Securing Cloud Computing Services with an Intelligent Preventive Approach
Received: 15 March 2024 | Revised: 25 March 2024 | Accepted: 26 March 2024 | Online: 30 March 2024
Corresponding author: Saleh M. Altowaijri
Abstract
Cloud computing is a technological marvel that transcends conventional boundaries by utilizing an Internet-based network of remote servers to store, manage, and process data and many other services. It represents a contemporary paradigm for delivering information technology services. Today, cloud computing services have become indispensable for both individuals and corporations. However, adopting cloud services presents fresh challenges in terms of service quality, resource optimization, data integration, cost governance, and operational security. The security of cloud services is of supreme importance, given the open and distributed nature of the environment, making it susceptible to various cyberattacks, such as Denial of Service (DoS) or Distributed DoS (DDoS) attacks, among others. Cyberattacks can have severe repercussions on the availability of cloud services, potentially causing complete DoS. In numerous instances, the detection of attacks is delayed, pushing cloud platforms to a breaking point. Emphasizing the importance of proactive measures, it becomes crucial to identify and alert about any suspicious access long before the latter reaches a critical stage, mitigating the risks and preventing potential service disruptions. This study introduces a preventive approach that utilizes artificial intelligence techniques to improve the security of cloud services. The proposed method aims to detect and flag potential attack behaviors well in advance before they affect service quality. To achieve this, the particular method involves periodic identification and measurement of critical information on service access and resource utilization. This can be accomplished by analyzing cloud server logs or integrating dedicated sniffing software to capture and store technical traffic details. Subsequently, the collected data are processed by analyzing traffic properties to proactively identify and report any indications of cyberattacks.
Keywords:
cloud computing, cyber security, preventive approach, prediction techniques, artificial intelligenceDownloads
References
S. Jones, Z. Irani, U. Sivarajah, and P. E. D. Love, "Risks and rewards of cloud computing in the UK public sector: A reflection on three Organisational case studies," Information Systems Frontiers, vol. 21, no. 2, pp. 359–382, Apr. 2019. DOI: https://doi.org/10.1007/s10796-017-9756-0
A. R. Khan and L. K. Alnwihel, "A Brief Review on Cloud Computing Authentication Frameworks," Engineering, Technology & Applied Science Research, vol. 13, no. 1, pp. 9997–10004, Feb. 2023. DOI: https://doi.org/10.48084/etasr.5479
S. Maroc and J. Zhang, "Comparative Analysis of Cloud Security Classifications, Taxonomies, and Ontologies," in Proceedings of the 2019 International Conference on Artificial Intelligence and Computer Science, Wuhan, China, Apr. 2019, pp. 666–672. DOI: https://doi.org/10.1145/3349341.3349487
D. Moore, C. Shannon, D. J. Brown, G. M. Voelker, and S. Savage, "Inferring Internet denial-of-service activity," ACM Transactions on Computer Systems, vol. 24, no. 2, pp. 115–139, Feb. 2006. DOI: https://doi.org/10.1145/1132026.1132027
M. H. H. Khairi, S. H. S. Ariffin, N. M. A. Latiff, A. S. Abdullah, and M. K. Hassan, "A Review of Anomaly Detection Techniques and Distributed Denial of Service (DDoS) on Software Defined Network (SDN)," Engineering, Technology & Applied Science Research, vol. 8, no. 2, pp. 2724–2730, Apr. 2018. DOI: https://doi.org/10.48084/etasr.1840
B. S. K. Devi and T. Subbulakshmi, "Cloud-based DDoS attack detection and defence system using statistical approach," International Journal of Information and Computer Security, vol. 11, no. 4–5, pp. 447–475, Jan. 2019.
M. Ehsan Ur Rahman and H. D. Sri Saaketh Ram, "AI as a Challenging Problem : Solvable without Data but Morally Intelligence-driven Insights," International Journal of Scientific Research in Science and Technology, vol. 6, no. 4, pp. 153–159, Aug. 2019. DOI: https://doi.org/10.32628/IJSRST196429
S. Sharma and S. Khan, "Analysis of Cloud Security, Performance, Scalability and Availability (SPSA)," International Journal of Scientific Research in Network Security and Communication, vol. 7, no. 1, pp. 13–15, 2019.
D. Dave, N. Meruliya, T. D. Gajjar, G. T. Ghoda, D. H. Parekh, and R. Sridaran, "Cloud Security Issues and Challenges," in Big Data Analytics, Singapore, 2018, pp. 499–514. DOI: https://doi.org/10.1007/978-981-10-6620-7_48
P. Verma, A. Gupta, and R. S. Sambyal, "Security Issues and Challenges in Cloud Computing: A Review," International Journal of Scientific Research in Computer Science, Engineering and Information Technology, vol. 4, no. 1, pp. 189–196, 2018.
N. Subramanian and A. Jeyaraj, "Recent security challenges in cloud computing," Computers & Electrical Engineering, vol. 71, pp. 28–42, Oct. 2018. DOI: https://doi.org/10.1016/j.compeleceng.2018.06.006
V. Sharma, V. Verma, and A. Sharma, "Detection of DDoS Attacks Using Machine Learning in Cloud Computing," in Advanced Informatics for Computing Research, Shimla, India, 2019, pp. 260–273. DOI: https://doi.org/10.1007/978-981-15-0111-1_24
B. S. K. Devi and T. Subbulakshmi, "Cloud-based DDoS attack detection and defence system using statistical approach," International Journal of Information and Computer Security, vol. 11, no. 4–5, pp. 447–475, Jan. 2019. DOI: https://doi.org/10.1504/IJICS.2019.101935
C. Li and J. L. Gaudiot, "Detecting Malicious Attacks Exploiting Hardware Vulnerabilities Using Performance Counters," in 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC), Milwaukee, WI, USA, Jul. 2019, vol. 1, pp. 588–597. DOI: https://doi.org/10.1109/COMPSAC.2019.00090
K. Popović and Ž. Hocenski, "Cloud computing security issues and challenges," in The 33rd International Convention MIPRO, May 2010, pp. 344–349.
