On cloud security attacks: A taxonomy and intrusion detection and prevention as a service

Journal of Network and Computer Applications - Tập 74 - Trang 98-120 - 2016
Salman Iqbal1, Miss Laiha Mat Kiah1, Babak Dhaghighi1, Muzammil Hussain1, Suleman Khan1, Muhammad Khurram Khan2, Kim-Kwang Raymond Choo3,4,5
1Faculty of Computer Science and Information Technology, University of Malaya, Kuala Lumpur, 50603, Malaysia
2Centerof Excellence in Information Assurance (CoEIA), King Saud University, Saudi Arabia
3Department of Information Systems and Cyber Security, University of Texas at San Antonio, USA
4School of Information Technology & Mathematical Sciences, University of South Australia
5School of Computer Science, China University of Geosciences, Wuhan, China

Tài liệu tham khảo

Ab Rahman, 2015, A survey of information security incident handling in the cloud, Comput. Secur., 49, 45, 10.1016/j.cose.2014.11.006 Alizadeh, 2015, Authentication in mobile cloud computing: a survey, J. Netw. Comput. Appl. Almomani, 2013, A survey of phishing email filtering techniques, Commun. Surv. Tutor. IEEE, 15, 2070, 10.1109/SURV.2013.030713.00020 Alqahtani, S.M., Balushi, M.A. and John, R., 2014. An intelligent intrusion detection system for cloud computing (SIDSCC). In: Proceedings of the 2014 International Conference on Computational Science and Computational Intelligence (CSCI), IEEE. Alqahtani, S.M., Balushi, M.A. John, R., 2014. An intelligent intrusion prevention system for cloud computing (SIPSCC). In: Proceedings of the 2014 International Conference on Computational Science and Computational Intelligence (CSCI), IEEE. AlZain, M.A., Soh, B., Pardede, E., 2011. MCDB: Using Multi-clouds to Ensure Security in Cloud Computing. In: Proceedings of the 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing (DASC), IEEE. Anitha, E., Malliga, S., 2013. A packet marking approach to protect cloud environment against DDoS attacks. In: Proceedings of the 2013 International Conference on Information Communication and Embedded Systems (ICICES), IEEE. Araújo, 2012, Virtualization in intrusion detection systems: a study on different approaches for cloud computing environments, IJCSNS, 12, 10 Armbrust, 2010, A view of cloud computing, Commun. ACM, 53, 50, 10.1145/1721654.1721672 Arshad, 2011, An abstract model for integrated intrusion detection and severity analysis for clouds, Int. J. Cloud Appl. Comput. (IJCAC), 1, 1 Ayodele, T. and Adeegbe, D., 2013. Cloud based emails boundaries and vulnerabilities. In: Proceedings of the Science and Information Conference (SAI), 2013. IEEE. Azeez, A., et al., 2010 Multi-tenant SOA middleware for cloud computing. In: Proceedings of the Cloud Computing (Cloud), 2010 IEEE 3rd International Conference on, 2010. IEEE. Bakshi, A., Yogesh, B., 2010. Securing cloud from ddos attacks using intrusion detection system in virtual machine. In: Proceedings of the Communication Software and Networks, 2010. ICCSN'10. Second International Conference on, 2010. IEEE. Barron, C., H., Yu, Zhan, J., 2012. Cloud computing security case studies and research. In: Proceedings of the World Congress on Engineering. 