Revisiting Cloud Security Threats: Repudiation Attack

Analysis of security threats and examining of existing mitigation techniques are considered as the major dimensions that need to be focused by next-generation cloud technology. These securities and privacy-based challenges are affecting most of the quality services and online data storage having huge network infrastructures and applications for information management. However, still the variant advantages are the success key of emerging cloud, but poses new security issues and reliability challenges for the users and their service applications. The main concern is an application-based cloud threats, which are not tracked properly and no user action logs are maintained for the evidences. This specially leads to the forging of identifications and manipulation in system actions. Nowadays the most common action observed by malicious attacker is to execute repudiation, where one of the parties involved in communication, denies that actually they have executed the particular conduct. Repudiation attack leads to the major legal actions on massive financial losses, which are not even legitimately proved due to the lack of evidences. Thus, the paper presents a broad indication of repudiation attack through analysis of prior security issues in a cloud environment. Wide-ranging reviews on the same have been presented. The study has tried to figure out the root cause of repudiation attack in order to come up with more suitable and satisfactory counter measures. The study also focuses on a variety of dimensions for future research study in the domain of repudiation based on the previous published works and industry /organization reports.

Download Full-text

Analysis of Various Security Issues and Challenges in Cloud Computing Environment

Identity Theft ◽

10.4018/978-1-5225-0808-3.ch011 ◽

2016 ◽

pp. 221-247 ◽

Cited By ~ 11

Author(s):

Zhaolong Gou ◽

Shingo Yamaguchi ◽

B. B. Gupta

Keyword(s):

Cloud Computing ◽

Comparative Analysis ◽

Solution Space ◽

Future Research ◽

Security Threats ◽

Computing Environment ◽

Cloud Computing Environment ◽

Security Issues ◽

On Demand ◽

Recent Developments

Cloud computing is a system, where the resources of a data center are shared using virtualization technology, such that it provides elastic, on demand and instant services to its customers and charges them based on the resources they use. In this chapter, we will discuss recent developments in cloud computing, various security issues and challenges associated with Cloud computing environment, various existing solutions provided for dealing with these security threats and will provide a comparative analysis these approaches. This will provide better understanding of the various security problems associated with the cloud, current solution space, and future research scope to deal with such attacks in better way.

Download Full-text

Security Threats and Research Challenges of IoT - A Review

Journal of Engineering Advancements ◽

10.38032/jea.2020.04.008 ◽

2020 ◽

Vol 01 (04) ◽

pp. 170-182

Author(s):

A K M Bahalul Haque ◽

Sonia Tasmin

Keyword(s):

Future Research ◽

Security Threats ◽

Security Attacks ◽

Research Directions ◽

Smart Systems ◽

Security Issues ◽

Heterogeneous Devices ◽

Research Challenges ◽

Future Research Directions

Internet of things (IoT) is the epitome of sustainable development. It has facilitated the development of smart systems, industrialization, and the state-of-the-art quality of life. IoT architecture is one of the essential baselines of understanding the widespread adoption. Security issues are very crucial for any technical infrastructure. Since IoT comprises heterogeneous devices, its security issues are diverse too. Various security attacks can be responsible for compromising confidentiality, integrity, and availability. In this paper, at first, the IoT architecture is described briefly. After that, the components of IoT are explained with perspective to various IoT based applications and services. Finally, various security issues, including recommended solutions, are elaborately described and the potential research challenges and future research directions.

Download Full-text

Analysis of Various Security Issues and Challenges in Cloud Computing Environment

Handbook of Research on Modern Cryptographic Solutions for Computer and Cyber Security - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-0105-3.ch017 ◽

2016 ◽

pp. 393-419 ◽

Cited By ~ 14

Author(s):

Zhaolong Gou ◽

Shingo Yamaguchi ◽

B. B. Gupta

Keyword(s):

Cloud Computing ◽

Comparative Analysis ◽

Solution Space ◽

Future Research ◽

Security Threats ◽

Computing Environment ◽

Cloud Computing Environment ◽

Security Issues ◽

On Demand ◽

Recent Developments

Download Full-text

Android Malware Detection Techniques: A Literature Review

Recent Patents on Engineering ◽

10.2174/1872212114999200710143847 ◽

2020 ◽

Vol 14 ◽

Author(s):

Meghna Dhalaria ◽

Ekta Gandotra

Keyword(s):

