This is the accepted version of the paper.This version of the publication may differ from the final published version.
Permanent
AbstractCloud computing offers scalable on-demand services toconsumers with greater flexibility and lesser infrastructure investment. Since Cloud services are delivered using classical network protocols and formats over the Internet, implicit vulnerabilities existent in these protocols as well as threats introduced by newer architectures raise many securityand privacy concerns. In this paper, we survey factors affecting Cloud computing adoption, vulnerabilities,and attacks, and identify relevant solution directives to strengthen security and privacyin Cloud environment.
Predicting anomalous behaviour of a running process using system call trace is a common practice among security community and it is still an active research area. It is a typical pattern recognition problem and can be dealt with machine learning algorithms. Standard system call datasets were employed to train these algorithms. However, advancements in operating systems made these datasets outdated and un-relevant. Australian Defence Force Academy Linux Dataset (ADFA-LD) and Australian Defence Force Academy Windows Dataset (ADFA-WD) are new generation system calls datasets that contain labelled system call traces for modern exploits and attacks on various applications. In this paper, we evaluate performance of Modified Vector Space Representation technique on ADFA-LD and ADFA-WD datasets using various classification algorithms. Our experimental results show that our method performs well and it helps accurately distinguishing process behaviour through system calls.
Abstract. Cloud services delivered as utility computing over the Internet makes it an attractive target for cyber intruders. Protecting network accessible Cloud resources and services from ever increasing cyber threats is of great concern. Most of the Network based Intrusion Detection System (NIDS) being rule based and therefore only capable of identifying known attacks (through pattern matching). Traditional Anomaly Detection based IDS may generate more number of false positives.In this paper, we attempt to amalgamate IDS with Cloud computing. Introducing Honeypot in Cloud IDS design can greatly help in detecting potential attacks with reduced number of false positives. This research work provides an impetus to strengthen network security aspects related to Cloud computing to make it more trustworthy.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.