Abstract:
The Cloud Security Alliance identified the "notorious nine" threats for cloud computing. The range of these threats across the cloud indicates that centralized prevention...Show MoreMetadata
Abstract:
The Cloud Security Alliance identified the "notorious nine" threats for cloud computing. The range of these threats across the cloud indicates that centralized prevention and detection would be highly inefficient, potentially reporting incidents to tenants well after they occur and are difficult to mitigate. This paper presents an auditing framework for the service cloud that distributes logging, monitoring, and reporting at the local service level, at the application or session level that can involve multiple tenant services, and at the cloud level where corroboration and verification of threats takes place. To verify the forensic coverage of the framework, a set of CAPEC attack patterns are investigated to match attack evidence gathering and mitigation techniques with the proposed distributed detection and mitigation levels of the framework.
Published in: 2014 IEEE World Congress on Services
Date of Conference: 27 June 2014 - 02 July 2014
Date Added to IEEE Xplore: 22 September 2014
ISBN Information:
Print ISSN: 2378-3818
References is not available for this document.
Contents Select All
1.
Kent, K., Chevalier, S., Grance, T. and Dang, H., “NIST Guide to Integrating Forensic Techniques into Incident Response,” 2006.
2.
Ruan, K., Carthy, J., Kechadi, T. and Baggili, I., “Cloud forensics definitions and critical criteria for cloud forensic capability: An overview of survey results ”. Digital Investigation, 10 ( 1 ): p. 34–43, 2013.
3.
Daryabar, F., Dehghantanha, A., Udzir, N., Sani, N., Shamsuddin, S. and Norouzizadeh, F., “A Survey About Impacts of Cloud Computing on Digital Forensics.” The Society of Digital Information and Wireless Communications, 2 ( 2 ): p. 77–94, 2013.
4.
Thorpe, S., Grandison, T., Campbell, A., Williams, J., Burrell, K. and Ray, I., “Towards a Forensic-based Service Oriented Architecture Framework for Auditing of Cloud Logs,” in Services Workshop on Security and Privacy Engineering, 2013.
5.
Kleber, V., Schulter, A., Westphall, C. B. and Westphall, C. M., “Intrusion Detection for Grid and Cloud Computing ”, p. 38–43, 2010.
6.
Doelitzscher, F., Reich, C., Knahl, M. and Clarke, N., “An Autonomous Agent Based Incident Detection System for Cloud Environments,” in, IEEE 3rd Int'l Conference on Cloud Computing Technology and Science, 2011.
7.
Marty, R., “Cloud application logging for forensics,” in Proceedings of the ACM Symposium on Applied Computing, p. 178–184, 2011.
8.
Winkler, V., Securing the Cloud: Cloud Computer Security Techniques and Tactics, Boston: Elsevier, 2011.
9.
She, W., Yen, I., Thuraisingham, B. and Huang, S., “Rule-Based Run-Time Information Flow Control in Service Cloud,” in IEEE International Conference on Web Services. 2011.
10.
Hu, R., Doua, W., Frank Liu, X. and Liu, J., “WSRank: A Method for Web Service Ranking in Cloud Environment,” in Ninth IEEE International Conference on Dependable, Autonomic and Secure Computing, 2011.
11.
Marshall, P., Keahey, K., and Freeman, T., “Improving Utilization of Infrastructure Clouds,” in 11th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, 2011.
12.
Alqahtani, S., Gamble, R. and Ray, I. “Auditing Requirements for Implementing the Chinese Wall Model,” in the Service Cloud in IEEE Cloud Security Auditing Workshop the 9th World Congress on Services, 2013.
13.
Xie, R. and Gamble, R., “A Tiered Strategy for Auditing in the Cloud ”, IEEE International Conference on Cloud Computing, 2012.
14.
Common Attack Pattern Enumeration and Classification. 2014 ; Available from: https://capec.mitre.org/.
15.
Gul, I., Rehman, A., and Islam, M. H., “Cloud computing security auditing ”, in The 2nd International Conference on Next Generation Information Technology, 2011.
16.
Xie, X., Ray, I., Adaikkalavan, R., Gamble, R., “Information flow control for stream processing in clouds,” in Proceedings of the 18th ACM symposium on Access control models and technologies, p. 89–100, 2013.
17.
Kholidy, H. A. and Baiardi, F., “CIDS: A Framework for Intrusion Detection in Cloud Systems,” in Ninth International Conference on Information Technology: New Generations, 2012.
18.
Andrekanic, A. and Gamble, R., “Architecting Web Service Attack Detection Handlers.” in IEEE 19th International Conference on Web Services. 2012.
19.
Benninger, C., Neville, S. W., Yazir, Y. O., Matthews, C. and Coady, Y., “Maitland: Lighter-Weight VM Introspection to Support Cyber-security in the Cloud,” in IEEE 5th International Conference on Cloud Computing, 2012.
20.
Laniepce, S., Lacoste, M., Kassi-Lahlou, M., Bignon, F., Lazri, K. and Wailly, A., “Engineering Intrusion Prevention Services for IaaS Clouds: The Way of the Hypervisor,” in IEEE 7th International Symposium on Service Oriented System Engineering, 2013.
21.
Wu, X., Gao, Y., Tian, X., Song, Y., Guo, B., Feng, B., and Sun, Y., “SecMon: A Secure Introspection Framework for Hardware Virtualization,” in 21st Euromicro International Conference on Parallel, Distributed and Network-Based Processing, 2013.
22.
NIST. NIST SP800–53 2009 ; Available from: http://csrc.nist.gov/publications/nistpubs/800-53-Rev3/sp800-53-rev3-finalupdated-errata05–01-2010.pdf.
23.
Common criteria (Part 2) for information technology security evaluation version 3.1. 2009. http://www.commoncriteriaportal.org/cc/ ).
24.
DoD, Instruction DODI 8500.2, IA Implementation. 2003.
