Skip to main content
SpringerLink
Log in
Book cover

Advances in Big Data and Cloud Computing pp 11–26Cite as

Major Vulnerabilities and Their Prevention Methods in Cloud Computing

  • Conference paper
  • First Online:

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 750))

Abstract

A single name for dynamic scalability and elasticity of resources is nothing but a cloud. Cloud computing is the latest business buzz in the corporate world. The benefits like capital cost reduction, globalization of the workforce, and remote accessibility attract people to introduce their business through the cloud. The nefarious users can scan, exploit, and identify different vulnerabilities and loopholes in the system because of the ease of accessing and acquiring cloud services. Data breaches and cloud service abuse are the top threats identified by Cloud Security Alliance. The major attacks are insider attacks, malware and worm attack, DOS attack, and DDOS attack. This paper analyzes major attacks in cloud and comparison of corresponding prevention methods, which are effective in different platforms along with DDoS attack implementation results.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Ahmed, M., Xiang Y.: Trust ticket deployment: a notion of a data owner’s trust in cloud computing. In: 2011 International Joint Conference of IEEE TrustCom-11/IEEE ICESS-11/FCST-11

    Google Scholar 

  2. Bradai, A., Afifi, H.: Enforcing trust-based intrusion detection in cloud computing using algebraic methods. In: 2012 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discover

    Google Scholar 

  3. Rajagopal, R., Chitra, M.: Trust based interoperability security protocol for grid and cloud computing. In: ICCCNT’12 26–28 July 2012, Coimbatore, India

    Google Scholar 

  4. Kanwal, A., Masood, R., Ghazia, U.E., Shibli, M.A., Abbasi, A.G.: Assessment criteria for trust models in cloud computing. In: 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing

    Google Scholar 

  5. Duncan, A., Creese, S., Goldsmith, M.: Insider attacks in cloud computing. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications

    Google Scholar 

  6. Khorshed, M.T., Shawkat Ali, A.B.M., Wasimi, S.A.: Monitoring insiders activities in cloud computing using rule based learning. In: 2011 International Joint Conference of IEEE

    Google Scholar 

  7. Guo, Q., Sun, D., Chang, G., Sun, L., Wang, X.: Modeling and evaluation of trust in cloud computing environments. In: 2011 3rd International Conference on Advanced Computer Control (ICACC 2011)

    Google Scholar 

  8. Nkosi, L., Tarwireyi, P., Adigun, M.O.: Detecting a malicious insider in the cloud environment using sequential rule mining. In: 2013 IEEE International Conference on Adaptive Science and Technology (ICAST)

    Google Scholar 

  9. Bisong, A., Rahman, M.: An overview of the security concerns in enterprise cloud computing. Int. J. Netw. Secur. Appl. (IJNSA) 3(1) (January 2011)

    Google Scholar 

  10. Yang, Z., Qin, X., Yang, Y., Yagnik, T.: A hybrid trust service architecture for cloud computing. In: 2013 International Conference on Computer Sciences and Applications

    Google Scholar 

  11. Habib, S.M., Hauke, S., Ries, S., Muhlhauser, M.: Trust as a facilitator in cloud computing: a survey. J. Cloud Comput. Adv. Syst. Appl. (2012)

    Google Scholar 

  12. Noor, T.H., Sheng, Q.Z.: Trust management of services in cloud environments: obstacles and solutions. ACM Comput. Surv. 46(1), Article 12, Publication date: October 2013

    Google Scholar 

  13. Watson, M.R.: Malware detection in the context of cloud computing. In: The 13th Annual Postgraduate Symposium on the Convergence of Telecommunications, Networking, and Broadcasting

    Google Scholar 

  14. More, A., Tapaswi, S.: Dynamic malware detection and recording using virtual machine introspection. In: Best Practices Meet, 2013 DSCI IEEE

