Towards Reconstructing Multi-Step Cyber Attacks in Modern Cloud Environments with Tripwires

2017 ◽

Vol 7 (3) ◽

pp. 59-75 ◽

Cited By ~ 2

Author(s):

Akashdeep Bhardwaj ◽

Sam Goundar

Keyword(s):

Data Center ◽

Denial Of Service ◽

Cyber Attacks ◽

Cyber Attack ◽

Ddos Attacks ◽

Design Data ◽

Application Performance ◽

Server Virtualization ◽

Security Officers ◽

Cloud Environments

With the rise in cyber-attacks on cloud environments like Brute Force, Malware or Distributed Denial of Service attacks, information security officers and data center administrators have a monumental task on hand. Organizations design data center and service delivery with the aim of catering to maximize device provisioning & availability, improve application performance, ensure better server virtualization and end up securing data centers using security solutions at internet edge protection level. These security solutions prove to be largely inadequate in times of a DDoS cyber-attack. In this paper, traditional data center design is reviewed and compared to the proposed three tier data center. The resilience to withstand against DDoS attacks is measured for Real User Monitoring parameters, compared for the two infrastructure designs and the data is validated using T-Test.

Download Full-text

Comparing Single Tier and Three Tier Infrastructure Designs against DDoS Attacks

Research Anthology on Combating Denial-of-Service Attacks ◽

10.4018/978-1-7998-5348-0.ch028 ◽

2021 ◽

pp. 541-558

Author(s):

Akashdeep Bhardwaj ◽

Sam Goundar

Keyword(s):

Data Center ◽

Denial Of Service ◽

Cyber Attacks ◽

Cyber Attack ◽

Ddos Attacks ◽

Design Data ◽

Application Performance ◽

Server Virtualization ◽

Security Officers ◽

Cloud Environments

With the rise in cyber-attacks on cloud environments like Brute Force, Malware or Distributed Denial of Service attacks, information security officers and data center administrators have a monumental task on hand. Organizations design data center and service delivery with the aim of catering to maximize device provisioning & availability, improve application performance, ensure better server virtualization and end up securing data centers using security solutions at internet edge protection level. These security solutions prove to be largely inadequate in times of a DDoS cyber-attack. In this paper, traditional data center design is reviewed and compared to the proposed three tier data center. The resilience to withstand against DDoS attacks is measured for Real User Monitoring parameters, compared for the two infrastructure designs and the data is validated using T-Test.

Download Full-text

A Review of Cloud-Based Malware Detection System: Opportunities, Advances and Challenges

European Journal of Engineering and Technology Research ◽

10.24018/ejers.2021.6.3.2372 ◽

2021 ◽

Vol 6 (3) ◽

pp. 1-8

Author(s):

Ömer Aslan ◽

Merve Ozkan-Okay ◽

Deepti Gupta

Keyword(s):

Detection System ◽

Hybrid Approach ◽

Malware Detection ◽

Cyber Attacks ◽

Easy Access ◽

Cyber Attack ◽

Daily Lives ◽

Advantages And Disadvantages ◽

Detection Approach ◽

Cloud Environments

Cloud computing has an important role in all aspects of storing information and providing services online. It brings several advantages over traditional storing and sharing schema such as an easy access, on-request storage, scalability and decreasing cost. Using its rapidly developing technologies can bring many advantages to the protection of Internet of Things (IoT), Cyber-Physical Systems (CPS) from a variety of cyber-attacks, where IoT, CPS provides facilities to humans in their daily lives. Since malicious software (malware) is increasing exponentially and there is no well-known approach to detecting malware, the usage of cloud environments to detect malware can be a promising method. A new generation of malware is using advanced obfuscation and packing techniques to escape from detection systems. This situation makes almost impossible to detect complex malware by using a traditional detection approach. The paper presents an extensive review of cloud-based malware detection approach and provides a vision to understand the benefit of cloud for protection of IoT, CPS from cyber-attack. This research explains advantages and disadvantages of cloud environments in detecting malware and also proposes a cloud-based malware detection framework, which uses a hybrid approach to detect malware.

Download Full-text

Mitigating Cyber-Attacks in Cloud Environments

International Journal of Cyber Warfare and Terrorism ◽

10.4018/ijcwt.2021100103 ◽

2021 ◽

Vol 11 (4) ◽

pp. 43-57

Author(s):

Jitendra Singh

Keyword(s):

Cloud Computing ◽

Data Center ◽

Cyber Attacks ◽

Security Threats ◽

Cloud Data Center ◽

Internet Service ◽

Cloud Data ◽

Entry Points ◽

Cloud Environments ◽

Process Level

Involvement of multiple cloud providers enhances the security complexity in cloud computing. Despite engaging best in class human and hardware resources, cyber-attacks in cloud paradigm continue to rise. This work aims to explore the cloud vulnerabilities that arise due to the multiple entry points. Underlying security threats are categorized into resources at providers' end, hardware security, transmission security, process security, and endpoint security. To mitigate the cyber-attacks in cloud, this work proposed a comprehensive multi-point-based framework that leverages the underlying hardware to strengthen the security at the user's end, internet service provider's end, and at the cloud data center. Security is further fortified by including the process level interaction at terminals. Framework is advanced enough to accommodate the vulnerable points of a system and a network. With the implementation of the proposed system, potential attacks can be detected during early state of penetration.

