This document presents a methodology for cloud monitoring and forensics using security metrics. It discusses previous research on cloud security issues and architectural services. The proposed methodology monitors consumer activity, detects malicious activity using signatures, and activates an automated forensic system to store activity metrics. When malicious activity is detected, remote access is stopped and administrators are notified to collect data for legal processing. A generic architecture is proposed that uses host-based intrusion detection for monitoring network communications and a six-step process for cloud monitoring and forensics.
Developed security and privacy algorithms for cyber physical system IJECEIAES
Cyber-physical system (CPS) is a modern technology in the cyber world, and it integrates with wireless sensor network (WSN). This system is widely used in many applications such as a smart city, greenhouse, healthcare, and power grid. Therefore, the data security and integrity are necessary to ensure the highest level of protection and performance for such systems. In this paper, two sides security system for cyber-physical level is proposed to obtain security, privacy, and integrity. The first side is applied the secure sockets layer (SSL)/transport layer security (TLS) encryption protocol with the internet of things (IoT) based message queuing telemetry transport (MQTT) protocol to secure the connection and encrypt the data exchange between the system's parties. The second side proposes an algorithm to detect and prevent a denial of service (DoS) attack (hypertext transfer protocol (HTTP) post request) on a Web server. The experiment results show the superior performance of the proposed method to secure the CPS by detecting and preventing the cyber-attacks, which infect the Web servers. They also prove the implementation of security, privacy and integrity aspects on the CPS.
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...CODE BLUE
Over 10,000 new cybersecurity technologies are developed each year yet we do not see a correlating decrease in cybersecurity threats. This is because cybersecurity isn’t a mere computer science problem. The most vulnerable part in the security chain is humans. But humans are also a valuable asset in countering cybersecurity threats. A kaleidoscope is constantly changing pattern or sequence of elements. In cyber we need to shake the kaleidoscope to create new ways of both identifying and solving problems.
This presentation will be somewhat unorthodox. Maurushat will weave a story through the thread of human behaviour and cybersecurity with the primary objective of making sense out of chaos. What do Mars Bars, Perestroika, Carrots, Transylvania, Robin Hood, Talin, Majong, Anti-Vaccination, the Mayor of Montreal, Tails and Pineapples have to do with cybersecurity?
In her presentation, Professor Maurushat encapsulates key human behaviour issues in cybersecurity based on 17 years of experience and research in ethical hacking, vulnerability markets, cybercrime investigations and cybersecurity policy consultation with governments and intelligence agencies.
There are no easy answers to cybersecurity challenges. However, this presentation will stimulate thinking about how to use the power of human behaviour to improve cybersecurity through emerging fields of behaviour data engineering, artificial intelligence, behavioural economics and neuro-diversity as evolution.
Security Issues and Challenges in Internet of Things – A ReviewIJERA Editor
The Internet of Things (IoT) alludes to the continually developing system of physical articles that component an
IP address for web availability, and the correspondence that happens between these items and other Web
empowered gadgets and frameworks. The security issues of the Internet of Things (IoT) are straight forwardly
identified with the wide utilization of its framework. IoT securities and enhancing the design and several
elements of this work showcases various security issues with respect to IoT and thinks of solutions for the issues
under the advancements included. Here we are going to do a study of all the security issues existing in the
Internet of Things (IoT) alongside an examination of the protection issues that an end-client might confront as
an outcome of the spread of IoT. Most of the overview is centred around the security emerging out of the data
trade innovations utilized as a part of Internet of Things. As a piece of IoTs, genuine concerns are raised over
access of individual data relating to gadget and individual protection. This review tells about the security and
protection issues of IoT.
The project title for this task force is “Cyber Security Maturity Model for Organizations”. Some of the
key things that you are going to learn from this presentation is:
The user organizations will learn, how to easily adapt a cyber security maturity assessmentmodel based on the widely accepted frameworks such as NIST CSF and ISO27001:2013
The readers will learn about the core information security domains and how to plan forsecurity activities around those core domains
The readers will learn how to prioritize the security budget and draw out the securitycontrol implementation roadmap for their organization
The readers will learn to apply a risk informed approach to information security for theirorganizations which can be used to educate about and sell security to their CEO’s and board members.
Developed security and privacy algorithms for cyber physical system IJECEIAES
Cyber-physical system (CPS) is a modern technology in the cyber world, and it integrates with wireless sensor network (WSN). This system is widely used in many applications such as a smart city, greenhouse, healthcare, and power grid. Therefore, the data security and integrity are necessary to ensure the highest level of protection and performance for such systems. In this paper, two sides security system for cyber-physical level is proposed to obtain security, privacy, and integrity. The first side is applied the secure sockets layer (SSL)/transport layer security (TLS) encryption protocol with the internet of things (IoT) based message queuing telemetry transport (MQTT) protocol to secure the connection and encrypt the data exchange between the system's parties. The second side proposes an algorithm to detect and prevent a denial of service (DoS) attack (hypertext transfer protocol (HTTP) post request) on a Web server. The experiment results show the superior performance of the proposed method to secure the CPS by detecting and preventing the cyber-attacks, which infect the Web servers. They also prove the implementation of security, privacy and integrity aspects on the CPS.