    Google Scholar 

  15. Biedermann, S., Katzenbeisser, S.: Detecting computer worms in the cloud. In: iNetSec’11 Proceedings of the 2011 IFIP WG 11.4 International Conference on Open Problems in Network Security

    Google Scholar 

  16. Harrison, K., Bordbar, B., Ali, S.T.T., Dalton, C.I., Norman, A.: A framework for detecting malware in cloud by identifying symptoms. In: 2012 IEEE 16th International Enterprise Distributed Object Computing Conference

    Google Scholar 

  17. Rameshbabu, J., Sam Balaji, B., Wesley Daniel, R., Malathi, K.: A prevention of DDoS attacks in cloud using NEIF techniques. Int. J. Sci. Res. Publ. 4(4) (April 2014) ISSN 2250-3153

    Google Scholar 

  18. Ismail, M.N., Aborujilah, A., Musa, S., Shahzad, A.: New framework to detect and prevent denial of service attack in cloud computing environment. Int. J. Comput. Sci. Secur. (IJCSS) 6(4)

    Google Scholar 

  19. Sattar, I., Shahid, M., Abbas, Y.: A review of techniques to detect and prevent distributed denial of service (DDoS) attack in cloud computing environment. Int. J. Comput. Appl. 115(8), 0975–8887 (2015)

    Google Scholar 

  20. Syed Navaz, A.S., Sangeetha, V., Prabhadevi, C.: Entropy based anomaly detection system to prevent DDoS attacks in cloud. Int. J. Comput. Appl. 62(15), 0975–8887 (2013)

    Google Scholar 

  21. Goyal, U., Bhatti, G., Mehmi, S.: A dual mechanism for defeating DDoS attacks in cloud computing model. Int. J. Appl. Innov. Eng. Manage. (IJAIEM)

    Google Scholar 

  22. Santhi, K.: A defense mechanism to protect cloud computing against distributed denial of service attacks. Int. J. Adv. Res. Comput. Sci. Softw. Eng. 3(5) (May 2013) (ISSN: 2277 128X)

    Google Scholar 

  23. Khalil, I.M., Khreishah, A., Azeem, M.: Cloud computing security: a survey. ISSN 2073-431X, 3 February 2014

    Google Scholar 

  24. Noor, T.H., Sheng, Q.Z., Zeadally, S.: Trust management of services in cloud environments: obstacles and solutions. ACM Comput. Surv. 46(1), Article 12, Publication date: October 2013

    Google Scholar 

  25. Kanaker, H.M., Saudi, M.M., Marhusin, M.F.: Detecting worm attacks in cloud computing environment: proof of concept. In: 2014 IEEE 5th Control and System Graduate Research Colloquium, August 11–12, UiTM, Shah Alam, Malaysia

    Google Scholar 

  26. Praveen Kumar, P., Bhaskar Naik, K.: A survey on cloud based intrusion detection system. Int. J. Softw. Web Sci. (IJSWS), 98–102

    Google Scholar 

  27. Rahman, M., Cheung, W.M.: A novel cloud computing security model to detect and prevent DoS and DDoS attack. Int. J. Adv. Comput. Sci. Appl. 5(6) (2014)

    Google Scholar 

  28. Shahin, A.A.: Polymorphic worms collection in cloud computing. Int. J. Comput. Sci. Mob. Comput. 3(8), 645–652 (2014)

    Google Scholar 

  29. Quinton, J.S., Duncan, A., Creese, S., Goldsmith, M.: Cloud computing: insider attacks on virtual machines during migration. In: 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications

    Google Scholar 

  30. Nicoll, A., Claycomb, W.R.: Insider threats to cloud computing: directions for new research challenges. In: 2012 IEEE 36th International Conference on Computer Software and Applications

    Google Scholar 

  31. Nguyen, M.-D., Chau, N.-T., Jung, S., Jung, S.: A demonstration of malicious insider attacks inside cloud IaaS Vendor. Int. J. Inf. Educ. Technol. 4(6) (December 2014)

