Skip to main content
SpringerLink
Log in

On some artificial intelligence methods and technologies for cloud-computing protection

  • General Section
  • Published:
Automatic Documentation and Mathematical Linguistics Aims and scope

Abstract

An overview of data-mining technologies used in applied information security systems is presented. The focus is made on a new and actively developing trend, cloud-computing media (including the socalled fog computing). The status and promising opportunities of using artificial intelligence models and methods to solve information security problems are also discussed.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Reese, G., Cloud Application Architectures: Building Applications and Infrastructure in the Cloud, O’Reilly Media, 2009.

    Google Scholar 

  2. The Doctrine of Information Security of the Russian Federation. http://www.scrf.gov.ru/documents/6/5. html.

  3. Fog Computing and the Internet of Things: Extend the Cloud to Where the Things Are. White paper. CISCO, 2015. http://www.cisco.com/c/dam/en_us/solutions/trends/iot/docs/computing-overview.pdf.

  4. Open Fog Consortium. http://www.openfogconsortium. org/.

  5. Open Fog Consortium. White Papers. http://www. openfogconsortium.org/resources/#white-papers.

  6. McKendrick, J., Fog computing: A new IoT architecture?, RT Insight. http://www.rtinsights.com/what-isfog- computing-open-consortium/.

  7. Bulanov, K., The media learned about Russian bank losing 100 million rubles after cyber attack, RBK, Dec. 1,2016. http://www.rbc.ru/finances/01/12/2016/583f7b749a79477669f0f916?from=main.

    Google Scholar 

  8. Koshkarov, A., Hackers stole more than 1 billion rubles from banks within half a year, RBK, July 19,2016. http://www.rbc.ru/finances/19/07/2016/578e222d9a794700144a8d80?from=main.

    Google Scholar 

  9. Sberbank: Hackers steal most, Vesti-Ekon., Oct. 6, 2016. http://www.vestifinance.ru/articles/71772.

  10. Goryacheva, V., Sberbank will be protected on-line, Kommersant, Nov. 29,2016. http://www.kommersant.ru/doc/3155975?utm_source=kommersant&utm_medium=finance&utm_campaign=four.

    Google Scholar 

  11. Gref, G.O., Evolve or die out. (Speech at the 3rd Annual Convention of Graduates of the Skolkovo Business School, May 24, 2016). http://trends.skolkovo.ru/2016/05/evolyutsioniruy-ili-vyimresh-german-gref-nakonvente-vyipusknikov-skolkovo/.

  12. Legg, S. and Hutter, M., A Collection of Definitions of Intelligence. Technical Report. IDSIA-07-07, June 15, 2007. https://arxiv.org/pdf/0706.3639.pdf.

    Google Scholar 

  13. Legg, S. and Hutter, M, Universal intelligence: A definition of machine intelligence, Minds Mach., 2007, vol. 17, no. 4, pp. 391–444. http://www.vetta.org/documents/legg-hutter-2007-universal-intelligence.pdf.

    Article  Google Scholar 

  14. Grusho, A.A., Zabezhailo, M.I., Zatsarinnyi, A.A., Piskovskii, V.O., and Borokhov, S.V, On the potential applications of data mining for information security provision of cloud-based environments, Autom. Doc. Math. Linguist., 2015, vol. 49, no. 6, pp. 193–201.

    Article  Google Scholar 

  15. Security Guidance Working Group. https://cloudsecurityalliance.org/group/security-guidance/.

  16. Solutions for Protecting against Security Threats from CSA. https://habrahabr.ru/post/183168/.

  17. Selection of organizations to perform work and provide services in the development of the Single Cross-Channel Fraud Detection System for the needs of PAO Sberbank. PURCHASE #31503176509. http://zakupki. gov.ru/223/purchase/public/purchase/info/common-info. html?noticeInfoId=5302472.

  18. Top Threats to Cloud Computing V1.0. Cloud Security Alliance. 2010. http://www.cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf.

  19. The Treacherous Twelve 'Cloud Computing Top Threats in 2016. Cloud Security Alliance, Feb. 29, 2016. https://cloudsecurityalliance.org/group/top-threats/#_downloads.

  20. Top Threats to Cloud Computing. Update 2016-2017. Cloud Security Alliance, Dec. 4, 2016. https://cloudsecurityalliance. org/group/top-threats/#_downloads.