2013. Bhadauria, R., et al., 2011. A survey on security issues in cloud computing. arXiv preprint arXiv:1109.5388, 2011. Bhadauria, R., Sanyal, S., 2012. Survey on security issues in cloud computing and associated mitigation techniques. arXiv preprint arXiv:1204.0764, 2012. Bharadwaja, S., et al., 2011. Collabra: a xen hypervisor based collaborative intrusion detection system. In: Proceedings of the Information Technology: New Generations (ITNG), 2011 Eighth International Conference on, 2011. IEEE. Bouayad, A., et al., 2012. Cloud computing: security challenges. In: Proceedings of the Information Science and Technology (CIST), 2012 Colloquium in. 2012. IEEE. Bradai, A., Afifi, H., Enforcing trust-based intrusion detection in cloud computing using algebraic methods. In: Proceedings of the Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), 2012 International Conference on. 2012. IEEE. Brunette, 2009, Security guidance for critical areas of focus in cloud computing v2.1, Cloud Secur. Alliance, 1 Bryan Williams, 2010 Chen, 2013, Cloud computing-based forensic analysis for collaborative network security management system, Tsinghua Sci. Technol., 18, 40, 10.1109/TST.2013.6449406 Chen, Q., et al., 2011. CBF: A packet filtering method for DDoS attack defense in cloud environment. In: Proceedings of the Dependable, Autonomic and Secure Computing (DASC), 2011 IEEE Ninth International Conference on, 2011. IEEE. Chonka, A., Abawajy, J., 2012. Detecting and mitigating HX-DoS attacks against cloud web services. In: Proceedings of the Network-Based Information Systems (NBiS), 2012 15th International Conference on, 2012. IEEE. Chung, 2013, NICE: Network intrusion detection and countermeasure selection in virtual network systems, IEEE Trans. Dependable Secur. Comput., 1 Corporation, P.S., 2008. SaaS Security and privacy. Council, S.-a.-a.-S.E., 2006. Software-as-a-Service; A Comprehensive Look at the Total Cost of Ownership of Software Applications. Dastjerdi, A.V., Bakar, K.A., Tabatabaei, S.G.H., 2009. Distributed intrusion detection in clouds using mobile agents. In: Proceedings of the Advanced Engineering Computing and Applications in Sciences, 2009. ADVCOMP'09. Third International Conference on, 2009. IEEE. Dawoud, W., TakounaI., I., Meinel, C., 2010. Infrastructure as a service security: Challenges and, solutions. In: Proceedings of the Informatics and Systems (INFOS), 2010 The 7th International Conference on. 2010. IEEE. Dinesha, H., Agrawal, V., 2012. Multi-level authentication technique for accessing cloud services. In: Proceedings of the Computing, Communication and Applications (ICCCA), 2012 International Conference on, 2012. IEEE. Ding, B., et al., 2012. Return-oriented programming attack on the Xen hypervisor. In: Proceedings of the Availability, Reliability and Security (ARES), 2012 Seventh International Conference on, 2012. IEEE. Duncan, A., et al., 2013. Cloud Computing: Insider Attacks on Virtual Machines during Migration. In: Proceedings of the Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on, 2013. IEEE. Duncan, A.J., Creese, S., Goldsmith, M., 2012. Insider attacks in cloud computing. In: Proceedings of the Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on. 2012. IEEE. Ferguson, E., Weber, J., Hasan, R., 2012. Cloud based content fetching: Using cloud infrastructure to obfuscate phishing scam analysis. In: Proceedings of the Services (SERVICES), 2012 IEEE Eighth World Congress on. 2012. IEEE. FireHost, 2012. Cross-Site Scripting Attacks Up 160% in Final Quarter of 2012; Available from: 〈http://www.firehost.com/company/newsroom/web-application-attack-report-fourth-quarter-2012〉. Gani, 2014, A review on interworking and mobility techniques for seamless connectivity in mobile cloud computing, J. Netw. Comput. Appl., 43, 84, 10.1016/j.jnca.2014.04.009 Garfinkel, 2003, Terra: A Virtual Machine-based Platform For Trusted Computing Garg, S., Saran, H., 2008. Anti-DDoS Virtualized Operating System. In: Proceedings of the Availability, Reliability and Security, 2008. ARES 08. Third International Conference on, 2008. IEEE. Godfrey, M. and Zulkernine, M., 2013. A Server-Side Solution to Cache-Based Side-Channel Attacks in the Cloud. In: Proceedings of the Cloud Computing (CLOUD), 2013 IEEE Sixth International Conference on, 2013. IEEE. Grispos, G., Glisson, W.B., Storer T., 2013. Cloud security challenges: Investigating policies, standards, and guidelines in a fortune 500 organization. arXiv preprint arXiv:1306.2477, 2013. Guan, Y. and Bao, J., 2009. A CP intrusion detection strategy on cloud computing. In: Proceedings of the 2009 International Symposium on Web Information Systems and Applications (WISA’09). 