Case Study of Cloud Computing Security and Emerging Security Research Challenges

Authors

  • Shvetkumar Patel  Concordia Institute for Information System Engineering, Concordia University, Montreal, Quebec, Canada
  • Apeksha Pavasiya  Concordia Institute for Information System Engineering, Concordia University, Montreal, Quebec, Canada
  • S. Gomathi  Teaching Consultant UK International Qualifications, Ltd., Coimbatore, India

DOI:

https://doi.org//10.32628/CSEIT1833773

Keywords:

Cloud computing and architecture, security challenges, real world cases, attacks, emerging challenges

Abstract

In this technological era, cloud computing is bombarded with immense benefits that includes availability, flexibility, ubiquitary access, and cost effectiveness. Cloud Computing offers its services to different kinds of users with the help of the World Wide Web on the virtual platform regardless of devices. Hence, all the resources kept on the same-shared storage device, which will lead to a considerable rise in various cloud security concerns for both; user and their private information. Data privacy can be compromised with a broad usage of cloud as smaller companies to bigger ones are adapting this versatile system. This paper examines several recent security attacks and proposed solutions of secure cloud computing from the perspective of organizations. Threat action varieties, other attacks with date, information exposed and number of record breach is presented with IT attack at risk. Finally, we have presented research challenges that can be worth noticing.

