Security Threats and Recent Countermeasures in Cloud Computing

Mishra, Anupama; Gupta, Neena; Gupta, Brij B.

doi:10.4018/978-1-7998-1082-7.ch007

Cited by 17 publications

(5 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Around USD 1 million Dropbox [56] End users and their security settings A total of 68 million user accounts were hacked Unknown Home Depot [57] An attack exploited the Home Depot's point-ofsale terminals Information from 56 million credit cards was stolen Over USD 100 million National Electoral Institute of Mexico [58] Unsecured data were published online A total of 93 billion voter registration records were compromised unknown Uber [59] Vulnerable Creepy Stalk version 57 million users' data and 60 million drivers' license information were exposed USD 148 million Yahoo [60] Session Hijack 3 billion user accounts hacked USD 4.5 million LinkedIn [61] Network Scraping A total of 700 million user accounts posted for sale on the dark web USD 5 million Microsoft [62] The breach occurred due to a misconfiguration in one of Microsoft's cloud databases, which left the data exposed without proper access controls Sensitive data of over 38 million Microsoft users were exposed, including email addresses, account IDs, and support case details $ unknown TBC Corporation [63] Misconfigured AWS S3 Bucket Approximately 17,000 customer records, including personally identifiable information (PII), such as names, addresses, and phone numbers Est. USD 1.5 million Volkswagen Group of America [64] Exposed Elasticsearch cluster Over 3.3 million records, including customer information and internal data, were exposed.…”

Section: Yearmentioning

confidence: 99%

Cloud Digital Forensics: Beyond Tools, Techniques, and Challenges

Malik,

Bhatti,

Park

et al. 2024

Sensors

View full text Add to dashboard Cite

Cloud computing technology is rapidly becoming ubiquitous and indispensable. However, its widespread adoption also exposes organizations and individuals to a broad spectrum of potential threats. Despite the multiple advantages the cloud offers, organizations remain cautious about migrating their data and applications to the cloud due to fears of data breaches and security compromises. In light of these concerns, this study has conducted an in-depth examination of a variety of articles to enhance the comprehension of the challenges related to safeguarding and fortifying data within the cloud environment. Furthermore, the research has scrutinized several well-documented data breaches, analyzing the financial consequences they inflicted. Additionally, it scrutinizes the distinctions between conventional digital forensics and the forensic procedures specific to cloud computing. As a result of this investigation, the study has concluded by proposing potential opportunities for further research in this critical domain. By doing so, it contributes to our collective understanding of the complex panorama of cloud data protection and security, while acknowledging the evolving nature of technology and the need for ongoing exploration and innovation in this field. This study also helps in understanding the compound annual growth rate (CAGR) of cloud digital forensics, which is found to be quite high at ≈16.53% from 2023 to 2031. Moreover, its market is expected to reach ≈USD 36.9 billion by the year 2031; presently, it is ≈USD 11.21 billion, which shows that there are great opportunities for investment in this area. This study also strategically addresses emerging challenges in cloud digital forensics, providing a comprehensive approach to navigating and overcoming the complexities associated with the evolving landscape of cloud computing.

show abstract

Section: Yearmentioning

confidence: 99%

Cloud Digital Forensics: Beyond Tools, Techniques, and Challenges

Malik,

Bhatti,

Park

et al. 2024

Sensors

View full text Add to dashboard Cite

show abstract

“…Live migration poses security threats such as DoS, Man-in-the-Middle-Attack, overflow attack and Reply attack. Cryptography, Authentication, Integrity and Authorization are recommended mitigation techniques [43].…”

Section: Vm Migrationmentioning

confidence: 99%

Extensive Study of Cloud Computing Technologies, Threats and Solutions Prospective

Abu-Alhaija¹,

Turab²,

Hamza³

2022

Computer Systems Science and Engineering

View full text Add to dashboard Cite

Infrastructure as a Service (IaaS) provides logical separation between data, network, applications and machines from the physical constrains of real machines. IaaS is one of the basis of cloud virtualization. Recently, security issues are also gradually emerging with virtualization of cloud computing. Different security aspects of cloud virtualization will be explored in this research paper, security recognizing potential threats or attacks that exploit these vulnerabilities, and what security measures are used to alleviate such threats. In addition, a discussion of general security requirements and the existing security schemes is also provided. As shown in this paper, different components of virtualization environment are targets to various attacks that in turn leads to security issues compromising the whole cloud infrastructure. In this paper an overview of various cloud security aspects is also provided. Different attack scenarios of virtualization environments and security solutions to cater these attacks have been discussed in the paper. We then proceed to discuss API security concerns, data security, hijacking of user account and other security concerns. The aforementioned discussions can be used in the future to propose assessment criteria, which could be useful in analyzing the efficiency of security solutions of virtualization environment in the face of various virtual environment attacks.

show abstract

“…Dawoud et al (2016) put forth a framework that is based on a trusted cloud authority to provide confidentiality as well for the data hosted on cloud services. Further, many other researchers have studied the security threats of cloud computing (Sabahi, 2011;Krutz and Vines, 2010;Xiao and Xiao, 2013;Mishra et al, 2020;Kolawole et al, 2019;Aljumah and Ahanger, 2020).…”

Section: Related Workmentioning

confidence: 99%

Enhanced video-on-demand security in cloud computing against insider and outsider threats

Alshayeji¹,

Abed²

2022

IJSN

View full text Add to dashboard Cite

Many video-on-demand (VoD) providers leverage the benefits of cloud computing despite the stemming various security threats. For instance, if the hosted multimedia contents are not encrypted, then the VoD providers must fully trust that the cloud provider will not illegitimately access, distribute, or modify the multimedia contents. Nonetheless, the latest ENISA report showed that approximately 25% of security threats over the last six years have been based on internal misuse. In this paper, we introduce a simple yet effective scheme to protect contents from internal and external threats. Encrypt once -confidentiality, privacy, and integrity (EO-CPI) focuses on protecting data confidentiality, integrity, and users' privacy from untrusted cloud-based VoD systems. We compared EO-CPI with advance encryption standard -Galois counter mode (AES-GCM). Results demonstrated a significant reduction of 79% of the server-side computational overhead when using EO-CPI with a re-encryption degree of one time per five users while preserving the user-side performance.

show abstract

Security Threats and Recent Countermeasures in Cloud Computing

Cited by 17 publications

References 19 publications

Cloud Digital Forensics: Beyond Tools, Techniques, and Challenges

Cloud Digital Forensics: Beyond Tools, Techniques, and Challenges

Extensive Study of Cloud Computing Technologies, Threats and Solutions Prospective

Enhanced video-on-demand security in cloud computing against insider and outsider threats

Contact Info

Product

Resources

About