2009. Gupta, S., et al., 2012. A fingerprinting system calls approach for intrusion detection in a cloud environment. In: CASoN. Hamad, 2012, Managing intrusion detection as a service in cloud networks, Int. J. Comput. Appl., 41, 35 Hamdi, M., 2012. Security of cloud computing, storage, and networking. In: Proceedings of the Collaboration Technologies and Systems (CTS), 2012 International Conference on, 2012. IEEE. Harnik, 2010, Side channels in cloud services: deduplication in cloud storage, Secur. Priv. IEEE, 8, 40, 10.1109/MSP.2010.187 Houmansadr, A., Zonouz, S.A., Berthier, R., 2011. A cloud-based intrusion detection and response system for mobile phones. In: Proceedings of the Dependable Systems and Networks Workshops (DSN-W), 2011 IEEE/IFIP 41st International Conference on, 2011. IEEE. Ibrahim, A.S., et al., 2011. Cloudsec: a security monitoring appliance for virtual machines in the iaas cloud model. In: Proceedings of the Network and System Security (NSS), 2011 5th International Conference on. 2011. IEEE. Jensen, M., et al., 2009. On technical security issues in cloud computing. In: Proceedings of the Cloud Computing, 2009. CLOUD'09. IEEE International Conference on, 2009. IEEE. Jia, 2011, The research and design of intelligent IPS model based on dynamic cloud firewall linkage, Int. J. Digit. Content Technol. Appl., 5, 304, 10.4156/jdcta.vol5.issue3.30 Juliadotter, N.V., Choo, K.-K.R., Chapter 3 - CATRA: Conceptual cloud attack taxonomy and risk assessment framework, in The Cloud Security Ecosystem. 2015, Syngress: Boston. pp. 37–81. Kang, L., Zhang, X., 2010. Identity-based authentication in cloud storage sharing. In: Proceedings of the Multimedia Information Networking and Security (MINES), 2010 International Conference on, 2010. IEEE. Karnwal, 2013, A Filter tree approach to protect cloud computing against XML DDoS and HTTP DDoS attack, 459 Katkamwar, 2012, Securing cloud servers against flooding based DDoS attacks, Int. J. Appl. Innov. Eng. Manag. (IJAIEM), 1, 50 Khan, 2014, A comprehensive review on adaptability of network forensics frameworks for mobile cloud computing, Sci. World J., 10.1155/2014/547062 Khan, 2016, Network forensics: review, taxonomy, and open challenges, J. Netw. Comput. Appl., 66, 214, 10.1016/j.jnca.2016.03.005 Khan, 2016, Cloud log forensics: foundations, state of the art, and future directions, ACM Comput. Surv. (CSUR), 49, 7, 10.1145/2906149 Khan, S., et al. Forensic challenges in mobile cloud computing. In: Proceedings of the Computer, Communications, and Control Technology (I4CT), 2014 International Conference on. 2014. IEEE. Khan, S., et al., 2015. SIDNFF: Source identification network forensics framework for cloud computing. In: Proceedings of the Consumer Electronics-Taiwan (ICCE-TW), 2015 IEEE International Conference on, 2015. IEEE. Khonji, 2013, Phishing detection: a literature survey, Commun. Surv. Tutor. IEEE, 15, 2091, 10.1109/SURV.2013.032213.00009 Khorshed, M.T., Ali, A.S. Wasimi, S.A., 2011. Monitoring insiders activities in cloud computing using rule based learning. In: Proceedings of the Trust, Security and Privacy in Computing and Communications (TrustCom), 2011 IEEE 10th International Conference on. 2011. IEEE. Khune, R., Thangakumar, J., 2012. A cloud-based intrusion detection system for Android smartphones. In: Proceedings of the International conference on radar, communication and computing, India. 