    Google Scholar 

  32. Garkoti, G., Peddoju, S.K., Balasubramanian, R.: Detection of insider attacks in cloud based e-healthcare environment. In: 2014 13th International Conference on Information Technology

    Google Scholar 

  33. Kumar, M., Hanumanthappa, M.: Scalable intrusion detection systems log analysis using cloud computing infrastructure. In: 2013 IEEE International Conference on Computational Intelligence and Computing Research (ICCIC)

    Google Scholar 

  34. Praveen Kumar, P., Bhaskar Naik, K.: A survey on cloud based intrusion detection system. Int. J. Softw. Web Sci. (IJSWS), ISSN (Print) 2279-0063 ISSN (Online) 2279-0071

    Google Scholar 

  35. Sun, D., Chang, G., Suna, L., Wang, X.: Surveying and analyzing security, privacy and trust issues in cloud computing environments. SciVerse Sci. Direct Procedia Eng. 15, 2852–2856 (2011)

    Google Scholar 

  36. Oktay, U., Sahingoz, O.K.: Attack types and intrusion detection systems in cloud computing. In: Proceedings of the 6th International Information Security & Cryptology Conference, Bildiriler Kitabı

    Google Scholar 

  37. Sevak, B.: Security against side channel attack in cloud computing. Int. J. Eng. Adv. Technol. (IJEAT) 2(2) (December 2012) ISSN: 2249-8958

    Google Scholar 

  38. Siva, T., Phalguna Krishna, E.S.: Controlling various network based ADoS attacks in cloud computing environment: by using port hopping technique. Int. J. Eng. Trends Technol. (IJETT) 4(5) (May 2013)

    Google Scholar 

  39. Bhandari, N.H.: Survey on DDoS attacks and its detection &defence approaches. Int. J. Sci. Modern Eng. (IJISME) 1(3) (February 2013) (ISSN: 2319-6386)

    Google Scholar 

  40. Wong, F.F., Tan, C.X.: A survey of trends in massive DDoS attacks and cloud-based mitigations. Int. J. Netw. Secur. Appl. (IJNSA) 6(3) (May 2014)

    Google Scholar 

  41. Goyal, U., Bhatti, G., Mehmi, S.: A dual Mechanism for defeating DDoS attacks in cloud computing model. Int. J. Appl. Innov. Eng. Manage. (IJAIEM) 2(3) (March 2013) ISSN 2319-4847

    Google Scholar 

  42. Bhandari, N.H.: Survey on DDoS attacks and its detection &defence approaches. Int. J. Sci. Modern Eng. (IJISME) 1(3) February ISSN: 2319-6386

    Google Scholar 

  43. Santhi, K.: A defense mechanism to protect cloud computing against distributed denial of service attacks. Int. J. Adv. Res. Comput. Sci. Softw. Eng. 3(5) (May 2013) ISSN: 2277-128 X

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Information Technology, VIT Vellore, Vellore, India

    Jomina John

  2. VIT University, Vellore, Tamil Nadu, India

    Jasmine Norman

Authors
  1. Jomina John
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jasmine Norman
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jomina John .

Editor information

Editors and Affiliations

  1. Department of Computer Sciences Technology, Karunya Institute of Technology & Sciences, Coimbatore, Tamil Nadu, India

    J. Dinesh Peter

  2. Department of Civil and Environmental Engineering, University of Missouri, Columbia, MO, USA

    Amir H. Alavi

  3. School of Computing, Engineering and Mathematics, University of Western Sydney, Sydney, NSW, Australia

    Bahman Javadi

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

John, J., Norman, J. (2019). Major Vulnerabilities and Their Prevention Methods in Cloud Computing. In: Peter, J., Alavi, A., Javadi, B. (eds) Advances in Big Data and Cloud Computing. Advances in Intelligent Systems and Computing, vol 750. Springer, Singapore. https://doi.org/10.1007/978-981-13-1882-5_2

Download citation

Publish with us

Policies and ethics

Search

Navigation