References

  1. A. Subashini S. and Veeraruna K. "A survey on security issues in service delivery models of cloud computing." Journal of network and computer applications 34.1 (2011): 1-11.
  2. Nair, Nikhitha K., K. S. Navin, and Soya Chandra. "Digital Signature and Advanced Encryption Standard for Enhancing Data Security and Authentication in Cloud Computing." (2015).
  3. Peter Mell, Timothy Grance, ―The NIST Definition of Cloud Computing‖, Jan, 2011. http://docs.ismgcorp.com/files/external/DraftSP-800-145_cloud-definition.pdf
  4. V. Jain, V. Sharma. Surveying and analyzing security challenges and privacy in cloud computing. International Journal of Computer Science and Information Technology & Security, vol. 3(5), 2013, pp. 316-321.
  5. B. R. Kandukuri, R. Paturi V, A. Rakshit, ―Cloud Security Issues‖, In Proceedings of IEEE International Conference on Services Computing, pp. 517-520, 2009.
  6. M. Klems, A. Lenk, J. Nimis, T. Sandholm and S. Tai. ―What’s Inside the Cloud? An Architectural Map of the Cloud Landscape.‖IEEEXplore, pp 23-31, Jun. 2009.
  7. R. Maggiani, Communication Consultant, Solari Communication, ―Cloud Computing is Changing How we Communicate‖, 2009 IEEE International Professional Conference, IPCC, pp. 1-4, Waikiki, HI, USA, July 19- 22, 2009. ISBN: 978-1-4244-4357-4.
  8. Cloud Security Alliance, “Top threats to cloud computing”, Assets Extrahop , August 2019. Available: https://assets.extrahop.com/pdfs/analyst-reports/CSA-Cloud-Computing-Top-Threats.pdf
  9. U Verma “instagram data breach” Available: https://www.businesstoday.in/technology/news/instagram-data-breach-mumbai-based-chtrbox-leaks-private-data-of-social-media-influencers/story/348915.html
  10.  J. Lirk “Database May Have Exposed Instagram Data for 49 Million” Available: https://www.bankinfosecurity.com/database-may-have-exposed-instagram-personal-data-a-12503
  11.  C. Pedigo “The Biggest Cloud Breaches of 2019 and How to Avoid them for 2020” Available: https://www.lacework.com/top-cloud-breaches-2019/
  12.  York, D. (2010). Control Channel Attacks. Seven Deadliest Unified Communications Attacks, 71–92. doi:10.1016/b978-1-59749-547-9.00004-1
  13.  G. Graff “How a Dorm Room Minecraft Scam Brought Down the Internet” Available: https://www.wired.com/story/mirai-botnet-minecraft-scam-brought-down-the-internet/
  14.  M. Sri Lakshmi, Dr. S. Kumar - A Review on Wireless Network Attacks et al, / (IJCSIT) International Journal of Computer Science and Information Technologies, Vol. 5 (2) , 2014, 2540-2542.
  15. Soni M., Rajput B.S., Patel T., Parmar N. (2021) Lightweight Vehicle-to-Infrastructure Message Verification Method for VANET. In: Kotecha K., Piuri V., Shah H., Patel R. (eds) Data Science and Intelligent Applications. Lecture Notes on Data Engineering and Communications Technologies, vol 52. Springer, Singapore. https://doi.org/10.1007/978-981-15-4474-3_50
  16. M. Soni, A. Jain and T. Patel, "Human Movement Identification Using Wi-Fi Signals," 2018 3rd International Conference on Inventive Computation Technologies (ICICT), Coimbatore, India, 2018, pp. 422-427, doi: 10.1109/ICICT43934.2018.9034451.
  17.  T. Brewster “This Guy Hacked Hundreds Of Planes From The Ground” Available: https://www.forbes.com/sites/thomasbrewster/2018/08/09/this-guy-hacked-hundreds-of-planes-from-the-ground/#38b0e08b46f2
  18.  Suroto – “WLAN Security: Threats and Countermeasures” International Journal On Informatics Visualization, vol 2 (2018) no 4
  19. S. Gajek, M. Jensen, L. Lioa and J. Schneck, “Analysis of signature wrapping attacks and countermeasures”, IEEE International Conferenceon Web Services, 2009.
  20.  C. Pedigo “The Biggest Cloud Breaches of 2019 and How to Avoid them for 2020” Available: https://www.lacework.com/top-cloud-breaches-2019/
  21.  N.Hazut “Capital One Breach: How It Could Have Been Prevented” Available: https://www.securitymagazine.com/articles/90832-capital-one-breach-how-it-could-have-been-prevented Aug,2019
  22.  H.Poston “Lessons learned: The Capital One breach” Available: https://resources.infosecinstitute.com/lessons-learned-the-capital-one-breach/#gref. Oct, 2019.
  23. R. Rao, Vaudha, S. Bhat-International Journal of Innovative Research in Computer and Communication Engineering. Vol. 6, Issue 4, April 2018
  24.  D.Fisher “Attackers Using Amazon Cloud to Host Malware” Available: https://threatpost.com/attackers-using-amazon-cloud-host-malware-060611/75306/ . Jun, 2011.
  25. V. Zakorzhevsky “Monthly Malware Statistics” Available: https://securelist.com/monthly-malware-statistics-june-2011/36360/. June,2011.
  26.  D. Bestuzhev “Financial data stealing Malware now on Amazon Web Services Cloud”. Available: https://securelist.com/financial-data-stealing-malware-now-on-amazon-web-services-cloud/30647/. Jun,2011.
  27.  I. Kotenko, M. Stepashkin, and E. Doynikova, “Security analysis of information systems taking into account social engineering attacks”, IEEE 19th International Eurimicro Conference on Parallel, Distributed, and Network-Based Processing, 2011.
  28. Soni M., Patel T., Jain A. (2020) Security Analysis on Remote User Authentication Methods. In: Pandian A., Senjyu T., Islam S., Wang H. (eds) Proceeding of the International Conference on Computer Networks, Big Data and IoT (ICCBI - 2018). ICCBI 2018. Lecture Notes on Data Engineering and Communications Technologies, vol 31. Springer, Cham. https://doi.org/10.1007/978-3-030-24643-3_60.
  29.  https://www.wired.com/2012/08/apple-amazon-mat-honan-hacking/ Jun,12.
  30. N.Lord, “Social Engineering Attacks: Common Techniques & How to Prevent an Attack”.Available: https://digitalguardian.com/blog/social-engineering-attacks-common-techniques-how-prevent-attack .Jul,2019.
  31. Rabi Prasad Padhy, ManasRajanPatra and Suresh Chandra Satapathy, ―Cloud Computing: Security Issues & Research Challenges‖, IJCSITS, Vol. 1-No.2, December 2011, pp. 136-146.
  32.  W.K. Chan, Lijun Mei, and Zhenyu Zhang, "Modeling and testing of cloud applications", to appear in Proceedings of2009 IEEE Asia-Pacific Services Computing Conference (APSCC 2009), (Singapore, December 7-11, 2009), IEEE Computer Society Press, Los Alamitos, CA, USA, 2009.
  33.  D. Sheppard. ” Cloud interoperability and portability – necessary or nice to have?”Available: https://insightaas.com/cloud-interoperability-and-portability-necessary-or-nice-to-have/. Nov,2017.
  34.  O. Diez, A. Silva- Reliability issues related to the usage of Cloud Computing in Critical Infrastructures. Available: https://core.ac.uk/download/pdf/148661056.pdf
  35.  M. Bollinadi V.Damera- Cloud Computing: Security Issues and Research Challenges. Journal of Network Communications and Emerging Technologies (JNCET) www.jncet.org Volume 7, Issue 11, November (2017).
  36. M. Soni and T. Patel, "Systematic investigation on LargeScale simulations in big data systems," 2018 2nd International Conference on Inventive Systems and Control (ICISC), Coimbatore, 2018, pp. 684-688, doi: 10.1109/ICISC.2018.8398885.
  37. M. Soni and A. Jain, "Secure Communication and Implementation Technique for Sybil Attack in Vehicular Ad-Hoc Networks," 2018 Second International Conference on Computing Methodologies and Communication (ICCMC), Erode, 2018, pp. 539-543, doi: 10.1109/ICCMC.2018.8487887.

IInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology

Downloads

Published

2020-09-20

Issue

Volume 6, Issue 5, September-October-2020

Section

Research Articles

License

Copyright (c) IJSRCSEIT

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Shvetkumar Patel, Apeksha Pavasiya, S. Gomathi, " Case Study of Cloud Computing Security and Emerging Security Research Challenges, IInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology(IJSRCSEIT), ISSN : 2456-3307, Volume 6, Issue 5, pp.83-93, September-October-2020. Available at doi : https://doi.org/10.32628/CSEIT1833773