Machine Learning ◽

Deep Learning ◽

Malware Detection ◽

Future Research ◽

Android Malware ◽

Detection Techniques ◽

Android Malware Detection ◽

Future Research Directions ◽

To Come ◽

Tools And Techniques

Purpose: This paper provides the basics of Android malware, its evolution and tools and techniques for malware analysis. Its main aim is to present a review of the literature on Android malware detection using machine learning and deep learning and identify the research gaps. It provides the insights obtained through literature and future research directions which could help researchers to come up with robust and accurate techniques for classification of Android malware. Design/Methodology/Approach: This paper provides a review of the basics of Android malware, its evolution timeline and detection techniques. It includes the tools and techniques for analyzing the Android malware statically and dynamically for extracting features and finally classifying these using machine learning and deep learning algorithms. Findings: The number of Android users is expanding very fast due to the popularity of Android devices. As a result, there are more risks to Android users due to the exponential growth of Android malware. On-going research aims to overcome the constraints of earlier approaches for malware detection. As the evolving malware are complex and sophisticated, earlier approaches like signature based and machine learning based are not able to identify these timely and accurately. The findings from the review shows various limitations of earlier techniques i.e. requires more detection time, high false positive and false negative rate, low accuracy in detecting sophisticated malware and less flexible. Originality/value: This paper provides a systematic and comprehensive review on the tools and techniques being employed for analysis, classification and identification of Android malicious applications. It includes the timeline of Android malware evolution, tools and techniques for analyzing these statically and dynamically for the purpose of extracting features and finally using these features for their detection and classification using machine learning and deep learning algorithms. On the basis of the detailed literature review, various research gaps are listed. The paper also provides future research directions and insights which could help researchers to come up with innovative and robust techniques for detecting and classifying the Android malware.

Download Full-text

National Concepts of Security and the Problem Of Integration in Transcaucasia

Iran and the Caucasus ◽

10.1163/157338406780345961 ◽

2006 ◽

Vol 10 (2) ◽

pp. 287-301

Author(s):

Anush Begoyan

Keyword(s):

Regional Integration ◽

Regional Cooperation ◽

Balance Of Power ◽

Regional Security ◽

Security Threats ◽

Regional Powers ◽

Security Issues ◽

State Security ◽

Joint Provision

AbstractThe article examines security issues of the Transcaucasian region with the focus on nonmilitary and trans-border security threats and a regional security community that also includes non-state security actors of the region, such as not-recognised autonomous entities, nations, ethnic groups, minorities, etc.This approach to regional security shifts the focus of policies from balance of power to closer regional integration and cooperation, as well as joint provision of regional security. Despite many objectives and existing obstacles to this scenario of regional development, the author sees it to be the only way toward a stable and long-term security in the region. The article argues that closer regional cooperation and integration would allow to accommodate interests and security concerns of non-state actors of the region and would bring the fate of regional issues back in the hands of the regional powers and create bases for sustainable and lasting peace in the region.

Download Full-text

Literature Mapper: A QGIS Plugin for Georeferencing Citations in Zotero

Air Soil and Water Research ◽

10.1177/11786221211009209 ◽

2021 ◽

Vol 14 ◽

pp. 117862212110092

Author(s):

Michele M Tobias ◽

Alex I Mandel

Keyword(s):

Data Storage ◽

Spatial Data ◽

Future Research ◽

Web Mapping ◽

Web Map ◽

Public Sharing ◽

Academic Publications ◽

Spatial Coordinates ◽

Study Sites ◽

Soil And Water

Many studies in air, soil, and water research involve observations and sampling of a specific location. Knowing where studies have been previously undertaken can be a valuable addition to future research, including understanding the geographical context of previously published literature and selecting future study sites. Here, we introduce Literature Mapper, a Python QGIS plugin that provides a method for creating a spatial bibliography manager as well as a specification for storing spatial data in a bibliography manager. Literature Mapper uses QGIS’ spatial capabilities to allow users to digitize and add location information to a Zotero library, a free and open-source bibliography manager on basemaps or other geographic data of the user’s choice. Literature Mapper enhances the citations in a user’s online Zotero database with geo-locations by storing spatial coordinates as part of traditional citation entries. Literature Mapper receives data from and sends data to the user’s online database via Zotero’s web API. Using Zotero as the backend data storage, Literature Mapper benefits from all of its features including shared citation Collections, public sharing, and an open web API usable by additional applications, such as web mapping libraries. To evaluate Literature Mapper’s ability to provide insights into the spatial distribution of published literature, we provide a case study using the tool to map the study sites described in academic publications related to the biogeomorphology of California’s coastal strand vegetation, a line of research in which air movement, soil, and water are all driving factors. The results of this exercise are presented in static and web map form. The source code for Literature Mapper is available in the corresponding author’s GitHub repository: https://github.com/MicheleTobias/LiteratureMapper