  21. Threats of Cloud Computing and Methods of Their Protection, PVSM.RU, ITNews. http://www.pvsm.ru/virtualizatsiya/36437/print/.

  22. Software Defined Networks. http://habrahabr.ru/company/muk/blog/251959/.

  23. ETSI: Network Function Virtualization. http://www.etsi.org/technologies-clusters/technologies/nfv.

  24. The Internet2 Community: Enabling the Future. http://www.internet2.edu/.

  25. GENI: Exploring Networks of the Future. http://www.geni.net.

  26. Miklashevskaya, A., Internet of Things can be deadly dangerous, Kommersant, Dec. 11,2016. http://www.kommersant.ru/doc/3168591?utm_source=kommersant&utm_medium=tech&utm_campaign=four.

    Google Scholar 

  27. SubCommTech and SubCMT Examine Recent Cyber Attacks. The Energy and Commerce Committee (114th Congress). Press Release, Nov. 16, 2016. https://energycommerce.house.gov/news-center/pressreleases/subcommtech-and-subcmt-examine-recentcyber- attacks.

  28. Mell, P. and Grance, T., The NIST Definition of Cloud Computing. http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf.

  29. Jansen, W. and Grance, T., Guidelines on Security and Privacy in Public Cloud Computing. NIST SP800-144. http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-144.pdf.

  30. NIST Cloud Computing Security Reference Architecture. http://www.nist.gov/sites/default/files/documents/itl/cloud/NIST_SP-500-291_Version-2_2013_June18_ FINAL.pdf.

  31. Scarfone, K. and Mell, P., Guide to Intrusion Detection and Prevention Systems (IDPS). NIST Special Publication 800-94. Revision 1, 2012. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.259.5143&rep=rep1&type=pdf.

    Google Scholar 

  32. Khramtsovskaya, N.A., Standards and Guidelines for Using Cloud Computing. http://www.eos.ru/upload/Information%20Management_13-03_12-21.pdf.

  33. ISO/IEC 27040:2015: Information Technology—Security Techniques—Storage Security. http://www.iso.org/obp/ui/#iso:std:iso-iec:27040:ed-1:v1:en.

  34. Draft GOST (State Standard) RXXXXX-20XX: Information Protection. Requirements for the Protection of Information Processed Using the Technology of Cloud Computing. General Provisions. http://docs.cntd.ru/document/1200102839.

  35. Cisco ASR 9000 DDoS Protection Solution. http://www.cisco.com/c/en/us/solutions/service-provider/service-provider-security-solutions/asr-9000-ddosprotection- solution.html.

  36. Kader, M., Network Attacks. http://lagman-join. narod.ru/spy/CNEWS/cisco_attacks.html.

  37. Classification of Network Attacks, CISCO, June 20, 2005. http://www.internet-technologies.ru/articles/article_237.html.

  38. Intel Cloud Security Platform. http://itnews.com.ua/60064.html.

  39. Anley, C., Heasman, J., Linder, F., and Richarte, G., The Shellcoder’s Handbook. Discovering and Exploiting Security Holes, Indianapolis: Wiley Publ., 2007.

    Google Scholar 

  40. Vulnerabilities in Remote Desktop Could Allow Remote Code Execution, Microsoft Security TechCenter, Microsoft Security Bulletin ms12-020—Critical. http://technet.microsoft.com/enus/security/bulletin/ms12-020.

  41. Vulnerability in Oracle Java Runtime Environment Could Allow Remote Code Execution, Multi-State Information Sharing and Analysis Center. https://msisac.cisecurity.org/advisories/2013/2013-041.cfm.

  42. CVE Details. Security Vulnerabilities Published in 2013. http://www.cvedetails.com/vulnerability-list.php.

  43. Rashid, F.Y, The dirty dozen: 12 cloud security threats, InfoWorld (IDG), Mar. 11, 2016. http://www.infoworld. com/article/3041078/security/the-dirty-dozen-12-cloudsecurity- threats.html.

    Google Scholar 

  44. World's most used penetration testing software, Rapid7' s Metasploit. http://www.metasploit.com.

  45. Rapid7: Accelerating ITInsight. http://www.rapid7. com/company/index.php.

  46. Sun, E. and Haley, P., 2015 Incident Detection and Response Survey Results, Boston (MA): Rapid7. http://www.rapid7.com/company/resources/incidentdetection- response-survey.php.