2012. Kourai, K., Azumi, T., Chiba, S., 2012. A self-protection mechanism against stepping-stone attacks, for IaaS clouds. In: Proceedings of the Ubiquitous Intelligence & Computing and 9th International Conference on Autonomic & Trusted Computing (UIC/ATC), 2012 9th International Conference on. 2012. IEEE. Kwon, 2011, Self-similarity based lightweight intrusion detection method for cloud computing, 353 Lee, J.-H., et al., 2011. Multi-level intrusion detection system and log management in cloud computing. In: Proceedings of the Advanced Communication Technology (ICACT), 2011 13th International Conference on, 2011. IEEE. Li, T., et al., 2011. LARX: Large-scale anti-phishing by retrospective data-exploring based on a cloud computing platform. In: Proceedings of the Computer Communications and Networks (ICCCN), 2011 Proceedings of 20th International Conference on, 2011. IEEE. Lin, C.-H., et al., 2010. A detection scheme for flooding attack on application layer based on semantic concept. In: Proceedings of the Computer Symposium (ICS), 2010 International. 2010. IEEE. Lin, W. and Lee, D., 2012. Traceback Attacks in Cloud–Pebbletrace Botnet. In: Proceedings of the Distributed Computing Systems Workshops (ICDCSW), 2012 32nd International Conference on. 2012. IEEE. Liu, 2015, Application partitioning algorithms in mobile cloud computing: taxonomy, review and future directions, J. Netw. Comput. Appl., 48, 99, 10.1016/j.jnca.2014.09.009 Liu, F., et al., 2009. The design and application of Xen-based host system firewall and its extension. In: Proceedings of the Electronic Computer Technology, 2009 International Conference on. 2009. IEEE. Lo, C.-C., Huang, C.-C., Ku., J. A cooperative intrusion detection system framework for cloud computing networks. In: Proceedings of the Parallel Processing Workshops (ICPPW), 2010 39th International Conference on. 2010. IEEE. Lomotey, R.K., Deters, R., 2013. SaaS Authentication Middleware for Mobile Consumers of IaaS Cloud. in Services (SERVICES), 203 IEEE Ninth World Congress on, 2013. IEEE. Manvi, 2014, Resource management for Infrastructure as a Service (IaaS) in cloud computing: a survey, J. Netw. Comput. Appl., 41, 424, 10.1016/j.jnca.2013.10.004 Mazzariello, C., Bifulco, R., Canonico, R., 2010. Integrating a network ids into an open source cloud computing environment. In: Proceedings of the Information Assurance and Security (IAS), 2010 Sixth International Conference on. 2010. IEEE. Meng, Y., Li, W., Kwok, L.-F., 2013. Design of cloud-based parallel exclusive signature matching model in intrusion detection. In: Proceedings of the High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing (HPCC_EUC), 2013 IEEE 10th International Conference on. 2013. IEEE. Modi, 2013, A survey on security issues and solutions at different layers of cloud computing, J. Supercomput., 63, 561, 10.1007/s11227-012-0831-5 Mohamed, H., et al., 2013. A collaborative intrusion detection and prevention system in cloud computing. In: Proceedings of the AFRICON, 2013. 2013. IEEE. Mundada, 2011, Silverline: data and network isolation for cloud services, Proc HotCloud Nasridinov, A., Byun, J.-Y., Park, Y.