Modeling and Mitigating the Insider Threat of Remote Administrators in Clouds.

, to pose severe insider threats to both the cloud tenants and provider. ... In this paper, we take the first step towards understanding and mitigating such a threat. ... Threat Model and Maintenance Task Assignment Model Our work is intended to assist the cloud provider in understanding and mitigating the insider threat from dishonest remote administrators or attackers ...

doi:10.1007/978-3-319-95729-6_1 fatcat:bwi64wfmmzh7jaquug65pponky

In this paper we focus on the insider threat in cloud computing, a topic which has not received research focus, as of now. ... We address the problem in a holistic way, differentiating between the two possible scenarios: a) defending against a malicious insider working for the cloud provider, and b) defending against an insider ... This work was supported in part by the S-Port (09SYN-72-650) project, funded by the Hellenic General Secretariat for Research & Technology, under the "Synergasia" Programme. ...

doi:10.1007/978-3-642-41476-3_8 fatcat:3munbvxftre43n6rozxnppe3xm

The Administrator of organization also does not know what data kept in cloud area and if he accesses the data, easily caught during the auditing. ... The malicious insiders can perform stealing on sensitive data at cloud storage and at organizations. Most of the organizations ignoring the insider attack because it is harder to detect and mitigate. ... Insider Threats in CSP The insiders in this scenario are: cloud provider and cloud clients, the malicious administrator working for the cloud provider and cloud clients may miss use their privileges to ...

doi:10.11591/ijece.v5i1.pp136-141 fatcat:db3we6w3rnc53ed3lvu7yw5bre

Open Access

While Cloud computing relieves organizations from the burden of the data management and storage costs, security in general and the malicious insider threats in particular is the main concern in cloud environments ... We will analyses the existing mitigation strategies to reduce malicious insiders threats in Cloud computing. ... Section 4 discusses the analysis of the existing mitigation strategies and techniques to reduce malicious insiders in the Cloud Computing. ...

doi:10.1016/j.sbspro.2014.06.002 fatcat:g26igvyj7bfbtphzag2i3slwku

Open Access

While Cloud computing relieves organizations from the burden of the data management and storage costs, security in general and the malicious insider threats in particular is the main concern in cloud environments ... We will analyses the existing mitigation strategies to reduce malicious insiders threats in Cloud computing. ... Section 4 discusses the analysis of the existing mitigation strategies and techniques to reduce malicious insiders in the Cloud Computing. ...

doi:10.1016/j.sbspro.2014.03.716 fatcat:iwp6yuvc2rfnphicip75v6hhhi

Open Access

In this paper we identify the most vulnerable security threats/attacks in cloud computing, which will enable both end users and vendors t o k n o w a b o u t the k e y se c ur it y threats associated with ... The biggest challenge in cloud computing is the security and privacy problems caused by its multi-tenancy nature and the outsourcing of infrastructure, sensitive data and critical applications. ... THREAT MODEL FOR CLOUD An abstract view of threat model for Cloud computing is shown in Figure. 2. Cloud clients are facing two types of security threats viz; external and internal attacks. ...

doi:10.5121/acij.2013.4102 fatcat:mxzpj7zqnjfinmrhozris3nvyq

The main concern of most security experts in the last years is the need to mitigate insider threats. ... In this paper, we give an overview of the various basic characteristics of insider threats. ... This will lead to the identification of the mitigating factors and indicators of malicious or accidental insider threats. • To development a comprehensive and useful prediction model, which can convert ...

doi:10.1109/iconac.2015.7313979 dblp:conf/iconac/ElmrabitYY15 fatcat:nap2lxce5nhyhabq3goj2rxyyq

Cloud security mitigation techniques has not reached the level of transparency and hence, the journey of understanding and accepting cloud computing services still remains uncharted for many organizations ... While mitigation techniques for different security issues are actively being researched, however, there is still insignificancy in research on Abuse of Cloud Services threat, in particular. ... and mitigating risk during security crisis in no time, even through remote assistance. ...

doi:10.12785/ijcnt/060302 fatcat:m6jskoqgincidesdrdx3zsyop4

The security of cloud services is the concern of cloud service providers. In this paper, we will mention different classifications of cloud attacks referred by specialized organizations. ... Each agency has its classification of well-defined properties. The purpose is to present a high-level classification of current research in cloud computing security. ... The threat of insiders accessing customer data held within the cloud is greater as each of the delivery models can introduce the need for multiple internal users: SaaS Cloud customer and provider administrators ...