Download Full-text

Multicast-specific security threats and counter-measures

Proceedings of the Symposium on Network and Distributed System Security ◽

10.1109/ndss.1995.390649 ◽

2002 ◽

Cited By ~ 42

Author(s):

T. Ballardie ◽

J. Crowcroft

Keyword(s):

Security Threats ◽

Counter Measures

Download Full-text

Centralized, Distributed, and Everything in between

ACM Computing Surveys ◽

10.1145/3465170 ◽

2022 ◽

Vol 54 (7) ◽

pp. 1-34

Author(s):

Sophie Dramé-Maigné ◽

Maryline Laurent ◽

Laurent Castillo ◽

Hervé Ganem

Keyword(s):

Access Control ◽

Future Research ◽

The Internet ◽

Research Directions ◽

Security Issues ◽

Security Properties ◽

Future Research Directions ◽

Iot Devices ◽

The Internet Of Things ◽

Security Of Iot

The Internet of Things is taking hold in our everyday life. Regrettably, the security of IoT devices is often being overlooked. Among the vast array of security issues plaguing the emerging IoT, we decide to focus on access control, as privacy, trust, and other security properties cannot be achieved without controlled access. This article classifies IoT access control solutions from the literature according to their architecture (e.g., centralized, hierarchical, federated, distributed) and examines the suitability of each one for access control purposes. Our analysis concludes that important properties such as auditability and revocation are missing from many proposals while hierarchical and federated architectures are neglected by the community. Finally, we provide an architecture-based taxonomy and future research directions: a focus on hybrid architectures, usability, flexibility, privacy, and revocation schemes in serverless authorization.

Download Full-text

A Composite Framework for Behavioral Compliance with Information Security Policies

Journal of Organizational and End User Computing ◽

10.4018/joeuc.2013070103 ◽

2013 ◽

Vol 25 (3) ◽

pp. 32-51 ◽

Cited By ~ 9

Author(s):

Salvatore Aurigemma

Keyword(s):

Information Security ◽

Theory Of Planned Behavior ◽

Theoretical Framework ◽

Composite Model ◽

Security Policies ◽

Future Research ◽

Security Threats ◽

Behavioral Compliance ◽

Weakest Link ◽

Organizational Information

To combat potential security threats, organizations rely upon information security policies to guide employee actions. Unfortunately, employee violations of such policies are common and costly enough that users are often considered the weakest link in information security. This paper presents a composite theoretical framework for understanding employee behavioral compliance with organizational information security policies. Building off of the theory of planned behavior, a composite model is presented that incorporates the strengths of previous studies while minimizing theoretical gaps present in other behavioral compliance models. In building the framework, related operational constructs are examined and normalized to allow better comparison of past studies and help focus future research efforts.

Download Full-text

Multilevel classification of security threats in cloud computing

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i1.5.9157 ◽

2017 ◽

Vol 7 (1.5) ◽

pp. 253

Author(s):

N. Srinivasu ◽

O. Sree Priyanka ◽

M. Prudhvi ◽

G. Meghana

Keyword(s):

Cloud Computing ◽

Web Application ◽

Service Level Agreement ◽

Service Level ◽

Security Threats ◽

Security Threat ◽

Security Issues ◽

Network Applications ◽

Storage Network ◽

Multilevel Classification

Cloud Security was provided for the services such as storage, network, applications and software through internet. The Security was given at each layer (Saas, Paas, and Iaas), in each layer, there are some security threats which became the major problem in cloud computing. In Saas, the security issues are mainly present in Web Application services and this issue can be overcome by web application scanners and service level agreement(SLA). In Paas, the major problem is Data Transmission. During transmission of data, some data may be lost or modified. The PaaS environment accomplishes proficiency to some extent through duplication of information. The duplication of information makes high accessibility of information for engineers and clients. However, data is never fully deleted instead the pointers to the data are deleted. In order to overcome this problem the techniques that used are encryption[12], data backup. In Iaas the security threat that occurs in is virtualization and the techniques that are used to overcome the threats are Dynamic Security Provisioning(DSC), operational security procedure, for which Cloud Software is available in the market, for e.g. Eucalyptus, Nimbus 6.

Download Full-text