-H., 2012. UNWRAP: An approach on wrapping-attack tolerant SOAP messages. In: Proceedings of the Cloud and Green Computing (CGC), 2012 Second International Conference on. 2012. IEEE. Nepal, 2015, Trustworthy processing of healthcare big data in hybrid clouds, Cloud Comput. IEEE, 2, 78, 10.1109/MCC.2015.36 Nikolai, J., Wang, Y., 2014. Hypervisor-based cloud intrusion detection system. In: Proceedings of the Computing, Networking and Communications (ICNC), 2014 International Conference on. 2014. IEEE. Nkosi, L., Tarwireyi, P., Adigun, M.O., 2013. Detecting a malicious insider in the cloud environment using sequential rule mining. In: Proceedings of the Adaptive Science and Technology (ICAST), 2013 International Conference on. 2013. IEEE. Nkosi, L., Tarwireyi, P., Adigun, M.O., 2013. Insider threat detection model for the cloud. In: Proceedings of the Information Security for South Africa, 2013. IEEE. Oktay, U., Aydin, M.A., Sahingoz, O.K., 2013. A circular chain intrusion detection for cloud computing based on improved AdjointVM approach. In: Proceedings of the Computational Intelligence and Informatics (CINTI), 2013 IEEE 14th International Symposium on. 2013. IEEE. Oktay, U., Sahingoz, O., 2013. Proxy Network Intrusion Detection System for cloud computing. In: Proceedings of the Technological Advances in Electrical, Electronics and Computer Engineering (TAEECE), 2013 International Conference on. 2013. IEEE. Oliveira, D., et al., 2008. Bezoar: Automated virtual machine-based full-system recovery from control-flow hijacking attacks. In: Proceedings of the Network Operations and Management Symposium, 2008. NOMS 2008. IEEE. 2008. IEEE. Osanaiye, 2016, Distributed denial of service (DDoS) resilience in cloud: review and conceptual cloud ddos mitigation framework, J. Netw. Comput. Appl., 10.1016/j.jnca.2016.01.001 Oyama, Y., Hoshi, Y., 2011. A hypervisor for injecting scenario-based attack effects. In: Proceedings of the Computer Software and Applications Conference (COMPSAC), 2011 IEEE 35th Annual. 2011. IEEE. Patel, 2013, An intrusion detection and prevention system in cloud computing: a systematic review, J. Netw. Comput. Appl., 36, 25, 10.1016/j.jnca.2012.08.007 Potlapally, N.R., et al., 2007. Aiding side-channel attacks on cryptographic software with satisfiability-based analysis. Very Large Scale Integr (VLSI) Syst, IEEE Transactions on 15, 4, pp. 465–470. Prokhorenko, 2016, Web application protection techniques: a taxonomy, J. Netw. Comput. Appl., 60, 95, 10.1016/j.jnca.2015.11.017 Qaisar, 2012, Cloud computing: network/security threats and countermeasures, Interdiscip. J. Contemp. Res. Bus., 3, 1323 Qi, 2014, Sierpinski triangle based data center architecture in cloud computing, J. Supercomput., 69, 887, 10.1007/s11227-014-1187-9 Reuben, 2007 Revar, A.G., Bhavsar, M.D., 2011. Securing user authentication using single sign-on in Cloud Computing. In: Proceedings of the Engineering (NUiCONE), 2011 Nirma University International Conference on. 2011. IEEE. Ristenpart, T., et al., 2009. Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the Proceedings of the 16th ACM conference on Computer and communications security. 2009. ACM. Rocha, F., Gross, T., van Moorsel, A., 2013. Defense-in-depth against malicious insiders in the cloud. In: Proceedings of the Cloud Engineering (IC2E), 2013 IEEE International Conference on. 2013. IEEE. Rodero-Merino, 2012, Building safe PaaS clouds: a survey on security in multitenant software platforms, Comput. Secur., 31, 96, 10.1016/j.cose.2011.10.006 Roschke, S., Cheng, F., Meinel, C., 2009. An extensible and virtualization-compatible IDS management architecture. In: Proceedings of the Information Assurance and Security, 2009. IAS'09. Fifth International Conference on. 2009. IEEE. S., Fiebig, et al., 2013. Detecting VM Live Migration using a Hybrid External Approach. In: CLOSER. 