Md. M. Ahmed and A. El-Hajjar, "A Proactive Approach to Protect Cloud Computing Environment Against a Distributed Denial of Service (DDoS) Attack," in AI, Blockchain and Self-Sovereign Identity in Higher Education, H. Jahankhani, A. Jamal, G. Brown, E. Sainidis, R. Fong, and U. J. Butt, Eds. Springer Nature Switzerland, 2023, pp. 243–278. DOI: https://doi.org/10.1007/978-3-031-33627-0_10
S. Rangaraju, "Ai sentry: Reinventing cybersecurity through intelligent threat detection," EPH - International Journal of Science And Engineering, vol. 9, no. 3, pp. 30–35, Dec. 2023. DOI: https://doi.org/10.53555/ephijse.v9i3.211
S. Kuraku, D. Kalla, F. Samaah, and N. Smith, "Cultivating Proactive Cybersecurity Culture among IT Professional to Combat Evolving Threats," International Journal of Electrical, Electronics and Computers, vol. 8, no. 6, Nov. 2023. DOI: https://doi.org/10.22161/eec.86.1
N. Gupta, R. Agarwal, S. S. Dari, S. Malik, R. Bhatt, and D. Dhabliya, "DDoS and Cyber Attacks Detection and Mitigation in SDN: A Comprehensive Research of Moving Target Defense Systems," in 2023 International Conference on Data Science and Network Security (ICDSNS), Tiptur, India, Jul. 2023, pp. 1–8. DOI: https://doi.org/10.1109/ICDSNS58469.2023.10245455
R. Kaur, D. Gabrijelčič, and T. Klobučar, "Artificial intelligence for cybersecurity: Literature review and future research directions," Information Fusion, vol. 97, Sep. 2023, Art. no. 101804. DOI: https://doi.org/10.1016/j.inffus.2023.101804
A. J. G. de Azambuja, C. Plesker, K. Schützer, R. Anderl, B. Schleich, and V. R. Almeida, "Artificial Intelligence-Based Cyber Security in the Context of Industry 4.0—A Survey," Electronics, vol. 12, no. 8, Jan. 2023, Art. no. 1920. DOI: https://doi.org/10.3390/electronics12081920
E. Yilmaz and O. Can, "Unveiling Shadows: Harnessing Artificial Intelligence for Insider Threat Detection," Engineering, Technology & Applied Science Research, vol. 14, no. 2, pp. 13341–13346, Apr. 2024. DOI: https://doi.org/10.48084/etasr.6911
R. Talwar and A. Koury, "Artificial intelligence – the next frontier in IT security?," Network Security, vol. 2017, no. 4, pp. 14–17, Apr. 2017. DOI: https://doi.org/10.1016/S1353-4858(17)30039-9
S. Ray, "A Quick Review of Machine Learning Algorithms," in 2019 International Conference on Machine Learning, Big Data, Cloud and Parallel Computing (COMITCon), Faridabad, India, Feb. 2019, pp. 35–39. DOI: https://doi.org/10.1109/COMITCon.2019.8862451
I. H. Sarker, "Machine Learning: Algorithms, Real-World Applications and Research Directions," SN Computer Science, vol. 2, no. 3, Mar. 2021, Art. no. 160. DOI: https://doi.org/10.1007/s42979-021-00592-x
M. Alloghani, D. Al-Jumeily, J. Mustafina, A. Hussain, and A. J. Aljaaf, "A Systematic Review on Supervised and Unsupervised Machine Learning Algorithms for Data Science," in Supervised and Unsupervised Learning for Data Science, M. W. Berry, A. Mohamed, and B. W. Yap, Eds. Cham: Springer International Publishing, 2020, pp. 3–21. DOI: https://doi.org/10.1007/978-3-030-22475-2_1
D. W. H. Jr, S. Lemeshow, and R. X. Sturdivant, Applied Logistic Regression. John Wiley & Sons, 2013. DOI: https://doi.org/10.1002/9781118445112.stat06902
T. B. Trafalis and R. C. Gilbert, "Robust classification and regression using support vector machines," European Journal of Operational Research, vol. 173, no. 3, pp. 893–909, Sep. 2006. DOI: https://doi.org/10.1016/j.ejor.2005.07.024
S. Ge, L. Hou U, N. Mamoulis, and D. W. Cheung, "Efficient All Top-k Computation - A Unified Solution for All Top-k, Reverse Top-k and Top-m Influential Queries," IEEE Transactions on Knowledge and Data Engineering, vol. 25, no. 5, pp. 1015–1027, Feb. 2013. DOI: https://doi.org/10.1109/TKDE.2012.34
"DDoS evaluation dataset (CIC-DDoS2019)." Canadian Institute for Cybersecurity, [Online]. Available: https://www.unb.ca/cic/datasets/ddos-2019.html.
Downloads
How to Cite
License
Copyright (c) 2024 Saleh M. Altowaijri, Yamen El Touati
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.