Download Full-text

A Survey of Malware Risk Detection Techniques in Cloud

Turkish Journal of Computer and Mathematics Education (TURCOMAT) ◽

10.17762/turcomat.v12i3.797 ◽

2021 ◽

Vol 12 (3) ◽

pp. 868-876

Author(s):

Ahmad Faiz Ghazali Et.al

Keyword(s):

Decision Making ◽

Information Security ◽

Industrial Applications ◽

Cyber Attacks ◽

Security Model ◽

Detection Techniques ◽

Risk Detection ◽

It Systems ◽

New Information ◽

Cloud Environments

This article aims to contribute in securing information technology (IT) systems and processes for information security by utilizing malware risk detection for decision-making processes to mitigate cyber-attacks. It has potential to be a real threat to the businesses and industrial applications. The risk management is an essential component where it can present a new information security model for supporting decision making. The current ideologies such as the anti-virus, malware and firewalls detection and protection are proving to be ineffective as they were not specifically designed for multi-tenant cloud environments. Therefore, this article presents a survey of malware risk detection techniques in cloud. The survey was conducted on publications from Scopus from the last 5 years. The findings indicate the current malware detection techniques are not enough to effectively detect and protect the cloud environments.

Download Full-text

Hierarchical Multipath Blockchain Based IoT information Management Techniques for Efficient Distributed Processing of Intelligent IoT Information

Sensors ◽

10.3390/s21062049 ◽

2021 ◽

Vol 21 (6) ◽

pp. 2049

Author(s):

Yoon-Su Jeong ◽

Sung-Ho Sim

Keyword(s):

Distributed Processing ◽

Cyber Attacks ◽

Third Party ◽

Integrity Verification ◽

Party Organizations ◽

Area Of Interest ◽

Average Improvement ◽

Cloud Environments ◽

Iot Devices ◽

Distributed Cloud

As cloud technology advances, devices such as IoT (Internet of Things) are being utilized in various areas ranging from transportation, manufacturing, energy, automation, space, defense, and healthcare. As the number of IoT devices increases, the safety of IoT information, which is vulnerable to cyber attacks, is emerging as an important area of interest in distributed cloud environments. However, integrity techniques are not guaranteed to easily identify the integrity threats and attacks on IoT information operating in the distributed cloud associated with IoT systems and CPS (Cyber-Physical System). In this paper, we propose a blockchain-based integrity verification technique in which large amounts of IoT information processed in distributed cloud environments can be guaranteed integrity in security threats related to IoT systems and CPS. The proposed technique aims to ensure the integrity of IoT information by linking information from IoT devices belonging to subgroups in distributed cloud environments to information from specific non-adjacent IoT devices and blockchain. This is because existing techniques rely on third-party organizations that the data owner can trust to verify the integrity of the data. The proposed technique identifies IoT information by connecting the paths of IoT pre- and subsequent blocks into block chains so that synchronization can be achieved between subgroups in distributed cloud environments. Furthermore, the proposed technique uses probabilistic similarity information between IoT information blocks to react flexibly to subgroups that constitute distributed clouds so that IoT information blocks are not exploited maliciously by third parties. As a result of performance evaluation, the proposed technique averaged 12.3% improvement in integrity processing time over existing techniques depending on blockchain size. Furthermore, the proposed technique has to hash the IoT information that constitutes a subgroup with probability-linked information, validating the integrity of large-capacity IoT information, resulting in an average of 8.8% lower overhead than existing techniques. In addition, the proposed technique has an average improvement of 14.3% in blockchain-based integrity verification accuracy over existing techniques, depending on the hash chain length.

Download Full-text

Cyber Forensics on Internet of Things: Slicing and Dicing Raspberry Pi

International Journal of Cyber Forensics and Advanced Threat Investigations ◽

10.46386/ijcfati.v2i1.22 ◽

2021 ◽

Vol 2 (1) ◽

pp. 29-49

Author(s):

Shuyuan Mary Ho ◽

Mike Burmester

Keyword(s):

Law Enforcement ◽

Internet Of Things ◽

Low Cost ◽

Cyber Attacks ◽

Raspberry Pi ◽

The Internet ◽

Forensic Evidence ◽

Cyber Forensics ◽

Cloud Environments ◽

The Internet Of Things

Any device can now connect to the Internet, and Raspberry Pi is one of the more popular applications, enabling single-board computers to make robotics, devices, and appliances part of the Internet of Things (IoT). The low cost and customizability of Raspberry Pi makes it easily adopted and widespread. Unfortunately, the unprotected Raspberry Pi device—when connected to the Internet—also paves the way for cyber-attacks. Our ability to investigate, collect, and validate digital forensic evidence with confidence using Raspberry Pi has become important. This article discusses and presents techniques and methodologies for the investigation of timestamp variations between different Raspberry Pi ext4 filesystems (Raspbian vs. UbuntuMATE), comparing forensic evidence with that of other ext4 filesystems (i.e., Ubuntu), based on interactions within a private cloud, as well as a public cloud. Sixteen observational principles of file operations were documented to assist in our understanding of Raspberry Pi’s behavior in the cloud environments. This study contributes to IoT forensics for law enforcement in cybercrime investigations.

Download Full-text