Cloudstrike: Chaos Engineering for Security and Resiliency in Cloud Infrastructure

10.36227/techrxiv.12456299.v1 ◽

2020 ◽

Author(s):

Kennedy Torkura

Keyword(s):

Knowledge Base ◽

Fault Injection ◽

Software Tool ◽

Cloud Security ◽

Cyber Attacks ◽

Cloud Infrastructure ◽

Security Issues ◽

Security Controls ◽

Security Models ◽

Consumption Rates

<div>Most cyber-attacks and data breaches in cloud</div><div>infrastructure are due to human errors and misconfiguration</div><div>vulnerabilities. Cloud customer-centric tools are lacking, and existing</div><div>security models do not efficiently tackle these security challenges.</div><div>Novel security mechanisms are imperative, therefore, we</div><div>propose Risk-driven Fault Injection (RDFI) techniques to tackle</div><div>these challenges. RDFI applies the principles of chaos engineering</div><div>to cloud security and leverages feedback loops to execute, monitor,</div><div>analyze and plan security fault injection campaigns, based on</div><div>a knowledge-base. The knowledge-base consists of fault models</div><div>designed from cloud security best practices and observations</div><div>derived during iterative fault injection campaigns. Furthermore,</div><div>the observations indicate security weaknesses and verify the</div><div>correctness of security attributes (integrity, confidentiality and</div><div>availability) and security controls. Ultimately this knowledge is</div><div>critical in guiding security hardening efforts and risk analysis.</div><div>We have designed and implemented the RDFI strategies including</div><div>various chaos algorithms as a software tool: CloudStrike. Furthermore,</div><div>CloudStrike has been evaluated against infrastructure</div><div>deployed on two major public cloud systems: Amazon Web Service</div><div>and Google Cloud Platform. The time performance linearly</div><div>increases, proportional to increasing attack rates. Similarly, CPU</div><div>and memory consumption rates are acceptable. Also, the analysis</div><div>of vulnerabilities detected via security fault injection has been</div><div>used to harden the security of cloud resources to demonstrate the</div><div>value of CloudStrike. Therefore, we opine that our approaches</div><div>are suitable for overcoming contemporary cloud security issues</div>

Download Full-text

Continuous Auditing & Threat Detection in Multi-Cloud Infrastructure

10.36227/techrxiv.13108313.v1 ◽

2020 ◽

Author(s):

Kennedy Torkura ◽

Muhammad I.H. Sukmana ◽

Feng Cheng ◽

Christoph Meinel

Keyword(s):

Scoring System ◽

Fault Injection ◽

Threat Detection ◽

Cloud Infrastructure ◽

Continuous Auditing ◽

Security Metrics ◽

Transition Analysis ◽

Security Issues ◽

Severity Scores ◽

Amazon Web Services

<div>Efficient change control and configuration management is imperative for addressing the emerging</div><div>security threats in cloud infrastructure. These threats majorly exploit misconfiguration vulnerabilities</div><div>e.g. excessive permissions, disabled logging features and publicly accessible cloud storage buckets.</div><div>Traditional security tools and mechanisms are unable to effectively and continuously track changes in</div><div>cloud infrastructure owing to transience and unpredictability of cloud events. Therefore, novel tools</div><div>that are proactive, agile and continuous are imperative. This paper proposes CSBAuditor, a novel cloud</div><div>security system that continuously monitors cloud infrastructure, to detect malicious activities and</div><div>unauthorized changes. CSBAuditor leverages two concepts: state transition analysis and reconciler</div><div>pattern to overcome the aforementioned security issues. Furthermore, security metrics are used to</div><div>compute severity scores for detected vulnerabilities using a novel scoring system: Cloud Security</div><div>Scoring System. CSBAuditor has been evaluated using various strategies including security chaos</div><div>engineering fault injection strategies on Amazon Web Services (AWS) and Google Cloud Platform</div><div>(GCP). CSBAuditor effectively detects misconfigurations in real-time with a detection rate of over</div><div>98%. Also, the performance overhead is within acceptable limits.</div>

Download Full-text

Security challenges and solutions using healthcare cloud computing

Journal of Medicine and Life ◽

10.25122/jml-2021-0100 ◽

2021 ◽

Vol 14 (4) ◽

pp. 448-461

Author(s):

Mohammad Mehrtak ◽

◽

SeyedAhmad SeyedAlinaghi ◽

Mehrzad MohsseniPour ◽

Tayebeh Noori ◽

...