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...CODE BLUE
Over 10,000 new cybersecurity technologies are developed each year yet we do not see a correlating decrease in cybersecurity threats. This is because cybersecurity isn’t a mere computer science problem. The most vulnerable part in the security chain is humans. But humans are also a valuable asset in countering cybersecurity threats. A kaleidoscope is constantly changing pattern or sequence of elements. In cyber we need to shake the kaleidoscope to create new ways of both identifying and solving problems.
This presentation will be somewhat unorthodox. Maurushat will weave a story through the thread of human behaviour and cybersecurity with the primary objective of making sense out of chaos. What do Mars Bars, Perestroika, Carrots, Transylvania, Robin Hood, Talin, Majong, Anti-Vaccination, the Mayor of Montreal, Tails and Pineapples have to do with cybersecurity?
In her presentation, Professor Maurushat encapsulates key human behaviour issues in cybersecurity based on 17 years of experience and research in ethical hacking, vulnerability markets, cybercrime investigations and cybersecurity policy consultation with governments and intelligence agencies.
There are no easy answers to cybersecurity challenges. However, this presentation will stimulate thinking about how to use the power of human behaviour to improve cybersecurity through emerging fields of behaviour data engineering, artificial intelligence, behavioural economics and neuro-diversity as evolution.
Security Issues and Challenges in Internet of Things – A ReviewIJERA Editor
The Internet of Things (IoT) alludes to the continually developing system of physical articles that component an
IP address for web availability, and the correspondence that happens between these items and other Web
empowered gadgets and frameworks. The security issues of the Internet of Things (IoT) are straight forwardly
identified with the wide utilization of its framework. IoT securities and enhancing the design and several
elements of this work showcases various security issues with respect to IoT and thinks of solutions for the issues
under the advancements included. Here we are going to do a study of all the security issues existing in the
Internet of Things (IoT) alongside an examination of the protection issues that an end-client might confront as
an outcome of the spread of IoT. Most of the overview is centred around the security emerging out of the data
trade innovations utilized as a part of Internet of Things. As a piece of IoTs, genuine concerns are raised over
access of individual data relating to gadget and individual protection. This review tells about the security and
protection issues of IoT.
The project title for this task force is “Cyber Security Maturity Model for Organizations”. Some of the
key things that you are going to learn from this presentation is:
The user organizations will learn, how to easily adapt a cyber security maturity assessmentmodel based on the widely accepted frameworks such as NIST CSF and ISO27001:2013
The readers will learn about the core information security domains and how to plan forsecurity activities around those core domains
The readers will learn how to prioritize the security budget and draw out the securitycontrol implementation roadmap for their organization
The readers will learn to apply a risk informed approach to information security for theirorganizations which can be used to educate about and sell security to their CEO’s and board members.
Reference Security Architecture for Mobility- InsurancePriyanka Aash
The project title for this task force is “Reference security architecture for Mobility”. Some of the key things that you are going to learn from this presentation is:
The reader will learn about the current aspects of mobility, its use cases, control measures and common architectural components
The document highlights the current generic mobility models, business drivers and challenges the enterprise mobility solutions faces
The document also lists out some sample example implementations for better understanding of the concepts presented to the reader
The readers will also learn to create a mobility security architecture framework to successfully build Enterprise Mobility Management program for their organization
Cloudbrew 2019 - Threat hunting with the Microsoft CloudTom Janetscheck
With the release of Azure Sentinel, Microsoft has shifted some features from Azure Security Center to their new threat hunting solution. But how do all the security tools Microsoft offers nowadays integrate with each other? How can you find a way through this security jungle? And how do you make sure to have the right tools in place when it comes to protecting your IT environments and hunting threats?
Join cloud security expert and Microsoft MVP Tom Janetscheck for this demo-rich session to get all these questions answered and to learn how to protect your resources easily and efficiently.
A Novel Security Approach for Communication using IOTIJEACS
The Internet of Things (IOT) is the arrangement of physical articles or "things" introduced with equipment, programming, sensors, and framework accessibility, which enables these things to accumulate and exchange data. Here outlining security convention for the Internet of Things, and execution of this relating security convention on the inserted gadgets. This convention will cover the honesty of messages and verification of every customer by giving a productive confirmation component. By this venture the protected correspondence is executed on implanted gadgets.
Iot Cyber Security & Vulnerabilities Challenges and Opportunities in Security of Internet of Things
Security is the Key
Inherent Security Challenges
Threat Spectrum – Trends
Securing the “Things”
IoT Cybersecurity – Security Triad
Threat Model
Availability threats
Integrity threats
Authenticity threats
Confidentiality threats
Non-repudiation/accountability threats
The session with highlight Intel’s vision for IoT Security and the fundamental building blocks and capabilities Intel and the ecosystem are providing to organizations to build security in from design through deployment and maintenance.
