Skip to main content

Advertisement

SpringerLink
Log in

Security Threats, Defense Mechanisms, Challenges, and Future Directions in Cloud Computing

  • Survey article
  • Published:
Archives of Computational Methods in Engineering Aims and scope Submit manuscript

Abstract

Several new technologies such as the smart cities, the Internet of Things (IoT), and 5G Internet need services offered by cloud computing for processing and storing more information. Hence, the heterogeneity of the new companies that used the above-mentioned technologies will add many vulnerabilities and security concerns for the cloud paradigm. Presently, cloud computing involves every component such as end-user, networks, access management, and infrastructures. Without a lucid vision of the cloud infrastructure, security communities struggle with problems ranging from duplicating data to failing to identify security threats in a timely way, with loss of control about protection and data access to face regulatory compliance. With cloud computing becoming part of our everyday life and our digital computer environment, we look forward to rapid new development in the computational needs provided by cloud computing paradigms. In this paper, we first provide an architecture tutorial on cloud computing technology, including their essential characteristics, services models, deployment models, and cloud data center virtualization. Second, we provide the cloud computing security issues and frameworks, and through a comprehensive survey, we characterize and summarize the efforts made in the literature to find solutions to these security issues. Third, we categorize the various attacks in the cloud and privacy challenges. Fourth, we summarize the efforts made in the literature to the defense mechanisms and mitigation solution for security assessment. Finally, we discuss open issues in cloud security and propose some future directions.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Hung YH (2019) Investigating how the cloud computing transforms the development of industries. IEEE Access 7:181505–181517

    Google Scholar 

  2. Wu C, Buyya R, Ramamohanarao K (2020) Modeling cloud business customers’ utility functions. Futur Gener Comput Syst 105:737–753

    Google Scholar 

  3. Fatima S, Ahmad S (2019) An exhaustive review on security issues in cloud computing. KSII Trans Internet Inf Syst 13(6):3219–3237

    Google Scholar 

  4. Mthunzi SN, Benkhelifa E, Bosakowski T, Guegan CG, Barhamgi M (2020) Cloud computing security taxonomy: From an atomistic to a holistic view. Futur Gener Comput Syst 107:620–644

    Google Scholar 

  5. Odun-Ayo I, Ananya M, Agono F, Goddy-Worlu R (2018) Cloud computing architecture: a critical analysis. In: Proceedings of the 18th international conference on computational science and applications. IEEE, pp 1–7

  6. Mell P, Grance T (2011) The NIST definition of cloud computing: recommendations of the National Institute of Standards and Technology. NIST Spec Publ 800–145:1–7

    Google Scholar 

  7. Gourisaria MK, Samanta A, Saha A, Patra SS, Khilar PM (2020) An extensive review on cloud computing. In: Data engineering and communication technology. Springer, Singapore, pp 53–78

  8. Attaran M, Woods J (2019) Cloud computing technology: improving small business performance using the Internet. J Small Bus Entrep 31(6):495–519

    Google Scholar 

  9. Liu Y, Sun YL, Ryoo J, Rizvi S, Vasilakos AV (2015) A survey of security and privacy challenges in cloud computing: solutions and future directions. J Comput Sci Eng 9(3):119–133

    Google Scholar 

  10. Tabrizchi H, Rafsanjani MK (2020) A survey on security challenges in cloud computing: issues, threats, and solutions. J Supercomput 76(12):9493–9532

    Google Scholar 

  11. Zhang Q, Cheng L, Boutaba R (2010) Cloud computing: state-of-the-art and research challenges. J Internet Serv Appl 1(1):7–18

    Google Scholar 

  12. Nasirian S, Faghani F (2019) Crystal: a scalable and fault-tolerant Archimedean-based server-centric cloud data center network architecture. Comput Commun 147:159–179

    Google Scholar 

  13. Li T, Santini S (2019) Energy-aware coflow and antenna scheduling for hybrid server-centric data center networks. IEEE Trans Green Commun Netw 3(2):356–365

    Google Scholar 

  14. Al Asvija B, Eswari R, Bijoy MB (2019) Security in hardware assisted virtualization for cloud computing—state of the art issues and challenges. Comput Netw 151:68–92

