Resource Specific Security Implementation in Network and Cloud System

##plugins.themes.academic_pro.article.sidebar##

Published Nov 15, 2021
https://doi.org/10.47164/ijngc.v12i4.310
Download
Requires Subscription PDF
Statistic

Downloads

Download data is not yet available.

Metrics

Metrics Loading ...
Volume 12, Issue 4, November 2021

##plugins.themes.academic_pro.article.main##

Latesh K.J
MTS-Programmer, Computer Science and Engineering Cloud and Cyber Security Consultant
Leena HU

Abstract

The current Unified Threat Management (UTM) systems are limited to standard and specific security practices in cloud and network sub system risk evaluations. In this paper, we recommend dynamic security evaluation to counter live threats by analyzing history of attacks and vulnerability score. Our approach introduces Smart Threat Alert admin (STA) into UTM/firewall engine which scans at regular intervals to discover type, target and implications of attacks at all levels. This technique is an enhanced approach of (QUIRC) structure that captures exact threats experienced in the system but fails to discuss the effects of threats surrounded. This limitation is analyzed using cyber security modeling language (CuSeMOL) on features like vulnerability, probability, type and impact of dynamic attacks. This approach is different from threat specific and static asset risk evaluation system conversely, the proposed novel technique STA analyses internet ports, internet protocol addresses, hostnames and other auxiliary port services to countermeasure the security aspects cloud assets. The proposed setup was implemented at university data center firewall with suitable experiments and received satisfying results

##plugins.themes.academic_pro.article.details##

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite
K.J, L., & Leena HU. (2021). Resource Specific Security Implementation in Network and Cloud System. International Journal of Next-Generation Computing, 12(4). https://doi.org/10.47164/ijngc.v12i4.310
Crossref
Scopus
Google Scholar
Europe PMC