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
Internet Society (ISOC) aims are:
make security an integrated function of connected objects and encourages IoT device and service providers for consumers to adopt the Online Trust Alliance (OTA) security and privacy principles ;
increase the consumer demand for security and privacy in the IoT devices they purchase;
create government policies and regulations that promote better security and privacy features in IoT devices.
A Collaborative Intrusion Detection System for Cloud Computingijsrd.com
Cloud computing is a computing paradigm that shifts drastically from traditional computing architecture. Although this new computing paradigm brings many advantages like utility computing model but the design in not flawless and hence suffers from not only many known computer vulnerabilities but also introduces unique information confidentiality, integrity and availability risks as well due its inherent design paradigm. To provide secure and reliable services in cloud computing environment is an important issue. To counter a variety of attacks, especially large-scale coordinated attacks, a framework of Collaborative Intrusion Detection System (IDS) is proposed. The proposed system could reduce the impact of these kinds of attacks through providing timely notifications about new intrusions to Cloud users' systems. To provide such ability, IDSs in the cloud computing regions both correlate alerts from multiple elementary detectors and exchange knowledge of interconnected Clouds with each other.
First line of defense for cybersecurity : AIAhmed Banafa
The year 2017 wasn't a great year for cyber-security; we saw a large number of high-profile cyber attacks; including Uber, Deloitte, Equifax and the now infamous WannaCry ransomware attack, and 2018 started with a bang too with the hacking of Winter Olympics.
The frightening truth about increasingly cyber-attacks is that most businesses and the cybersecurity industry itself are not prepared. Despite the constant flow of security updates and patches, the number of attacks continues to rise.
Practical risk management for the multi cloudUlf Mattsson
This session will take a practical approach to IT risk management and discuss multi cloud, Verizon Data Breach Investigations Report (DBIR) and how Enterprises are losing ground in the fight against persistent cyber-attacks. We simply cannot catch the bad guys until it is too late. This picture is not improving. Verizon reports concluded that less than 14% of breaches are detected by internal monitoring tools.
We will review the JP Morgan Chase data breach were hackers were in the bank’s network for months undetected. Network configuration errors are inevitable, even at the largest banks as Capital One that recently had a data breach where a hacker gained access to 100 million credit card applications and accounts.
Viewers will also learn about:
- Macro trends in Cloud security and Micro trends in Cloud security
- Risks from Quantum Computing and when we should move to alternate forms of encryption
- Review “Kill Chains” from Lockhead Martin in relation to APT and DDoS Attacks
- Risk Management methods from ISACA and other organizations
Speaker: Ulf Mattsson, Head of Innovation, TokenEx
A Study and Comparative analysis of Conditional Random Fields for Intrusion d...IJORCS
Intrusion detection systems are an important component of defensive measures protecting computer systems and networks from abuse. Intrusion detection plays one of the key roles in computer security techniques and is one of the prime areas of research. Due to complex and dynamic nature of computer networks and hacking techniques, detecting malicious activities remains a challenging task for security experts, that is, currently available defense systems suffer from low detection capability and high number of false alarms. An intrusion detection system must reliably detect malicious activities in a network and must perform efficiently to cope with the large amount of network traffic. In this paper we study the Machine Learning and data mining techniques to solve Intrusion Detection problems within computer networks and compare the various approaches with conditional random fields and address these two issues of Accuracy and Efficiency using Conditional Random Fields and Layered Approach.
Reference Security Architecture for Mobility- InsurancePriyanka Aash
The project title for this task force is “Reference security architecture for Mobility”. Some of the key things that you are going to learn from this presentation is:
The reader will learn about the current aspects of mobility, its use cases, control measures and common architectural components
The document highlights the current generic mobility models, business drivers and challenges the enterprise mobility solutions faces
The document also lists out some sample example implementations for better understanding of the concepts presented to the reader
The readers will also learn to create a mobility security architecture framework to successfully build Enterprise Mobility Management program for their organization
Cloudbrew 2019 - Threat hunting with the Microsoft CloudTom Janetscheck
With the release of Azure Sentinel, Microsoft has shifted some features from Azure Security Center to their new threat hunting solution. But how do all the security tools Microsoft offers nowadays integrate with each other? How can you find a way through this security jungle? And how do you make sure to have the right tools in place when it comes to protecting your IT environments and hunting threats?
Join cloud security expert and Microsoft MVP Tom Janetscheck for this demo-rich session to get all these questions answered and to learn how to protect your resources easily and efficiently.