    Google Scholar 

  15. Mondesire SC, Angelopoulou A, Sirigampola S, Goldiez B (2019) Combining virtualization and containerization to support interactive games and simulations on the cloud. Simul Model Pract Theory 93:233–244

    Google Scholar 

  16. Pietri I, Sakellariou R (2016) Mapping virtual machines onto physical machines in cloud computing: a survey. ACM Comput Surv (CSUR) 49(3):1–30

    Google Scholar 

  17. El Kafhali S, Salah K (2018) Performance analysis of multi-core VMs hosting cloud SaaS applications. Comput Stand Interfaces 55:126–135

    Google Scholar 

  18. El Kafhali S, Salah K (2017) Stochastic modelling and analysis of cloud computing data center. In: Proceedings of 20th conference on innovations in clouds, internet and networks. IEEE, pp 122–126

  19. Adams K, Agesen O (2006) A comparison of software and hardware techniques for ×86 virtualization. ACM Sigplan Not 41(11):2–13

    Google Scholar 

  20. Sukmana HT, Ichsani Y, Putra SJ (2016) Implementation of server consolidation method on a data center by using virtualization technique: a case study. In: Proceedings of the international conference on informatics and computing. IEEE, pp 277–282

  21. Rosenblum M (2004) The reincarnation of virtual machines. Queue 2(5):34–40

    Google Scholar 

  22. Hanini M, El Kafhali S, Salah K (2019) Dynamic VM allocation and traffic control to manage QoS and energy consumption in cloud computing environment. Int J Comput Appl Technol 60(4):307–316

    Google Scholar 

  23. Nashaat H, Ashry N, Rizk R (2019) Smart elastic scheduling algorithm for virtual machine migration in cloud computing. J Supercomput 5(7):3842–3865

    Google Scholar 

  24. Abeni L, Faggioli D (2020) Using Xen and KVM as real-time hypervisors. J Syst Architect 106:101709

    Google Scholar 

  25. Huh JH, Seo K (2016) Design and test bed experiments of server operation system using virtualization technology. HCIS 6(1):1

    Google Scholar 

  26. El Kafhali S, Salah K (2018) Modeling and analysis of performance and energy consumption in cloud data centers. Arab J Sci Eng 43(12):7789–7802

    Google Scholar 

  27. Alaluna M, Vial E, Neves N, Ramos FM (2019) Secure multi-cloud network virtualization. Comput Netw 161:45–60

    Google Scholar 

  28. Bui B, Mvondo D, Teabe B, Jiokeng K, Wapet L, Tchana A, Depalma N (2019) When extended para-virtualization (XPV) meets NUMA. In: Proceedings of the 14th EuroSys conference, pp 1–15

  29. Beloglazov A, Buyya R (2013) Managing overloaded hosts for dynamic consolidation of virtual machines in cloud data centers under quality of service constraints. IEEE Trans Parallel Distrib Syst 24(7):1366–1379

    Google Scholar 

  30. Saadi Y, El Kafhali S (2020) Energy efficient strategy for virtual machines consolidation in cloud environment. Soft Comput 24(19):14845–14859

    Google Scholar 

  31. Shrivastava V, Zerfos P, Lee KW, Jamjoom H, Liu YH, Banerjee S (2011) Application-aware virtual machine migration in data centers. In: Proceedings of IEEE INFOCOM. IEEE, pp 66–70

  32. Mishra M, Das A, Kulkarni P, Sahoo A (2012) Dynamic resource management using virtual machine migrations. IEEE Commun Mag 50(9):34–40

    Google Scholar 

  33. Dong J, Jin X, Wang H, Li Y, Zhang P, Cheng S (2013) Energy-saving virtual machine placement in cloud data centers. In: Proceedings of the 13th IEEE/ACM international symposium on cluster, cloud, and grid computing. IEEE, pp 618–624

  34. Zheng J, Ng TSE, Sripanidkulchai K (2011) Workload-aware live storage migration for clouds. In: Proceedings of the 7th ACM SIGPLAN/SIGOPS international conference on virtual execution environments. ACM, pp 133–144

