsourced Data Stored in Cloud EnvironmentInsuring Security for Outsourced Data Stored in Cloud Environment
Insuring Security for Outsourced Data Stored in Cloud Environment
 
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...
 
Iaetsd cloud computing and security challenges
Iaetsd cloud computing and security challengesIaetsd cloud computing and security challenges
Iaetsd cloud computing and security challenges
 
Secure hash based distributed framework for utpc based cloud authorization
Secure hash based distributed framework for utpc based cloud authorizationSecure hash based distributed framework for utpc based cloud authorization
Secure hash based distributed framework for utpc based cloud authorization
 
Secure hash based distributed framework for utpc based cloud authorization
Secure hash based distributed framework for utpc based cloud authorizationSecure hash based distributed framework for utpc based cloud authorization
Secure hash based distributed framework for utpc based cloud authorization
 
Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms Cloud data security and various cryptographic algorithms
Cloud data security and various cryptographic algorithms
 
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
 
A Survey of Cloud Computing Security Issues and Consequences
A Survey of Cloud Computing Security Issues and ConsequencesA Survey of Cloud Computing Security Issues and Consequences
A Survey of Cloud Computing Security Issues and Consequences
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
 
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...
 
Maintaining Secure Cloud by Continuous Auditing
Maintaining Secure Cloud by Continuous AuditingMaintaining Secure Cloud by Continuous Auditing
Maintaining Secure Cloud by Continuous Auditing
 
Remote data integrity checking with a third party auditor in public cloud usi...
Remote data integrity checking with a third party auditor in public cloud usi...Remote data integrity checking with a third party auditor in public cloud usi...
Remote data integrity checking with a third party auditor in public cloud usi...
 
Enhanced security framework to ensure data security
Enhanced security framework to ensure data securityEnhanced security framework to ensure data security
Enhanced security framework to ensure data security
 
Simultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Simultaneously Supporting Privacy and Auditing in Cloud Computing SystemsSimultaneously Supporting Privacy and Auditing in Cloud Computing Systems
Simultaneously Supporting Privacy and Auditing in Cloud Computing Systems
 
Survey on cloud computing security techniques
Survey on cloud computing security techniquesSurvey on cloud computing security techniques
Survey on cloud computing security techniques
 
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREA SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
 

Cloud Monitoring And Forensic Using Security Metrics

  • 1. CLOUD MONITORING AND FORENSIC USING SECURITY METRICS Presented By: Sandeep Saxena Co-Author: Goutam Sanyal Galgotias college of Engineering & Technology, Greater Noida, India
  • 2. Contents  INTRODUCTION  ANALYSIS OF PREVIOUS RESEARCHES  PROPOSED METHODOLOGY  PROPOSED GENERIC MODEL FOR CLOUD MONITORING AND FORENSICS  CONCLUSION AND FUTURE WORK  REFRENCES
  • 3. Introduction Cloud computing is a new emerging technology in the era of science. This immediately brings up several important questions like-  Why we use cloud computing?  Is it real, or just another catchphrase?  How does it affect us? Cloud Computing : Cloud paradigm is used to enable expedient, on-demand network (cloud) access to a public pool of configurable computing resources ( e.g. networks, services, storage, application and services) that can be fast stipulated and released with minimal management effort or service provider interaction.
  • 4. 2 types of cloud: 1. Public Cloud 2. Private cloud Figure 1 : Public cloud ( Service Provider) and Private Cloud ( On- Premises)
  • 5. Analysis of Previous Research Validation security design is based on model and methodology approaches. For example NIST  Security made presents telecommunication architecture as combination of 3 layers: a. Infrastructure level: The set of hardware and software components that provide telecommunication functionality. b. Service level: Billed customer traffic flows. c. Application level: It motivates users to pay for the control layer services.
  • 6. Security Issues : Confidentiality , Integrity , Availability  For such issues , we need to monitor the user’s activity as prevention measure to provide security to other users on network.  Monitoring and Forensic is major concern of security for taking appropriate action against intruder or attackers.  Architectural services of cloud computing: a) Software-as-a-Service (SaaS): Salesforce.com, GoogleApps etc. b) Platform-as-a-Service(PaaS):Google Apps Engine c) Infrastructure-as-a-service(IaaS): Amazon web services
  • 7. According to Jennifer Bayuk : Iaas service provides secure network and storage services and Saas provides secure application service.  According to D.Zissis and D.Lekkas : Trusted third part implemented to provide strong authentication for financial transaction, authorization, data confidentiality and non repudiation.  According to Gary C. Kessler: Find root cause of forensics.  According to M. Tayor: Forensic experts install packet sniffers and monitoring tools on targeted machine to collect information. In private cloud it would be easy but in a public cloud it will be more difficult.
  • 8. Proposed Methodology Monitor Consumer Activity and Save Session log Records Find any Malicious activity Match with Signature Automated Forensic System will be activated to Store All Activities and Data in Metrics Stop Remote Access OR outside the cloud services ( at the same time massage send to consumer on phone and Email ) Administrator check security metrics and collect Data then send to higher authority for legal Processing Figure 2 : Monitoring and Forensic Methodology
  • 9. Proposed Generic Model for Cloud Computing and Forensics  Here we proposed an complete architecture to provide service to our consumer included secure monitoring and forensic system.  Service level agreement ( SLA ) : Signed by Consumer.  In our architecture , we used Host- based IDS for monitoring of incoming and outgoing network communication on consumer system. IDS includes both anomaly detection and misuse detection techniques for identifying activities on host system.  It includes 6 steps which are shows in figure 2.
  • 10. Figure 3: Generic architecture for cloud monitoring and forensic
  • 11. Conclusion and Future work  We proposed a forensic methodology to assure the confidentiality of user of cloud.  Create security matrix and audit trail for investigation.  Establish service level agreement (SLA) with customer.  In future, focus on rule base security matrix and integrity of user’s data.
  • 12. References [1] Cary Landis and Dan Blacharski,“Cloud Computing Made Easy” , Version 0.3. [2] G. Stoneburner, “Underlying Technical Models for Information Technology Security,” National Institute of Standards and Technology, 2001 [3] G. McGraw, Software Security: Addison-Wesley,2006 [4] Google App Engine, http://appengine.google.com [5]Amazon Elastic Compute Cloud(EC2), http://www.amazon.com/ec2 [6]Gary C. Kessler, “Anti-Forensic and the Digital Investigator” Champlain College Burlington, VT , USA Edith Cowan University, Mount Lawley, WA, Australia
  • 13. [7] CSA cloud Security Alliance, top Threats to cloud Computing V1.0, 2010 [8] Shaftab Ahmad and M. yahin Akhtar Raja, “Tackling Cloud Security Issues And Forensic Model”, IEEE 2010 [9] Jennifer Bayuk, “Cloud Security Metrics”, 6th International Conference on System of Systems Engineering, Albuquerque, New Mexico, USA –June 27- 30,2011 (IEEE) [10] D. Zissis and D. Lekkas , “Addressing Cloud Computing Security issues”, Future Generation Computer System (2011) Elsevier, doi:10.1016/j.future.2010.12.006 [11] M.Tayor, J. Haggerty, D. Gresty and R. Hegarty, “Digital evidence in cloud computing systems”, Computer Law and Security Review 26 (2010)