A Novel Security Approach for Communication using IOTIJEACS
The Internet of Things (IOT) is the arrangement of physical articles or "things" introduced with equipment, programming, sensors, and framework accessibility, which enables these things to accumulate and exchange data. Here outlining security convention for the Internet of Things, and execution of this relating security convention on the inserted gadgets. This convention will cover the honesty of messages and verification of every customer by giving a productive confirmation component. By this venture the protected correspondence is executed on implanted gadgets.
Iot Cyber Security & Vulnerabilities Challenges and Opportunities in Security of Internet of Things
Security is the Key
Inherent Security Challenges
Threat Spectrum – Trends
Securing the “Things”
IoT Cybersecurity – Security Triad
Threat Model
Availability threats
Integrity threats
Authenticity threats
Confidentiality threats
Non-repudiation/accountability threats
The session with highlight Intel’s vision for IoT Security and the fundamental building blocks and capabilities Intel and the ecosystem are providing to organizations to build security in from design through deployment and maintenance.
IoT security and privacy: main challenges and how ISOC-OTA address themRadouane Mrabet
Internet Society (ISOC) aims are:
make security an integrated function of connected objects and encourages IoT device and service providers for consumers to adopt the Online Trust Alliance (OTA) security and privacy principles ;
increase the consumer demand for security and privacy in the IoT devices they purchase;
create government policies and regulations that promote better security and privacy features in IoT devices.
A Collaborative Intrusion Detection System for Cloud Computingijsrd.com
Cloud computing is a computing paradigm that shifts drastically from traditional computing architecture. Although this new computing paradigm brings many advantages like utility computing model but the design in not flawless and hence suffers from not only many known computer vulnerabilities but also introduces unique information confidentiality, integrity and availability risks as well due its inherent design paradigm. To provide secure and reliable services in cloud computing environment is an important issue. To counter a variety of attacks, especially large-scale coordinated attacks, a framework of Collaborative Intrusion Detection System (IDS) is proposed. The proposed system could reduce the impact of these kinds of attacks through providing timely notifications about new intrusions to Cloud users' systems. To provide such ability, IDSs in the cloud computing regions both correlate alerts from multiple elementary detectors and exchange knowledge of interconnected Clouds with each other.
First line of defense for cybersecurity : AIAhmed Banafa
The year 2017 wasn't a great year for cyber-security; we saw a large number of high-profile cyber attacks; including Uber, Deloitte, Equifax and the now infamous WannaCry ransomware attack, and 2018 started with a bang too with the hacking of Winter Olympics.
The frightening truth about increasingly cyber-attacks is that most businesses and the cybersecurity industry itself are not prepared. Despite the constant flow of security updates and patches, the number of attacks continues to rise.
Practical risk management for the multi cloudUlf Mattsson
This session will take a practical approach to IT risk management and discuss multi cloud, Verizon Data Breach Investigations Report (DBIR) and how Enterprises are losing ground in the fight against persistent cyber-attacks. We simply cannot catch the bad guys until it is too late. This picture is not improving. Verizon reports concluded that less than 14% of breaches are detected by internal monitoring tools.
We will review the JP Morgan Chase data breach were hackers were in the bank’s network for months undetected. Network configuration errors are inevitable, even at the largest banks as Capital One that recently had a data breach where a hacker gained access to 100 million credit card applications and accounts.
Viewers will also learn about:
- Macro trends in Cloud security and Micro trends in Cloud security
- Risks from Quantum Computing and when we should move to alternate forms of encryption
- Review “Kill Chains” from Lockhead Martin in relation to APT and DDoS Attacks
- Risk Management methods from ISACA and other organizations
Speaker: Ulf Mattsson, Head of Innovation, TokenEx
A Study and Comparative analysis of Conditional Random Fields for Intrusion d...IJORCS
Intrusion detection systems are an important component of defensive measures protecting computer systems and networks from abuse. Intrusion detection plays one of the key roles in computer security techniques and is one of the prime areas of research. Due to complex and dynamic nature of computer networks and hacking techniques, detecting malicious activities remains a challenging task for security experts, that is, currently available defense systems suffer from low detection capability and high number of false alarms. An intrusion detection system must reliably detect malicious activities in a network and must perform efficiently to cope with the large amount of network traffic. In this paper we study the Machine Learning and data mining techniques to solve Intrusion Detection problems within computer networks and compare the various approaches with conditional random fields and address these two issues of Accuracy and Efficiency using Conditional Random Fields and Layered Approach.