  47. Borisenko, K.A, Methods and model of organization of protection of virtualized computer networks of distributed cloud computing environments against network attacks, Cand. Sci. (Eng.) Dissertation, St. Petersburg: LETI, 2016. http://www.eltech.ru/assets/files/nauka/dissertacii/2016/Borisenko/Dissertaciya-Borisenko.pdf.

    Google Scholar 

  48. Borisenko, K., Rukavitsyn, A., Gurtov, A., and Shorov, A, Detecting the origin of DDoS attacks in OpenStack cloud platform using data mining techniques, Internet Things, Smart Spaces, Next Gener. Networks Syst., 2016, pp. 303–315.

    Chapter  Google Scholar 

  49. Kholod, I., Petuhov, I., and Kapustin, N, Creation of data mining cloud service on the actor mode, Internet Things, Smart Spaces, Next Gener. Networks Syst., 2015, no. 9247, pp. 585–599.

    Article  Google Scholar 

  50. Petukhov, I.V, Representation of algorithms for data mining and their implementation in distributed environments based on the model of actors, Cand. Sci. (Eng.) Dissertation, St. Petersburg: LETI, 2016. http://www. eltech.ru/assets/files/nauka/dissertacii/2016/Petuhov/Dissertaciya_Petuhov.pdf.

    Google Scholar 

  51. Gaivoronskaya, S.A., Investigation of methods for detecting shellcodes in high-speed data channels, Cand. Sci. (Eng.) Dissertation, Moscow: Moscow State University,2014. https://cs.msu.ru/sites/cmc/files/theses/gaivoronski-diss.pdf.

    Google Scholar 

  52. Gaivoronski, S. and Gamayunov, D, Hide and seek: Worms digging at the internet backbones and edges, Proceedings of the 7th Spring/Summer Young Researchers’ Colloquium on Software Engineering (SYRCoSE 2013), Kazan, 2013, pp. 94–107.

    Google Scholar 

  53. Kramarov, L.S. and Babenko, L.K, Detection of network attacks and selection of countermeasures in cloud systems, Izv. YuFU, Tekh. Nauki, 2013, no. 12(149), pp. 94–101.

    Google Scholar 

  54. Varghese, G., Resolving oracle 8i problems with changes in hardware, Papers from the Proceedings of the 17th NACCQ 2004, Mann, S. and Clear, C., Eds.,2004, pp. 452–454.

    Google Scholar 

  55. Revilak, S., O’Neil, P., and O’Neil, E, Precisely serializable snapshot isolation, Proceedings of the 2011 IEEE 27th International Conference on Data Engineering, IEEE, 2011, pp. 482–493.

    Chapter  Google Scholar 

  56. Eswaran, P., Gray, J., Lorie, R., and Traiger, I, The notions of consistency and predicate locks in a database system, Commun. ACM, 1976, vol. 19, no. 11, pp. 624–633.

    Article  MathSciNet  MATH  Google Scholar 

  57. Bernstein, P.A., Hadzilacos, V., and Goodman, N., Concurrency Control and Recovery in Database Systems, Reading, MA: Addison-Wesley, 1987.

    Google Scholar 

  58. O’Neil, P., Database: Principles, Programming, Performance, San-Francisco, CA: Morgan Kaufmann Publ., 1994.

    MATH  Google Scholar 

  59. Conolly, T. M. and Begg, C.E., Database Systems. A Practical Approach to Design, Implementation, and Management, Reading, MA,US: Addison-Wesley,1999, 2nd ed.

    Google Scholar 

  60. Berenson, H., Bernstein, P., Gray, J., Melton, J., O’Neil, E., and O’Neil, P., A critique of ANSI SQL isolation levels, Proc. 1995 ACM SIGMOD International Conference on Management of Data, New York: ACM, 1995, pp. 1–10.

    Google Scholar 

  61. Reitblatt, R., Foster, N., Rexford, J., and Walker, D., Consistent updates for software-defined networks: Change you can believe in!, HOTNETS '11,2011, no. 7, pp. 1–6.

    Google Scholar 

  62. Reitblatt, M., Foster, N., Rexford, J., Schlesinger, C., and Walker, D, Abstractions for network update, Proc. Assoc. for Compt. Mach. SIGCOMM Conf., 2012, pp. 323–334.