Keyword(s):

Cloud Computing ◽

Secure Communication ◽

Cloud Security ◽

Data Encryption ◽

Cloud Infrastructure ◽

Security Issues ◽

Security Challenges ◽

Application Programming ◽

Programming Interfaces

Cloud computing is among the most beneficial solutions to digital problems. Security is one of the focal issues in cloud computing technology, and this study aims at investigating security issues of cloud computing and their probable solutions. A systematic review was performed using Scopus, Pubmed, Science Direct, and Web of Science databases. Once the title and abstract were evaluated, the quality of studies was assessed in order to choose the most relevant according to exclusion and inclusion criteria. Then, the full texts of studies selected were read thoroughly to extract the necessary results. According to the review, data security, availability, and integrity, as well as information confidentiality and network security, were the major challenges in cloud security. Further, data encryption, authentication, and classification, besides application programming interfaces (API), were security solutions to cloud infrastructure. Data encryption could be applied to store and retrieve data from the cloud in order to provide secure communication. Besides, several central challenges, which make the cloud security engineering process problematic, have been considered in this study.

Download Full-text

Cloud security using self-acting spontaneous honeypots

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.8.10418 ◽

2018 ◽

Vol 7 (2.8) ◽

pp. 243

Author(s):

Nooreen Fatima Khan ◽

M Mohan

Keyword(s):

Cloud Security ◽

Cyber Attacks ◽

Cloud Environment ◽

Security Community ◽

Cloud Systems ◽

Security Issues ◽

High Interaction ◽

Attack Patterns ◽

Infrastructure Services ◽

Day By Day

Cloud Computing is growing in terms users, infrastructure, services, also security issues like: Cyber attacks are increasing day by day security community need some better mechanism to learn about attacks and which can provide an improved response against these security issues in cloud effectively. Current defences, security solutions, security equipments doesn’t cover two or all three security concepts which are prevention, detection and response. Honeypot security resource can be used to add value to the cloud security community it can cover all three security concepts if implemented intelligently.In this project a high-interaction based self-acting spontaneous honey pot, abbreviated as SAS HP, which can dynamically change its behavior after learning from an attacker, is proposed and its architecture is given which can be deployed in the cloud environment for the analysis of attack patterns and to secure cloud systems. Also, the concept that how the instances of this honey pot can be made available as a service to the customer and how this SAS HP can be deployed with in cloud is given in this report. The aim is to develop the working prototype of the proposed system in cloud environment.

Download Full-text

Assuring the Optimum Security Level for Network, Physical and Cloud Infrastructure

10.14293/s2199-1006.1.sor-.ppztvgd.v1 ◽

2021 ◽

Author(s):

Ali Atieh

Keyword(s):