NIST Cloud Computing Forum and Workshop VIII
July 2015
Cloud Computing Forensic Science
Posted as a courtesy by:
Dave Sweigert
CISA CISSP HCISPP PMP SEC+
Memory forensics using VMI for cloud computingPriyanka Aash
The relocation of systems and services into cloud environments is on the rise. Because of this trend users lose direct control over their machines and depend on the offered services from cloud providers. These services are especially in the field of digital forensics very rudimentary. The possibilities for users to analyze their virtual machines with forensic methods are very limited. In the underlying research of this talk a practical approach has been developed that gives the user additional capabilities in the field of forensic investigations. The solution focuses on a memory forensic service offering. To reach this goal, a management solution for cloud environments has been extended with memory forensic services. Self-developed memory forensic services, which are installed on each cloud node and are managed through the cloud management component, are the basis for this solution. Forensic data is gained via virtual machine introspection techniques. Compared to other approaches it is possible to get trustworthy data without influencing the running system. Additionally, a general overview about the underlying technologies is provided and the pros and cons are discussed. The solution approach is discussed in a generic way and practically implemented in a prototype. In this prototype OpenNebula is used for managing the cloud infrastructure in combination with Xen as virtualization component, LibVMI as Virtual Machine Introspection library and Volatility as forensic tool.
(Source: Black Hat USA 2016, Las Vegas)
Performance Analysis of Mobile Security Protocols: Encryption and Authenticat...CSCJournals
Due to extremely high demand of mobile phones among people, over the years there has been a great demand for the support of various applications and security services. 2G and 3G provide two levels of security through: encryption and authentication. This paper presents performance analysis and comparison between the algorithms in terms of time complexity. The parameters considered for comparison are processing power and input size. Security features may have adverse effect on quality of services offered to the end users and the system capacity. The computational cost overhead that the security protocols and algorithms impose on lightweight end users devices is analyzed. The results of analysis reveal the effect of authentication and encryption algorithms of 2G and 3G on system performance defined in terms of throughput which will further help in quantifying the overhead caused due to security.
"Looking for Information Vacuums" - Social Media and Countering Disinformation. Presented at the NATO STRATCOM Conference, Split, Croatia, 07 October 2014.
In this presentation, Sowmya presents an interesting application that finds malware/viruses in mobile platforms through the use of data mining techniques
Did you know that mobile security breaches have affected more than two-thirds of global organizations in the last 12 months? This presentation helps you assess where you stand, explains the different security threats that are out there, and argues for why you should be using Security by Design for all your mobile apps.
Sections:
Introduction
Cloud Computing background
Securing the Cloud
Virtualization
Mobile Cloud Computing
User safety & energy consumption
Author’s proposal
Conclusion
In order to make cloud computing to be adopted by users and enterprises, security concerns of users should be rectified by making cloud environment trustworthy, discussed by Latif et al. in the assessment of cloud computing risks[2].
We address the questions related to:
security concerns and threats over general cloud computing,
(2) the solutions for these problems and
(3) mobile users safety in convergence with energy consumption.
Mobile forensics is a branch of digital forensics. Simply, it is a science of recovering different kinds of evidence from mobile phones. It helps investigators significantly to reach to the criminal.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Insuring Security for Outsourced Data Stored in Cloud EnvironmentEditor IJCATR
The cloud storage offers users with infrastructure flexibility, faster deployment of applications and data, cost
control, adaptation of cloud resources to real needs, improved productivity, etc. Inspite of these advantageous factors, there
are several deterrents to the widespread adoption of cloud computing remain. Among them, security towards the correctness
of the outsourced data and issues of privacy lead a major role. In order to avoid security risk for the outsourced data, we
propose the dynamic audit services that enables integrity verification of untrusted and outsourced storages. An interactive
proof system (IPS) with the zero knowledge property is introduced to provide public auditability without downloading raw
data and protect privacy of the data. In the proposed system data owner stores the large number of data in cloud after e
encrypting the data with private key and also send public key to third party auditor (TPA) for auditing purpose. TPA in
clouds and it’s maintained by CSP. An Authorized Application (AA), which holds a data owners secret key (sk) and
manipulate the outsourced data and update the associated IHT stored in TPA. Finally Cloud users access the services through
the AA. Our system also provides secure auditing while the data owner outsourcing the data in the cloud. And after
performing auditing operations, security solutions are enhanced for the purpose of detecting malicious users with the help of
Certificate Authority
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...IJERA Editor
In this paper, SMCSaaS is proposed to secure email system based on Web Service and Cloud Computing
Model. The model offers end-to-end security, privacy, and non-repudiation of PKI without the associated
infrastructure complexity. The Proposed Model control risks in Cloud Computing like Insecure Application
Programming Interfaces, Malicious Insiders, Data Loss Shared Technology Vulnerabilities, or Leakage,
Account, Service, Traffic Hijacking and Unknown Risk Profile
Cloud data security and various cryptographic algorithms IJECEIAES
Cloud computing has spread widely among different organizations due to its advantages, such as cost reduction, resource pooling, broad network access, and ease of administration. It increases the abilities of physical resources by optimizing shared use. Clients’ valuable items (data and applications) are moved outside of regulatory supervision in a shared environment where many clients are grouped together. However, this process poses security concerns, such as sensitive information theft and personally identifiable data leakage. Many researchers have contributed to reducing the problem of data security in cloud computing by developing a variety of technologies to secure cloud data, including encryption. In this study, a set of encryption algorithms (advance encryption standard (AES), data encryption standard (DES), Blowfish, Rivest-Shamir-Adleman (RSA) encryption, and international data encryption algorithm (IDEA) was compared in terms of security, data encipherment capacity, memory usage, and encipherment time to determine the optimal algorithm for securing cloud information from hackers. Results show that RSA and IDEA are less secure than AES, Blowfish, and DES). The AES algorithm encrypts a huge amount of data, takes the least encipherment time, and is faster than other algorithms, and the Blowfish algorithm requires the least amount of memory space.
