Cloud Security: Challenges and Future Scope

Priyanka Vashisht; Shalini Bhaskar Bajaj; Aman Jatain; Ashima Narang

doi:10.55524/ijirem.2023.10.3.8

Abstract

Now Cloud computing becomes so much popular coz satisfying business needs efficiently. Cloud features provide best lead to organizations to effectively access data and services with less cost over the internet. This also raise issues related with cloud security. This paper presents brief information regarding cloud computing security challenges. This information includes security mechanisms that should be consider for Cloud Service Models. This Work also focus on detail knowledge of security issues, threats which may use by attacker. It also explains cloud components levels threats and attack so more secure mechanism can identified for each component. This Paper introduced classification of Cloud security areas issues to develop secure Cloud Security services in future.

Keywords

Cloud Computing, Cloud Security, Threats, Security issues, Data protection, Attacks

Reference

[1] Subramanian N, Jeyaraj A. (2018). Recent security challenges in cloud computing. Comput Electr Eng 71:28–42. Available: https://doi.org/10.1016/j.compeleceng.2018.06.006

[2] Shi B, Cui L, Li B, Liu X, Hao Z, Shen H. (2018). Shadow monitor: an effective in-VM monitoring framework with hardware-enforced isolation. In: International Symposium on Research in Attacks, Intrusions, and Defenses. Springer, Berlin, pp 670–690. Available: https://doi.org/10.1007/978-3-030-00470-5_31

[3] Bhamare D, Samaka M, Erbad A, Jain R, Gupta L, Chan HA. (2017). Optimal virtual network function placement in multi-cloud service function chaining architecture. Comput Commun 102:1–16. Available: https://doi.org/10.1016/j.comcom.2017.02.011

[4] Deka GC, Das PK. (2018). Application of virtualization technology in IaaS cloud deployment model. In: Design and Use of Virtualization Technology in Cloud Computing: IGI Global, pp 29–99. Available: 10.4018/978-1-5225-2785-5.CH002

[5] Oracle.com. (2018). The Oracle and KPMG Cloud Threat Report 2018 | Oracle (online). Available: https ://www.oracl e.com/cloud /cloud -threa t-repor t.html. Accessed 11 Dec 2018

[6] Roman R, Lopez J, Mambo M. (2018). Mobile edge computing, fog et al.: a survey and analysis of security threats and challenges. Future Gener Comput Syst. 78:680–698. Available: https://doi.org/10.1016/j.future.2016.11.009

[7] Sgandurra D, Lupu E. (2016). Evolution of attacks, threat models, and solutions for virtualized systems. ACM Comput Surv. 48(3):1–38. Available: https://doi.org/10.1145/2856126

[8] Kumar PR, Raj PH, Jelciana P. (2018). Exploring data security issues and solutions in cloud computing. Proc Comput Sci. 125:691–697. Available: https://doi.org/10.1016/j.procs.2017.12.089

[9] Marwane Zekri, Said El Kafhali, Noureddine Aboutabit, and Youssef Saadi. (2017). DDoS Attack Detection using Machine Learning Techniques in Cloud Computing Environments. 3rd International Conference of Cloud Computing Technologies and Applications. Available: 10.1109/CloudTech.2017.8284731

[10] MGM Mehedi Hasan and Mohammad Ashiqur Rahman. (2017). Protection by Detection: A Signaling Game Approach to Mitigate Co-Resident Attacks in Cloud. IEEE 10th International Conference on Cloud Computing. Available: 10.1109/CLOUD.2017.76

[11] Himadri Shekhar Mondal, Md. Tariq Hasan, Md. Bellal Hossain, Md. Ekhlasur Rahaman and Rabita Hasan, 2017. Enhancing Secure Cloud Computing Environment by Detecting DDoS Attack Using Fuzzy Logic. 3rd International Conference on Electrical Information and Communication Technology (EICT). Available: 10.1109/EICT.2017.8275211.

[12] Mohit P, Biswas G. (2017). Confidentiality and storage of data in cloud environment. In: Proceedings of the 5th International Conference on Frontiers in Intelligent Computing: Theory and Applications. Springer, Berlin. pp 289–295. Available: https://doi.org/10.1007/978-981-10-3156-4_29

[13] Somani G, Gaur MS, Sanghi D, Conti M, Buyya R. (2017). DDoS attacks in cloud computing: issues, taxonomy, and future directions. Comput Commun 107:30–48. Available: 10.1016/j.comcom.2017.03.010

[14] Sehgal NK, Bhatt PCP. (2018). Cloud computing concepts and practics. Springer. Available: https://doi.org/10.1007/978-3-319-77839-6

[15] Butun I, Erol-Kantarci M, Kantarci B, Song H. (2016). Cloud-centric multi-level authentication as a service for secure public safety device networks. IEEE Commun Mag. 54(4):47–53. Available: 10.1109/MCOM.2016.7452265.