Electromagnetic Interference ◽

Cloud Security ◽

Cyber Attacks ◽

Security Level ◽

Optimum Level ◽

Security Assessment ◽

It Infrastructure ◽

Cloud Infrastructure ◽

Network Infrastructure ◽

Physical Infrastructure

A robust and secure IT infrastructure ensures reliable security, high speeds and connectivity, employee support and accessibility, and a positive user experience for clients. It is hard to manage a modern firm without a secure and adaptable IT infrastructure. Technology, when properly set up and networked, can improve back-office processes, increase efficiency, and simplify communication. This research explores how an organization assure the optimum level of infrastructure security in in three domains: network infrastructure security, physical infrastructure security, and cloud infrastructure security. Running a network infrastructure model comes with a variety of difficulties. The findings suggest that there are few recommendations for assuring right security level for the network infrastructure, including: conducting a network security assessment, keeping user access privileges to a bare minimum for work, updating programs, investigating cybersecurity tools and Increasing cyber-awareness. Physical infrastructure security is also crucial. We divided he dangers are divided into the following categories and suggested for appropriated measure: threats by environment, threats by technical infrastructure, threats by humans, inappropriate humidity and temperature, Electrification, Electromagnetic Interference (EMI), Unauthorized physical access. Cloud security is necessitated by the widespread adoption of cloud technology, as well as an ever-increasing volume and sophistication of cyber attacks. To ensure the right level of cloud security, this research recommend to take some measures, including: Transit and Rest Protection, Asset Security. Securing User Management, Integration of compliance and security, Authentication and Identity, and Operational Safety and Security While no amount of security will ever stop all attacks, organizations can significantly minimize risk of suffering a breach and the fallout from such attacks by taking a few critical steps to secure business’ network, physical and cloud infrastructure.

Download Full-text

Web Based Application for Cloud Security and Compliance

Intelligent Systems and Computer Technology - Advances in Parallel Computing ◽

10.3233/apc200145 ◽

2020 ◽

Author(s):

Priyanka K ◽

Priya R

Keyword(s):

Web Application ◽

Service Providers ◽

Cloud Security ◽

Security Measures ◽

Web Based ◽

Security And Protection ◽

Cloud Data ◽

Security Issues ◽

Security Controls ◽

Client Data

cloud computing service is the most important services for many of the organizations. The service providers must ensure of their security and protection techniques to guarantee to protect the client data. There are some cloud security guidelines that supports the cloud data security are need to be followed by the vendors. Despite the fact, the vendors are facing the mess of security and protection controls and eventually leads to an confusion among the consumers on concerning the safety efforts and whether their measures satisfies the security measures. An inclusive report to survey the risk and security issues faced by cloud consumers have depicted to control the hazards. In light of this investigation, an ontology describing the cloud security controls, threats and compliances framed. a web based cloud application is designed to recommend the cloud security policies from the ontology such that it also helps the existing cloud providers. Security strategies can also be planned by the consumers by utilizing the web application that describing the ontology

Download Full-text

Assuring the Optimum Security Level for Network, Physical and Cloud Infrastructure

10.31219/osf.io/63dh9 ◽

2021 ◽

Author(s):

Ali T. Atieh

Keyword(s):

Electromagnetic Interference ◽

Cloud Security ◽

Cyber Attacks ◽

Security Level ◽

Optimum Level ◽

Security Assessment ◽

It Infrastructure ◽

Cloud Infrastructure ◽

Network Infrastructure ◽

Employee Support

A robust and secure IT infrastructure ensures reliable security, high speeds and connectivity,employee support and accessibility, and a positive user experience for clients. It is hard to managea modern firm without a secure and adaptable IT infrastructure. Technology, when properly setup and networked, can improve back-office processes, increase efficiency, and simplifycommunication. This research explores how an organization assure the optimum level ofinfrastructure security in in three domains: network infrastructure security, physical infrastructuresecurity, and cloud infrastructure security. Running a network infrastructure model comes with avariety of difficulties. The findings suggest that there are few recommendations for assuring rightsecurity level for the network infrastructure, including: conducting a network security assessment,keeping user access privileges to a bare minimum for work, updating programs, investigatingcybersecurity tools and Increasing cyber-awareness. Physical infrastructure security is also crucial.We divided he dangers are divided into the following categories and suggested for appropriatedmeasure: threats by environment, threats by technical infrastructure, threats by humans,inappropriate humidity and temperature, Electrification, Electromagnetic Interference (EMI),Unauthorized physical access. Cloud security is necessitated by the widespread adoption of cloudtechnology, as well as an ever-increasing volume and sophistication of cyber attacks. To ensurethe right level of cloud security, this research recommend to take some measures, including: Transitand Rest Protection, Asset Security. Securing User Management, Integration of compliance andsecurity, Authentication and Identity, and Operational Safety and Security While no amount ofsecurity will ever stop all attacks, organizations can significantly minimize risk of suffering a breachand the fallout from such attacks by taking a few critical steps to secure business’ network, physicaland cloud infrastructure.