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Editor IJCATR
Network Intrusion detection and Countermeasure Election in virtual network systems (NICE) are used to establish a
defense-in-depth intrusion detection framework. For better attack detection, NICE incorporates attack graph analytical procedures into
the intrusion detection processes. We must note that the design of NICE does not intend to improve any of the existing intrusion
detection algorithms; indeed, NICE employs a reconfigurable virtual networking approach to detect and counter the attempts to
compromise VMs, thus preventing zombie VMs. NICE includes two main phases: deploy a lightweight mirroring-based network
intrusion detection agent (NICE-A) on each cloud server to capture and analyze cloud traffic. A NICE-A periodically scans the virtual
system vulnerabilities within a cloud server to establish Scenario Attack Graph (SAGs), and then based on the severity of identified
vulnerability toward the collaborative attack goals, NICE will decide whether or not to put a VM in network inspection state. Once a
VM enters inspection state, Deep Packet Inspection (DPI) is applied, and/or virtual network reconfigurations can be deployed to the
inspecting VM to make the potential attack behaviors prominent.
The paradigm called “Cloud computing” acts as a mechanism for attaining the resources of shared technology and infrastructure cost-effectively. The on-demand services are accomplished to execute the various operations across the network. Regularly, the last client doesn't know about the area of open physical assets and devices. Developing, using, and dealing with their applications 'on the cloud', which includes virtualization of assets that keeps and guides itself are led by arranged activities to clients. Calculation experience the new methodology of cloud computing which perhaps keeps the world and can set up all the human necessities. At the end of the day, cloud computing is the ensuing normal step in the development of on-request data innovation administrations and items. The Cloud is an allegory for the Internet and is an idea for the secured confused foundation; it likewise relies upon drawing network graphs on a computer. In this work, thorough investigations of distributed computing security and protection concerns are given. The work distinguishes both the identified and unidentified attacks, vulnerabilities in the cloud, security attacks and also the solutions to control these threats and attacks. Moreover, the restrictions of the present solutions and offers various perceptions of security viewpoints are distinguished and explored. At long last, a cloud security system is given in which the different lines of protection and the reliance levels among them are identified.
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
In the IoT scenario, things at the edge can create significantly large amounts of data. Fog Computing has recently emerged as the paradigm to address the needs of edge computing in the Internet of Things (IoT) and Industrial Internet of Things (IIoT) applications. In a Fog Computing environment, much of the processing would take place closer to the edge in a router device, rather than having to be transmitted to the Fog. Authentication is an important issue for the security of fog computing since services are offered to massive-scale end users by front fog nodes.Fog computing faces new security and privacy challenges besides those inherited from cloud computing. Authentication helps to ensure and confirms a user's identity. The existing traditional password authentication does not provide enough security for the data and there have been instances when the password-based authentication has been manipulated to gain access into the data. Since the conventional methods such as passwords do not serve the purpose of data security, research worksare focused on biometric user authentication in fog computing environment. In this paper, we present biometric smartcard authentication to protect the fog computing environment.
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
In the IoT scenario, things at the edge can create significantly large amounts of data. Fog Computing has recently emerged as the paradigm to address the needs of edge computing in the Internet of Things (IoT) and Industrial Internet of Things (IIoT) applications. In a Fog Computing environment, much of the processing would take place closer to the edge in a router device, rather than having to be transmitted to the Fog. Authentication is an important issue for the security of fog computing since services are offered to massive-scale end users by front fog nodes.Fog computing faces new security and privacy challenges besides those inherited from cloud computing. Authentication helps to ensure and confirms a user's identity. The existing traditional password authentication does not provide enough security for the data and there have been instances when the password-based authentication has been manipulated to gain access into the data. Since the conventional methods such as passwords do not serve the purpose of data security, research worksare focused on biometric user authentication in fog computing environment. In this paper, we present biometric smartcard authentication to protect the fog computing environment.