doi:10.5281/zenodo.1107306 fatcat:oohi5v2vfbhkhadh5db2dka4vy

Open Access

The paper also suggests mitigation techniques that can be used to reduce or eliminate the risk of the threats discussed. In addition, general cloud security recommendations are given. ... This paper is aimed to present information about the most current threats and attacks on cloud computing, as well as security measures. ... It threats the models of IaaS, SaaS, and PaaS. Mitigation of this threat is not a simple task. ...

doi:10.14419/jacst.v3i2.3588 fatcat:zw5nrmf2hrevvo6glzi6cl6cze

Open Access

In this paper, we take the first step toward modeling and mitigating security threats unique to NFV. Specifically, we model both cross-layer and co-residency attacks on the NFV stack. ... Additionally, we mitigate such threats through optimizing the virtual machine (VM) placement with respect to given constraints. The simulation results demonstrate the effectiveness of our solution. ... This work was partially supported by the National Science Foundation under grant number IIP-1266147, by the Army Research Office grant W911NF-13-1-042, and by the Natural Sciences and Engineering Research ...

doi:10.1007/978-3-030-49669-2_1 fatcat:aon2pyvkdfhebpdwjueqr4k6ge

Different security aspects of cloud virtualization will be explored in this research paper, security recognizing potential threats or attacks that exploit these vulnerabilities, and what security measures ... In addition, a discussion of general security requirements and the existing security schemes is also provided. ... The various types of cloud virtualizations and their security threats and presented in Section 4. The paper is concluded in Section 5. ...

doi:10.32604/csse.2022.019547 fatcat:hgxqvutbrfh5nivblmsuibasnu

In spite of countless benefits that cloud service has to offer, there is always a security concern for new threats and risks. ... The study has identified the potential challenges, as BotNet, BotCloud, Shared Technology Vulnerability and Malicious Insiders, from Abuse of cloud service threat. ... The proposed framework of individual security measures will be global standard and generalized in terms of every layer of cloud service and deployment models. ...

doi:10.12785/ijcds/080103 fatcat:zlkr7f7owve3jnydbozyt7fyly

DOAJ

By collecting and recording the complete call process of virtual network management and configuration in the cloud platform, and comparing it with the result of the hierarchical trusted call correlation ... We propose a virtual network internal threat detection method called VNGuarder in a cloud computing environment, which can effectively monitor whether the virtual network configuration of legitimate users ... Acknowledgments is work was supported in part by the National Science Foundation of China under Grant 61502017 in part by the Natural Science Foundation of Beijing Municipality under Grant M21039 ...

doi:10.1155/2022/1242576 fatcat:zrs6wx7twjb6fkppfvkz3nohfa

DOAJ

The study shows that Zambian public sector has related challenges in mitigation of insider attacks that calls for considered efforts in developing measures for mitigation of these challenges in order to ... Further, using Actor Network Theory (ANT) and Theory of Planned Behavior (TPB), the study proposed an expedient insider mitigation model with an emphasis on user awareness and access control considering ... Collins Kachaka, Director of Center for ICT and Dr. Mwanaumo Assistant Dean both of the University of Zambia for the motivation and encouragement throughout the research process. ...

doi:10.3844/jcssp.2018.1389.1400 fatcat:zzhgw76tg5a4xcdrjc5q4fp5jy

Modeling and Mitigating the Insider Threat of Remote Administrators in Clouds [chapter]

Preserved Fulltext

The Insider Threat in Cloud Computing [chapter]

Preserved Fulltext

Mitigation of Insider Attacks through Multi-Cloud

Preserved Fulltext

Analysis of Insiders Attack Mitigation Strategies

Preserved Fulltext

Analysis of Insiders Attack Mitigation Strategies

Preserved Fulltext

Secure Cloud Architecture

Preserved Fulltext

Insider threats in information security categories and approaches

Preserved Fulltext

A Novel Detection and Prevention (DAP) Framework for Abuse of cloud service threat

Preserved Fulltext

Classification Of Attaks Over Cloud Environment

Preserved Fulltext

Securing the Cloud: Threats, Attacks and Mitigation Techniques

Preserved Fulltext

Modeling and Mitigating Security Threats in Network Functions Virtualization (NFV) [chapter]

Preserved Fulltext

Extensive Study of Cloud Computing Technologies, Threats and Solutions Prospective

Preserved Fulltext

Security Challenges from Abuse of Cloud Service Threat

Preserved Fulltext

VNGuarder: An Internal Threat Detection Approach for Virtual Network in Cloud Computing Environment

Preserved Fulltext

An Investigation into Information Security Threats from Insiders and how to Mitigate them: A Case Study of Zambian Public Sector

Preserved Fulltext