    Google Scholar 

  63. McGeer, R., A correct, zero-overhead protocol for network updates, Proc. of the 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, 2013, pp. 161–162. http://conferences.sigcomm.org/sigcomm/2013/papers/hotsdn/p161.pdf.

    Chapter  Google Scholar 

  64. McGeer, R, Declarative verifiable SDI specifications, IEEE Security and Privacy Workshops, 2016, pp. 198–203. http://spw16.langsec.org/papers/mcgeer-verifiable-sdi-specs.pdf.

    Google Scholar 

  65. Grusho, A.A., Zabezhailo, M.I., Zatsarinnyi, A.A., and Piskovskii, V.O, Secure automatic reconfiguration of cloud computing environments, Sist. Sredstva Inf., 2016, vol. 26, no. 3, pp. 83–92.

    Google Scholar 

  66. Grusho, A.A., Zabezhailo, M.I., and Zatsarinnyi, A.A, Control and management of information flows in the cloud environment, Inf. Primen., 2015, vol. 9, no. 4, pp. 95–101.

    Google Scholar 

  67. Grusho, A.A., Zabezhailo, M.I., and Zatsarinnyi, A.A, One method of reducing computations in the formation of Galois closures, Inf. Primen., 2016, vol. 10, no. 4, pp. 97–106.

    Google Scholar 

  68. Volkov, V.A, Analysis of threats and methods of protection of cloud services, Molodii Vchenii, 2015, no. 12(27), pp. 38–43. http://molodyvcheny.in.ua/files/journal/2015/12/05.pdf.

    Google Scholar 

  69. Emel'yanova, Yu.G. and Fralenko, V.P, Analysis of problems and prospects for the creation of an intelligent system for detecting and preventing network attacks on cloud computing, Program. Sist.: Teor. Prilozh., 2011, no. 4(8), pp. 17–31.

    Google Scholar 

  70. Snort. http://www.snort.org.

  71. Talalaev, A.A., Tishchenko, I.P., Khachumov, V.M., and Fralenko, V.P, Development of a neural network monitoring module for abnormal network activity, Neirokomp’yut.: Razrab. Primen., 2011, no. 7, pp. 32–38.

    Google Scholar 

  72. Fifth ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. http://kdd.ics. uci.edu/databases/kddcup99/kddcup99.html.

  73. Hadamard, J., Sur les problèmes aux dérivéespartielles et leur signification physique, 1902, pp. 49–52.

  74. Tikhonov, A.N, On the stability of inverse problems, Dokl. AN SSSR, 1943, vol. 39, no. 5, pp. 195–198.

    MathSciNet  Google Scholar 

  75. Tikhonov, A.N., Correct and ill-posed problems, in The Great Soviet Encyclopedia, Prokhorov, A.M., Ed., Moscow: Sovetskaya entsiklopediya,1969, 3rd ed.

    Google Scholar 

  76. Ashby, W.R., An Introduction to Cybernetics, Martino Fine Books, 2015.

    MATH  Google Scholar 

  77. Turing, A.M, Computing machinery and intelligence, Mind, 1950, vol. 59, pp. 433–460.

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Federal Research Center Informatics and Control, Russian Academy of Sciences, Moscow, 119333, Russia

    A. A. Grusho, M. I. Zabezhailo & A. A. Zatsarinnyi

  2. Applied Research Center for Computer Networks, Moscow, 142784, Russia

    V. O. Piskovskii

Authors
  1. A. A. Grusho
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. M. I. Zabezhailo
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. A. A. Zatsarinnyi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. V. O. Piskovskii
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to A. A. Grusho.

Additional information

Original Russian Text © A.A. Grusho, M.I. Zabezhailo, A.A. Zatsarinnyi, V.O. Piskovskii, 2017, published in Nauchno-Tekhnicheskaya Informatsiya, Seriya 2: Informatsionnye Protsessy i Sistemy, 2017, No. 3, pp. 1–15.

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Grusho, A.A., Zabezhailo, M.I., Zatsarinnyi, A.A. et al. On some artificial intelligence methods and technologies for cloud-computing protection. Autom. Doc. Math. Linguist. 51, 62–74 (2017). https://doi.org/10.3103/S0005105517020029

Download citation

  • Received:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.3103/S0005105517020029

Keywords

Search

Navigation