[16] Zhang Y, Chen X, Li J, Wong DS, Li H, You I. (2017). Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing. Inf Sci. 379:42–61. Available: https://doi.org/10.1016/j.ins.2016.04.015

[17] Mishra P, Pilli ES, Varadharajan V, Tupakula U. (2017). Intrusion detection techniques in cloud environment:a survey. J Netw Comput Appl. 77:18–47. Available: https://doi.org/10.1016/j.jnca.2016.10.015

[18] Kohnfelder L, Garg P. (1999). The threats to our products. Microsoft Interface, Microsoft Corporation,New York. p 33. Available: Microsoft Defender for Endpoint News and Insights | Microsoft Security Blog

[19] Tounsi W, Rais HJC. (2018). A survey on technical threat intelligence in the age of sophisticated cyber attacks. Comput Secur. 72:212–233. Available: https://doi.org/10.1016/j.cose.2017.09.001

[20] Meinig M, Sukmana MI, Torkura KA, Meinel CJPCS. (2019). Holistic strategy-based threat model for organizations. Proc Comput Sci. 151:100–107. Available: https://doi.org/10.1016/j.procs.2019.04.017

[21] Mokhtar B, Azab MJAEJ. (2015). Survey on security issues in vehicular ad hoc networks. Alex Eng J.54(4):1115–1126. Available: https://doi.org/10.1016/j.aej.2015.07.011

[22] Tan Y, Wu F, Wu Q, Liao XJTJOS. (2019). Resource stealing: a resource multiplexing method for

mix workloads in cloud system. J Supercomput. 75(1):33–49. Available: https://doi.org/10.1007/s11227-015-1609-3

[23] Hong JB, Nhlabatsi A, Kim DS, Hussein A, Fetais N, Khan KMJCN. (2019). Systematic identification of threats in the cloud: a survey. Comput Netw. 150:46–69. Available:

[24] Rai S, Sharma K, Dhakal D. (2019). A survey on detection and mitigation of distributed denial-of service attack in named data networking. In: Sarma H, Borah S, Dutta N (eds) Advances in communication, cloud, and big data. Lecture notes in networks and systems, vol 31. Springer, Singapore. Available: http://dx.doi.org/10.1007/978-981-10-8911-4_18

[25] Eldewahi AE, Hassan A, Elbadawi K, Barry BI. (2018). The analysis of MATE attack in SDN based on STRIDE model. In: Proceedings of the International Conference on Emerging Internetworking, Data and Web Technologies, pp 901–910. Available: https://doi.org/10.1007/978-3-319-75928-9_83

[26] Alsmadi I. (2019). Incident response. In: The NICE Cyber Security Framework. pp 331–346. Available: https://doi.org/10.1007/978-3-030-02360-7_13

[27] Wu M, Moon YB. (2017). Taxonomy of cross-domain attacks on cyber manufacturing system. Proc Comput Sci. 114:367–374. Available: https://doi.org/10.1016/j.procs.2017.09.050

[28] Murugan K, Suresh P. (2018). Efficient anomaly intrusion detection using hybrid probabilistic techniques in wireless ad hoc network. Int J Netw Secur. 20(4):730–737. Available: 10.6633/IJNS.201807 20(4).15

[29] Ghose N, Lazos L, Li M. (2018). Secure device bootstrapping without secrets resistant to signal

manipulation attacks. In: Proceedings of the IEEE Symposium on Security and Privacy (SP). Pp 819–835. Available: 10.1109/SP.2018.00055

[30] Zhang X, Zhang Y, Mo Q, Xia H, Yang Z, Yang M, Wang X, Lunand L, Duan H. (2018). An empirical study of web resource manipulation in real-world mobile applications. In: Proceedings of the 27th Security Symposium (Security 18). pp 1183–1198. Available: https://dl.acm.org/doi/10.5555/3277203.3277291

[31] Coppolino L, D’Antonio S, Mazzeo G, Romano L. (2017). Cloud security: emerging threats and current solutions. Comput Electr Eng. 59:126–140. Available: https://doi.org/10.1016/j.compeleceng.2016.03.004

Cites this article as

[Priyanka Vashisht, Shalini Bhaskar Bajaj, Aman Jatain, Ashima Narang (2023), Cloud Security: Challenges and Future Scope, International Journal of Innovative Research in Engineering & Management (IJIREM), Vol-10, Issue-3, Page No-44-48], (ISSN 2347 - 5552). www.ijirem.org

Corresponding Author

Priyanka Vashisht

Associate Professor, Department of Computer Science and Engineering, Amity School of Engineering and Technology, Amity University, Gurugram, Haryana, India