Today's businesses are increasingly relying on the cloud as an alternative IT solution due to its flexibility and lower cost. Compared to traditional enterprise networks, a cloud infrastructure is typically much larger and more complex. Understanding the potential security threats in such infrastructures is naturally more challenging than in traditional networks. This is evidenced by the fact that there are limited efforts on threat modeling for cloud infrastructures. In this paper, we conduct comprehensive threat modeling exercises based on two representative cloud infrastructures using several popular threat modeling methods, including attack surface, attack trees, attack graphs, and security metrics based on attack trees and attack graphs, respectively. Those threat modeling efforts may provide cloud providers useful lessons toward better understanding and improving the security of their cloud infrastructures. In addition, we show how hardening solution can be applied based on the threat models and security metrics through extended exercises. Such results may not only benefit the cloud provider but also embed more confidence in cloud tenants by providing them a clearer picture of the potential threats and mitigation solutions.This section briefly reviews several popular threat models and existing security metrics that will be applied in this paper, including attack surface, attack tree, attack graph, attack tree-based metric (ATM), and Bayesian network (BN)-based metric.-Attack surface: Originally proposed as a metric for software security, an attack surface captures software components that may lead to potential vulnerabilities, including entry and exit points (i.e., methods in a software program that either take user inputs or generate outputs), communication channels (e.g., TCP or UDP), and untrusted data items (e.g., configuration files or registry keys read by the software) [7]. Since the attack surface requires examining the source code of a software, due to the complexity of such a task, most existing work applies the concept in a high-level and intuitive manner. For example, six attack surfaces are said to exist between an end user, the cloud provider, and cloud services [8], although the exact meaning of such attack surface is not specified.-Attack tree: While the attack surface focuses on what may provide attackers initial privileges or accesses to a system, attack trees demonstrate the possible attack paths which may be followed by the attacker to further infiltrate the system [9].
High security for physical items such as intelligent machinery and residential appliances is provided via the Internet of Things (IoT). The physical objects are given a distinct online address known as the Internet Protocol to communicate with the network’s external foreign entities through the Internet (IP). IoT devices are in danger of security issues due to the surge in hacker attacks during Internet data exchange. If such strong attacks are to create a reliable security system, attack detection is essential. Attacks and abnormalities such as user-to-root (U2R), denial-of-service, and data-type probing could have an impact on an IoT system. This article examines various performance-based AI models to predict attacks and problems with IoT devices with accuracy. Particle Swarm Optimization (PSO), genetic algorithms, and ant colony optimization were used to demonstrate the effectiveness of the suggested technique concerning four different parameters. The results of the proposed method employing PSO outperformed those of the existing systems by roughly 73 percent.
Studies carried out by researchers show that data growth can be exploited in such a way that the use of deep learning algorithms allow predictions with a high level of precision based on the data, which is why the latest studies are focused on the use of convolutional neural networks as the optimal algorithm for image classification. The present research work has focused on making the diagnosis of a disease that affects the cornea called keratoconus through the use of deep learning algorithms to detect patterns that will later be used to carry out preventive detections. The algorithm used to perform the classifications has been convolutional neural networks as well as image preprocessing to remove noise that can limit neural network learning, resulting in more than 1900 classified images out of a total of >2000 images distributed between normal eyes and those with keratoconus, which is equivalent to 92%.
Cloud services are a popular concept used to describe how internet-based services are delivered and maintained. The computer technology environment is being restructured with respect to information preservation. Data protection is of critical importance when storing huge volumes of information. In today’s cyber world, an intrusion is a significant security problem. Services, information, and services are all vulnerable to attack in the cloud due to its distributed structure of the cloud. Inappropriate behavior in the connection and in the host is detected using intrusion detection systems (IDS) in the cloud. DDoS attacks are difficult to protect against since they produce massive volumes of harmful information on the network. This assault forces the cloud services to become unavailable to target consumers, which depletes computer resources and leaves the provider exposed to massive financial and reputational losses. Cyber-analyst data mining techniques may assist in intrusion detection. Machine learning techniques are used to create many strategies. Attribute selection techniques are also vital in keeping the dataset’s dimensionality low. In this study, one method is provided, and the dataset is taken from the NSL-KDD dataset. In the first strategy, a filtering method called learning vector quantization (LVQ) is used, and in the second strategy, a dimensionality-simplifying method called PCA. The selected attributes from each technique are used for categorization before being tested against a DoS attack. This recent study shows that an LVQ-based SVM performs better than the competition in detecting threats.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.