Authors: Rob Hegarty; John Haggerty
Addresses: School of Computing, Mathematics and Digital Technology, Manchester Metropolitan University, Chester Street, Manchester, M1 5GD, UK ' School of Science and Technology, Nottingham Trent University, Clifton Campus, Nottingham, NG11 8NS, UK
Abstract: Cloud-based architectures have become the predominant paradigm for organisational infrastructure development due to the flexibility and scalability that these systems provide. However, issues around privacy and trust in such environments remain as has been demonstrated in recent attacks. There are two security challenges for cloud providers to resolve. First, they must ensure that only authorised downloads of potentially sensitive data can be made and they should have a means by which to detect any malicious activities. Second, any files that are uploaded to cloud providers must adhere to geographical legalities. Current security mechanisms employed in the cloud, such as firewalls and intrusion detection systems, find these issues problematic. This paper therefore presents a novel approach, XDet, for the extrusion detection of illegal files being maliciously uploaded to or downloaded from the cloud, which can be used in conjunction with other security countermeasures to ensure robust and secure cloud systems. This is achieved through the creation and detection of signatures from files of interest within the cloud network environment. The feasibility and performance study in this paper, whereby XDet has been applied to network traffic to detect files of interest, demonstrates the applicability of this approach.
Keywords: cloud security; privacy; trust; extrusion detection; illegal files; cloud computing.
International Journal of Space-Based and Situated Computing, 2015 Vol.5 No.3, pp.150 - 158
Received: 20 Sep 2014
Accepted: 07 May 2015
Published online: 31 Jul 2015 *