APPLYING GEO-ENCRYPTION AND ATTRIBUTE BASED ENCRYPTION TO IMPLEMENT SECURE AC...IJCNCJournal
Cloud computing is utility-based computing provides many benefits to its clients but security is one aspect which is delaying its adoptions. Security challenges include data security, network security and infrastructure security. Data security can be achieved using Cryptography. If we include location information in the encryption and decryption process then we can bind access to data with the location so that data can be accessed only from the specified locations. In this paper, we propose a method based on the symmetric cryptography, location-based cryptography and ciphertext policy – Attribute-based encryption (CP-ABE) to implements secure access control to the outsourced data. The Symmetric key is used to encrypt that data whereas CP-ABE is used to encrypt the secret key and the location lock value before uploading on the server. User will download encrypted data and the symmetric secret key XORed with the Location Lock value, using his attributes based secret key he can obtain first XORed value of Symmetric secret key and location lock value. Using anti-spoof GPS Location lock value can be obtained which can be used to retrieve the symmetric secret key. We have adopted Massage Authentication Code (MAC) to ensure Integrity and Availability of the data. This protocol can be used in the Bank, government organization, military services or any other industry those are having their offices/work location at a fixed place, so data access can be bounded to that location.
Maintaining Secure Cloud by Continuous Auditingijtsrd
Increases in cloud computing capacity, as well as decreases in the cost of processing, are moving at a fast pace. These patterns make it incumbent upon organizations to keep pace with changes in technology that significantly influence security. Cloud security auditing depends upon the environment, and the rapid growth of cloud computing is an important new context in world economics. The small price of entry, bandwidth, and processing power capability means that individuals and organizations of all sizes have more capacity and agility to exercise shifts in computation and to disrupt industry in cyberspace than more traditional domains of business economics worldwide. An analysis of prevalent cloud security issues and the utilization of cloud audit methods can mitigate security concerns. This verification methodology indicates how to use frameworks to review cloud service providers (CSPs). The key barrier to widespread uptake of cloud computing is the lack of trust in clouds by potential customers. While preventive controls for security and privacy are actively researched, there is still little focus on detective controls related to cloud accountability and auditability. The complexity resulting from large-scale virtualization and data distribution carried out in current clouds has revealed an urgent research agenda for cloud accountability, as has the shift in focus of customer concerns from servers to data. M. Kanimozhi | A. Aishwarya | S. Triumal"Maintaining Secure Cloud by Continuous Auditing" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-2 | Issue-3 , April 2018, URL: http://www.ijtsrd.com/papers/ijtsrd10829.pdf http://www.ijtsrd.com/engineering/computer-engineering/10829/maintaining-secure-cloud-by-continuous-auditing/m-kanimozhi
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Simultaneously Supporting Privacy and Auditing in Cloud Computing SystemsTyrone Grandison
Over the last few years, cloud services have been steadily gaining traction in their use by commercial and non-commercial entities. As more and more sensitive or valuable processes, business functions and data move into the cloud, the need to improve threat identification and response, via auditing cloud transactions, increases. At the same time, the need for cloud users to protect the security and privacy of their resources has also intensified. In this paper, the problem of simultaneously supporting privacy and auditing in cloud systems is studied. Specifically, the paper discusses the guiding principles, fundamental concepts, and threat models for current cloud computing systems. Finally, we propose infrastructure that exploits a novel thin layer between the client and the cloud service provider to ensure that data storage, operation, and auditing does not reveal sensitive client information.
Survey on cloud computing security techniqueseSAT Journals
Abstract Cloud computing is one of the emerging technology in computer science field. It provides various services and resources, still enterprises are disinclined to invest their business in cloud computing. It is because of security issues it has. There are different service models in cloud computing and threats to security also have different. The characteristics that are must be ensured while thinking about data security in cloud computing are integrity, availability and confidentiality. In this paper we are surveying some of the Intrusion Detection and Prevention Systems (IDPS) and comparing them regarding their ability to provide data security. Keywords— Cloud Security, cloud computing, data security, IDPS
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTUREIJNSA Journal
In a typical cloud computing diverse facilitating components like hardware, software, firmware,
networking, and services integrate to offer different computational facilities, while Internet or a private
network (or VPN) provides the required backbone to deliver the services. The security risks to the cloud
system delimit the benefits of cloud computing like “on-demand, customized resource availability and
performance management”. It is understood that current IT and enterprise security solutions are not
adequate to address the cloud security issues. This paper explores the challenges and issues of security
concerns of cloud computing through different standard and novel solutions. We propose analysis and
architecture for incorporating different security schemes, techniques and protocols for cloud computing,
particularly in Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) systems. The proposed
architecture is generic in nature, not dependent on the type of cloud deployment, application agnostic and
is not coupled with the underlying backbone. This would facilitate to manage the cloud system more
effectively and provide the administrator to include the specific solution to counter the threat. We have also
shown using experimental data how a cloud service provider can estimate the charging based on the
security service it provides and security-related cost-benefit analysis can be estimated.