Download Full-text

Continuous Auditing & Threat Detection in Multi-Cloud Infrastructure

10.36227/techrxiv.13108313 ◽

2020 ◽

Author(s):

Kennedy Torkura ◽

Muhammad I.H. Sukmana ◽

Feng Cheng ◽

Christoph Meinel

Keyword(s):

Scoring System ◽

Fault Injection ◽

Threat Detection ◽

Cloud Infrastructure ◽

Continuous Auditing ◽

Security Metrics ◽

Transition Analysis ◽

Security Issues ◽

Severity Scores ◽

Amazon Web Services

<div>Efficient change control and configuration management is imperative for addressing the emerging</div><div>security threats in cloud infrastructure. These threats majorly exploit misconfiguration vulnerabilities</div><div>e.g. excessive permissions, disabled logging features and publicly accessible cloud storage buckets.</div><div>Traditional security tools and mechanisms are unable to effectively and continuously track changes in</div><div>cloud infrastructure owing to transience and unpredictability of cloud events. Therefore, novel tools</div><div>that are proactive, agile and continuous are imperative. This paper proposes CSBAuditor, a novel cloud</div><div>security system that continuously monitors cloud infrastructure, to detect malicious activities and</div><div>unauthorized changes. CSBAuditor leverages two concepts: state transition analysis and reconciler</div><div>pattern to overcome the aforementioned security issues. Furthermore, security metrics are used to</div><div>compute severity scores for detected vulnerabilities using a novel scoring system: Cloud Security</div><div>Scoring System. CSBAuditor has been evaluated using various strategies including security chaos</div><div>engineering fault injection strategies on Amazon Web Services (AWS) and Google Cloud Platform</div><div>(GCP). CSBAuditor effectively detects misconfigurations in real-time with a detection rate of over</div><div>98%. Also, the performance overhead is within acceptable limits.</div>

Download Full-text

A Survey on Cloud Security Issues and Solution

2020 International Conference on Computing and Information Technology (ICCIT-1441) ◽

10.1109/iccit-144147971.2020.9214397 ◽

2020 ◽

Author(s):

Sahar Alatawi ◽

Areej Alhasani ◽

Shahad Alfaidi ◽

Moudi Albalawi ◽

Saad M Almutairi

Keyword(s):

Cloud Security ◽

Security Issues

Download Full-text

Cloud Security: Inter-Host Docker Container Communication using Vault Dynamic Secrets

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.b1035.1292s19 ◽

2019 ◽

Vol 9 (2S) ◽

pp. 395-401

Keyword(s):

Best Practices ◽

Cloud Security ◽

Simulation Environment ◽

Monitoring Tool ◽

Security Vulnerabilities ◽

Security Issues ◽

Industry Standard ◽

Flooding Attacks ◽

Arp Spoofing

In this paper we attempt to address Inter-Host Docker container communications security issues by incorporating a latest approach provided by Vault Hashicorp dynamic secret mechanism for managing SSH keys and server credentials. A simulation environment is prepared for Inter-Host container communication consisting of one host running locally and the peer host running as an AWS EC2 instance in cloud. Industry standard monitoring tool Grafana is used in the simulation environment to highlight the security impacts for any organization. We also draw special attention to some of the security vulnerabilities in docker container like ARP spoofing, Integrity of the docker host and containers and MAC flooding attacks. We try to list some best practices to be followed when using docker containers in any production deployments.

Download Full-text