References

  1. P. MELL, T. GRANCE 2011. SP 800-145. The NIST Definition of Cloud Computing, Neurocomputing— Algorithms. NIST Gaithersburg, MD, United States, Tech. Rep. DOI: https://doi.org/10.6028/NIST.SP.800-145
  2. K. DAHBUR B. MOHAMMAD A. B. TARAKJI2011. A Survey of Risks, Threats and Vulnerabilities in Cloud Computing. In Proc. of the International Conference on Intelligent Semantic Web-Services and Applications (ISWSA). pp. 1–6. DOI: https://doi.org/10.1145/1980822.1980834
  3. C. MODI. D. PATEL B. BORISANIYA A. PATEL M. Rajarajan2013 A Survey on Security Issues and Solutions at Different Layers of Cloud Computing. The Journal of Supercomputing Vol.63, No.2. pp.561–592 DOI: https://doi.org/10.1007/s11227-012-0831-5
  4. D. SGANDURRA, E. LUPU 2016. Evolution of Attacks, Threat Models, and Solutions for Virtualized Systems. ACM Computing Surveys. Vol.48, No.3. pp. 1–38. DOI: https://doi.org/10.1145/2856126
  5. K. KHAN , A. ERRADI AND A. S. ALHAZBI 2013. Addressing Security Compatibility for Multi-Tenant Cloud Services. International Journal of Computer Applications in Technology.. Vol.47, No.4. pp. 370–378. DOI: https://doi.org/10.1504/IJCAT.2013.055330
  6. Q. YAN F. R. YU Q. GONG J. LI2016. Network baselining, part i: Understanding the past to pre- dict theSoftware-Defined Net-working (SDN) and Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges. IEEE Com- munications Surveys & Tutorials. Vol.18 No.1. pp. 602–622. DOI: https://doi.org/10.1109/COMST.2015.2487361
  7. A. A. ALMUTAIRI , AND A. GHAFOOR 2014. Risk-Aware Virtual Resource Management for Multitenant Cloud Datacenters. IEEE Transactions on Cloud Computing. Vol.1 No.3. pp. 34–44. DOI: https://doi.org/10.1109/MCC.2014.63
  8. A. RAO, N. CARREON, R. LYSECKY, AND J. ROZENBLIT 2018. An automatic framework for detecting and characterizing performance degradation of software systems. IEEE Software Vol.35, No.1.pp. 38–43 DOI: https://doi.org/10.1109/MS.2017.4541031
  9. A. ALMUTAIRI M. I. SARFRAZ, AND A. GHAFOOR 2018. Risk-Aware Management of Virtual Re- sources in Access Controlled Service-Oriented Cloud Datacenters. IEEE Transactions on Cloud Computing. Vol.6 No.1. pp. 168–181. DOI: https://doi.org/10.1109/TCC.2015.2453981
  10. A. SEN , AND S. MADRIA 2017. Risk Assessment in a Sensor Cloud Framework Using Attack Graphs. DOI: https://doi.org/10.1109/TSC.2016.2544307
  11. IEEE Transactions on Services Computing. Vol.10 No.6. pp. 942–955.
  12. J. LV , AND J. RONG 2018. Virtualisation Security Risk Assessment for Enterprise Cloud Services Based on Stochastic Game Nets Model. IET Information Security Vol.12 No.1. pp. 7–14. DOI: https://doi.org/10.1049/iet-ifs.2017.0038
  13. S. ISLAM, M. OUEDRAOGO C. KALLONIATIS H. MOURATIDIS ANDS. GRITZALIS 2017. Assurance
  14. of Security and Privacy Requirements for Cloud Deployment Model. IEEE Transactions on Cloud Computing. Vol.6 No.2. pp. 387–400. DOI: https://doi.org/10.1109/TCC.2015.2511719
  15. K. DJEMAME , D. ARMSTRONG J. GUITART AND M. MACIAS 2016. A Risk Assessment Framework
  16. for Cloud Computing. IEEE Transactions on Cloud Computing. Vol.4 No.3. pp. 265–278.
  17. A. NASKOS , A. GOUNARIS H. MOURATIDIS AND P. KATSAROS 2016. Online Analysis of Security
  18. Risks in Elastic Cloud Applications. IEEE Transactions on Cloud Computing. Vol.3 No.5. pp. 26-33.
  19. T. SOMMESTAD , M. EKSTEDT ANDH. HOLM 2013. The Cyber Security Modeling Language: A Tool for Assessing the Vulnerability of Enterprise System Architectures. IEEE Systems Journal. Vol. 7 No.3. pp. 363-373. DOI: https://doi.org/10.1109/JSYST.2012.2221853
  20. P. SARIPALLI , AND B. WALTERS 2010. QUIRC: A Quantitative Impact and Risk Assessment Framework for Cloud Security. In Proc. of the 3rd IEEE International Conference on Cloud Computing . pp. 280-288. DOI: https://doi.org/10.1109/CLOUD.2010.22
  21. X. ZHANG , N. WUWONG H. LI AND X. ZHANG 2010. Information Security Risk Management Frame- work for the Cloud Computing Environments. In Proc. of the 10th IEEE International Conference on Computer and Information Technology. pp. 1328–1334. DOI: https://doi.org/10.1109/CIT.2010.501