Similar to Cloud Monitoring And Forensic Using Security Metrics (20)
A SECURITY FRAMEWORK IN CLOUD COMPUTING INFRASTRUCTURE
Cloud Monitoring And Forensic Using Security Metrics
1. CLOUD MONITORING AND
FORENSIC USING
SECURITY METRICS
Presented By:
Sandeep Saxena
Co-Author:
Goutam Sanyal
Galgotias college of Engineering & Technology, Greater Noida, India
2. Contents
INTRODUCTION
ANALYSIS OF PREVIOUS RESEARCHES
PROPOSED METHODOLOGY
PROPOSED GENERIC MODEL FOR CLOUD
MONITORING AND FORENSICS
CONCLUSION AND FUTURE WORK
REFRENCES
3. Introduction
Cloud computing is a new emerging technology in the era of
science. This immediately brings up several important
questions like-
Why we use cloud computing?
Is it real, or just another catchphrase?
How does it affect us?
Cloud Computing : Cloud paradigm is used to enable
expedient, on-demand network (cloud) access to a public
pool of configurable computing resources ( e.g. networks,
services, storage, application and services) that can be fast
stipulated and released with minimal management effort or
service provider interaction.
4. 2 types of cloud:
1. Public Cloud
2. Private cloud
Figure 1 : Public cloud ( Service Provider) and Private Cloud ( On-
Premises)
5. Analysis of Previous Research
Validation security design is based on model and
methodology approaches. For example NIST
Security made presents telecommunication architecture as
combination of 3 layers:
a. Infrastructure level: The set of hardware and software
components that provide telecommunication
functionality.
b. Service level: Billed customer traffic flows.
c. Application level: It motivates users to pay for the control
layer services.
6. Security Issues : Confidentiality , Integrity , Availability
For such issues , we need to monitor the user’s activity as
prevention measure to provide security to other users on
network.
Monitoring and Forensic is major concern of security for
taking appropriate action against intruder or attackers.
Architectural services of cloud computing:
a) Software-as-a-Service (SaaS): Salesforce.com, GoogleApps
etc.
b) Platform-as-a-Service(PaaS):Google Apps Engine
c) Infrastructure-as-a-service(IaaS): Amazon web services
7. According to Jennifer Bayuk : Iaas service provides
secure network and storage services and Saas provides
secure application service.
According to D.Zissis and D.Lekkas : Trusted third part
implemented to provide strong authentication for financial
transaction, authorization, data confidentiality and non
repudiation.
According to Gary C. Kessler: Find root cause of
forensics.
According to M. Tayor: Forensic experts install packet
sniffers and monitoring tools on targeted machine to collect
information. In private cloud it would be easy but in a
public cloud it will be more difficult.
8. Proposed Methodology
Monitor Consumer Activity and
Save Session log Records
Find any Malicious activity Match with
Signature
Automated Forensic System will be
activated to Store All Activities and Data
in Metrics
Stop Remote Access OR outside the
cloud services ( at the same time
massage send to consumer on phone
and Email )
Administrator check security metrics and
collect Data then send to higher authority
for legal Processing
Figure 2 : Monitoring and Forensic Methodology
9. Proposed Generic Model for Cloud
Computing and Forensics
Here we proposed an complete architecture to provide
service to our consumer included secure monitoring and
forensic system.
Service level agreement ( SLA ) : Signed by Consumer.
In our architecture , we used Host- based IDS for
monitoring of incoming and outgoing network
communication on consumer system. IDS includes both
anomaly detection and misuse detection techniques for
identifying activities on host system.
It includes 6 steps which are shows in figure 2.
11. Conclusion and Future work
We proposed a forensic methodology to assure the
confidentiality of user of cloud.
Create security matrix and audit trail for investigation.
Establish service level agreement (SLA) with customer.
In future, focus on rule base security matrix and integrity
of user’s data.
12. References
[1] Cary Landis and Dan Blacharski,“Cloud Computing
Made Easy” , Version 0.3.
[2] G. Stoneburner, “Underlying Technical Models for
Information Technology Security,” National Institute of
Standards and Technology, 2001
[3] G. McGraw, Software Security: Addison-Wesley,2006
[4] Google App Engine, http://appengine.google.com
[5]Amazon Elastic Compute Cloud(EC2),
http://www.amazon.com/ec2
[6]Gary C. Kessler, “Anti-Forensic and the Digital
Investigator” Champlain College Burlington, VT , USA
Edith Cowan University, Mount Lawley, WA, Australia
13. [7] CSA cloud Security Alliance, top Threats to cloud
Computing V1.0, 2010
[8] Shaftab Ahmad and M. yahin Akhtar Raja, “Tackling
Cloud Security Issues And Forensic Model”, IEEE 2010
[9] Jennifer Bayuk, “Cloud Security Metrics”, 6th
International Conference on System of Systems
Engineering, Albuquerque, New Mexico, USA –June 27-
30,2011 (IEEE)
[10] D. Zissis and D. Lekkas , “Addressing Cloud
Computing Security issues”, Future Generation Computer
System (2011) Elsevier, doi:10.1016/j.future.2010.12.006
[11] M.Tayor, J. Haggerty, D. Gresty and R. Hegarty,
“Digital evidence in cloud computing systems”, Computer
Law and Security Review 26 (2010)