2013. Sabahi, F., 2011. Virtualization-level security in cloud computing. In: Proceedings of the Communication Software and Networks (ICCSN), 2011 IEEE 3rd International Conference on. 2011. IEEE. Sawesi, K.G.A., Saudi, M.M., Jali, M.Z., 2013. Designing a new E-Commerce authentication framework for a cloud-based environment. In: Proceedings of the Control and System Graduate Research Colloquium (ICSGRC), 2013 IEEE 4th. IEEE. Saxena, A., et al., 2013. Detecting SOQL-injection vulnerabilities in sales force applications. In: Proceedings of the Advances in Computing, Communications and Informatics (ICACCI), 2013 International Conference on. 2013. IEEE. Scarfone, 2011 Shaikh, 2015, Trust model for measuring security strength of cloud computing service, Procedia Comput. Sci., 45, 380, 10.1016/j.procs.2015.03.165 Shameli-Sendi, 2015, Taxonomy of distributed denial of service mitigation approaches for cloud computing, J. Netw. Comput. Appl., 58, 165, 10.1016/j.jnca.2015.09.005 Shea, R., Liu, J., 2012. Understanding the impact of denial of service attacks on virtual machines. In: Proceedings of the 2012 IEEE 20th International Workshop on Quality of Service 2012 IEEE Press. Shi, J., et al., 2011. Limiting cache-based side-channel in multi-tenant cloud using dynamic page coloring. In: Proceedings of the Dependable Systems and Networks Workshops (DSN-W), 2011 IEEE/IFIP 41st International Conference on. 2011. IEEE. Shiraz, 2015, A study on the critical analysis of computational offloading frameworks for mobile cloud computing, J. Netw. Comput. Appl., 47, 47, 10.1016/j.jnca.2014.08.011 Simou, 2014, Cloud forensics: identifying the major issues and challenges Stefanov, E., Shi, E., 2013. Oblivistore: high performance oblivious cloud storage. In: Proceedings of the Security and Privacy (SP), 2013 IEEE Symposium on. 2013. IEEE. Subashini, 2011, A survey on security issues in service delivery models of cloud computing, J. Netw. Comput. Appl., 34, 1, 10.1016/j.jnca.2010.07.006 Sun, 2011, Surveying and analyzing security, privacy and trust issues in cloud computing environments, Procedia Eng., 15, 2852, 10.1016/j.proeng.2011.08.537 Sun, Y., He., D., 2012. Model checking for the defense against cross-site scripting attacks. In: Proceedings of the Computer Science & Service System (CSSS), 2012 International Conference on. 2012. IEEE. Suzaki, K., 2012. Security on cloud storage and IaaS, in Taiwan-Japan Workshop 2012/Nov/272012. Szefer, J., et al. Eliminating the hypervisor attack surface for a more secure cloud. In: Proceedings of the Proceedings of the 18th ACM conference on Computer and communications security. 2011. ACM. Takabi, 2010, Security and privacy challenges in cloud computing environments, IEEE Secur. Priv., 6, 24, 10.1109/MSP.2010.186 Telegraph, T., 2009. Facebook users targeted by hackers in successful phishing attack, Available from: 〈http://www.telegraph.co.uk/technology/facebook/5326971/Facebook-users-targeted-by-hackers-in-successful-phishing-attack.html〉. Toosi, 2014, Interconnected cloud computing environments: Challenges, taxonomy, and survey, ACM Comput. Surv. (CSUR), 47, 7, 10.1145/2593512 Tupakula, U., Varadharajan, V., AkkuN., 2011. Intrusion detection techniques for infrastructure as a service cloud. In: Proceedings of the Dependable, Autonomic and Secure Computing (DASC), 2011 IEEE Ninth International Conference on. 2011. IEEE. Turnbull, L., Shropshire, J., 2013. Breakpoints: an analysis of potential hypervisor attack vectors. In: Proceedings of the Southeastcon, IEEE. 2013. IEEE. Vieira, 2010, Intrusion detection for grid and cloud computing, IT Prof., 12, 38, 10.1109/MITP.2009.89 