  22. K LUBNA , ROBIN CYIAC AND KAVITHA KARUN A 2013. Firewall log analysis and dynamic rule re- ordering in firewall policy anomaly management framework. in Proc. of International Conference on Green Computing, Communication and Conservation of Energy (ICGCE). pp. 853-856. DOI: https://doi.org/10.1109/ICGCE.2013.6823553
  23. N. GHOSH, N. GHOSH AND S. K. DAS 2015. SelCSP: A Framework to Facilitate Selection of Cloud Service Providers. IEEE Transactions on Cloud Computing. Vol.3 No.1. pp. 66–79. DOI: https://doi.org/10.1109/TCC.2014.2328578
  24. S. T. HALKIDIS, N. TSANTALIS A. CHATZIGEORGIOU AND G. STEPHANIDES 2008. Architectural
  25. Risk Analysis of Software Systems Based on Security Patterns. IEEE Transactions on Dependable and Secure Computing. Vol.5 No.3. pp. 129–142. DOI: https://doi.org/10.1109/TDSC.2007.70240
  26. S. MADRIA , AND A. SEN 2015. Offline Risk Assessment of Cloud Service Providers. IEEE Transactions on Cloud Computing. Vol.2 No.3. pp. 50-57. DOI: https://doi.org/10.1109/MCC.2015.63
  27. J. LUNA , N. SURI M. IORGA AND A. KARMEL 2015. Leveraging the potential of cloud security service-level agreements through standards. IEEE Transactions on Cloud Computing. Vol.2 No.3. pp. 32-40. DOI: https://doi.org/10.1109/MCC.2015.52
  28. D. R. DOS SANTOS, R. MARINHO G. R. SCHMITT C. M. WESTPHALL AND C. B. WESTPHALL
  29. A Framework and Risk Assessment Approaches for Riskbased Access Control in the Cloud.
  30. Journal of Network and Computer Applications. Vol.74 pp. 86-97.
  31. V. BELLANDI , S. CIMATO E. DAMIANI G. GIANINI AND A. ZILLI 2015. Toward Economic-Aware
  32. Risk Assessment on the Cloud. IEEE Security & Privacy. Vol.13 No.6. pp. 30-37.
  33. G. CHEN , H. JIN D. ZOU B. B. ZHOU Z. LIANG W. ZHENG AND X. SHI 2013. SafeStack: Automat-
  34. ically Patching Stack-Based Buffer Overflow Vulnerabilities. IEEE Transactions on Dependable and Secure Computing. Vol.10 No.6. pp. 368-379. DOI: https://doi.org/10.1109/TDSC.2013.25
  35. D. GONZALES , J. M. KAPLAN E. SALTZMAN Z. WINKELMAN AND D. WOODS 2017. Cloud-Trust:
  36. A Security Assessment Model for Infrastructure as a Service (IaaS) Clouds. IEEE Transactions on Cloud Computing. Vol.5 No.3. pp. 523-536. DOI: https://doi.org/10.1109/TCC.2015.2415794
  37. S. TURPE 2017. The Trouble with Security Requirements. In Proc. of the 25th IEEE International Requirements Engineering Conference pp. 122-133. DOI: https://doi.org/10.1109/RE.2017.13
  38. M. REZVANI , V. SEKULIC A. IGNJATOVIC E. BERTINO AND S. JHA 2015. Interdependent Secu-
  39. rity Risk Analysis of Hosts and Flows. IEEE Transactions on Information Forensics & Security. Vol.10 No.11. pp. 2325-2339.
  40. E. WEINTRAUB , AND Y. COHEN 2016. Security Risk Assessment of Cloud Computing Services in a Networked Environment. International Journal of Advanced Computer Science and Applications. Vol.7 No.11. DOI: https://doi.org/10.14569/IJACSA.2016.071112
  41. F. SWIDERSKI , AND W. SNYDER 2004. Threat Modeling. Redmond, WA, USA: Microsoft Press.
  42. LIU PEIYU AND LIU DONG 2011. The New Risk Assessment Model for Information System in Cloud Computing. Environment. Vol.15 pp. 3200-3204. DOI: https://doi.org/10.1016/j.proeng.2011.08.601
  43. S. E. YUSUF , M. GE J. B. HONG H. K. KIM P. KIM AND D. S. KIM 2017. Security Modelling
  44. and Analysis of Dynamic Enterprise Networks. In Proc. of the IEEE International Conference on Computer and Information Technology . pp. 249–256.
  45. HONGXIN HU , GAIL-JOON AHN AND KETAN KULKARNI 2012. Detecting and Resolving Firewall Policy Anomalies. IEEE Transactions on Dependable and Secure Computing. Vol.9 No.3. pp. 318-331. DOI: https://doi.org/10.1109/TDSC.2012.20
  46. BILAL KHAN , MUHAMMAD KHURRAM KHAN MAQSOOD MAHMUD AND KHALED S. ALGHATH-
  47. BAR 2010. Security Analysis of Firewall Rule Sets in Computer Networks. Fourth International Conference on Emerging Security Information, Systems and Technologies.