VivinSandar, 2012, Economic denial of sustainability (edos) in cloud services using http and xml based ddos attacks, Int. J. Comput. Appl., 41, 11 Volokyta, A., Kokhanevych, I., Ivanov, D., 2012. Secure virtualization in cloud computing. Wang, Z., Jiang, X., 2010. Hypersafe: A lightweight approach to provide lifetime hypervisor control-flow integrity. In: Proceedings of the Security and Privacy (SP), 2010 IEEE Symposium on. 2010. IEEE. Whaiduzzaman, 2014, A survey on vehicular cloud computing, J. Netw. Comput. Appl., 40, 325, 10.1016/j.jnca.2013.08.004 Xia, Y., et al., 2012. Defending against VM rollback attack. In: Proceedings of the Dependable Systems and Networks Workshops (DSN-W), 2012 IEEE/IFIP 42nd International Conference on. 2012. IEEE. Xiao, 2013, Security and privacy in cloud computing, Commun. Surv. Tutor. IEEE, 15, 843, 10.1109/SURV.2012.060912.00182 Xie, W., et al., 2013. Cloud-based RFID authentication. In: Proceedings of the RFID (RFID), 2013 IEEE International Conference on. 2013. IEEE. Y., Gilad, et al., CDN-on-Demand: An Affordable DDoS Defense via Untrusted Clouds. Yang, L., et al., 2012. Defense of DDoS attack for cloud computing. In: Proceedings of the Computer Science and Automation Engineering (CSAE), 2012 IEEE International Conference on. 2012. IEEE. Yaseen, Q., Panda, B., 2010. Malicious modification attacks by insiders in relational databases: prediction and prevention. In: Proceedings of the Social Computing (SocialCom), 2010 IEEE Second International Conference on. 2010. IEEE. Yassin, A.A., et al., 2012. Anonymous password authentication scheme by using digital signature and fingerprint in cloud computing. In: Proceedings of the Cloud and Green Computing (CGC), 2012 s International Conference on. 2012. IEEE. Yassin, W., et al., 2012. A cloud-based intrusion detection service framework. In: Proceedings of the Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2012 International Conference on. 2012. IEEE. You, P., et al., 2012. Security issues and solutions in cloud computing. In: Proceedings of the Distributed Computing Systems Workshops (ICDCSW), 2012 32nd International Conference on. 2012. IEEE. Yu, S., Gui, X., Lin, J., 2013. An approach with two-stage mode to detect cache-based side channel attacks. In: Proceedings of the Information Networking (ICOIN), 2013 International Conference on. 2013. IEEE. Yu, X., Wen, Q., 2010. A view about cloud data security from data life cycle. In: Proceedings of the Computational Intelligence and Software Engineering (CiSE), 2010 International Conference on. 2010. IEEE. Zhang, F., et al., 2008. PALM: security preserving VM live migration for systems with VMM-enforced protection. In: Proceedings of the Trusted Infrastructure Technologies Conference, 2008. APTC'08. Third Asia-Pacific. 2008. IEEE. Zhang, Y., et al., 2006. Virtual-machine-based intrusion detection on file-aware block level storage. In: Proceedings of the Computer Architecture and High Performance Computing, 2006. SBAC-PAD'06. 18th International Symposium on. 2006. IEEE. Zhang, Y., et al., 2011. Homealone: Co-residency detection in the cloud via side-channel analysis. In: Proceedings of the security and Privacy (SP), 2011 IEEE Symposium on. 2011. IEEE. Zhang, Y., et al., 2012. Cross-VM side channels and their use to extract private keys. In: Proceedings of the 2012 ACM conference on Computer and communications security. 2012. ACM. Zissis, 2012, Addressing cloud computing security issues, Futur. Gener. Comput. Syst., 28, 583, 10.1016/j.future.2010.12.006
Thông tin
Thông tin xuất bản

Journal of Network and Computer Applications

Tập 74

98-120

Thông tin tác giả