  35. Sharma Y, Si W, Sun D, Javadi B (2019) Failure-aware energy-efficient VM consolidation in cloud computing systems. Futur Gener Comput Syst 94:620–633

    Google Scholar 

  36. Liu H, Jin H, Liao X, Yu C, Xu CZ (2011) Live virtual machine migration via asynchronous replication and state synchronization. IEEE Trans Parallel Distrib Syst 22(12):1986–1999

    Google Scholar 

  37. Guo Z, Li J, Ramesh R (2019) Optimal management of virtual infrastructures under flexible cloud service agreements. Inf Syst Res 30(4):1424–1446

    Google Scholar 

  38. Wu CM, Chang RS, Chan HY (2014) A green energy-efficient scheduling algorithm using the DVFS technique for cloud datacenters. Futur Gener Comput Syst 37:141–147

    Google Scholar 

  39. Zhou R, Liu F, Li C, Li T (2013) Optimizing virtual machine live storage migration in heterogeneous storage environment. ACM SIGPLAN Not 48(7):73–84

    Google Scholar 

  40. Liu S, Ren S, Quan G, Zhao M, Ren S (2013) Profit aware load balancing for distributed cloud data centers. In: Proceedings of the 27th international symposium on parallel and distributed processing. IEEE, pp. 611–622

  41. Shiraz M, Gani A, Khokhar RH, Buyya R (2013) A review on distributed application processing frameworks in smart mobile devices for mobile cloud computing. IEEE Commun Surv Tutor 15(3):1294–1313

    Google Scholar 

  42. Wu TY, Guizani N, Huang JS (2017) Live migration improvements by related dirty memory prediction in cloud computing. J Netw Comput Appl 90:83–89

    Google Scholar 

  43. Ibrahim KZ, Hofmeyr S, Iancu C, Roman E (2011) Optimized pre-copy live migration for memory intensive applications. In: Proceedings of 2011 international conference for high performance computing, networking, storage and analysis. ACM, pp 1–11

  44. Svärd P, Hudzia B, Tordsson J, Elmroth E (2011) Evaluation of delta compression techniques for efficient live migration of large virtual machines. In: Proceedings of the 7th ACM SIGPLAN/SIGOPS international conference on virtual execution environments. ACM, pp 111–120

  45. Zhu L, Chen J, He Q, Huang D, Wu S (2013) ITC-LM: a smart iteration-termination criterion based live virtual machine migration. In: Proceedings of the IFIP international conference on network and parallel computing. Springer, Berlin, pp 118–129

  46. Riteau P, Morin C, Priol T (2011) Shrinker: improving live migration of virtual clusters over wans with distributed data deduplication and content-based addressing. In: Proceedings of the European conference on parallel processing. Springer, Berlin, pp 431–442

  47. Gonzalez N, Miers C, Redigolo F, Simplicio M, Carvalho T, Näslund M, Pourzandi M (2012) A quantitative analysis of current security concerns and solutions for cloud computing. J Cloud Comput Adv Syst Appl 1(1):11

    Google Scholar 

  48. Jansen WA, Grance T (2011) Guidelines on security and privacy in public cloud computing. NIST Spec Publ 800(144):10–11

    Google Scholar 

  49. Islam T, Manivannan D, Zeadally S (2016) A classification and characterization of security threats in cloud computing. Int J Next Gener Comput 7(1):1071–1081

    Google Scholar 

  50. Wawrzyniak G, El Fray I (2020) New XML signature scheme that is resistant to some attacks. IEEE Access 8:35815–35831

    Google Scholar 

  51. Hassija V, Chamola V, Saxena V, Jain D, Goyal P, Sikdar B (2019) A survey on IoT security: application areas, security threats, and solution architectures. IEEE Access 7:82721–82743

    Google Scholar 

  52. Abdollahi A, Fathi M (2020) An intrusion detection system on ping of death attacks in IoT networks. Wirel Pers Commun 112(4):2057–2070

    Google Scholar 

  53. Bhandari A, Sangal AL, Kumar K (2016) Characterizing flash events and distributed denial-of-service attacks: an empirical investigation. Secur Commun Netw 9(13):2222–2239

    Google Scholar 

  54. Liebeskind JP (1997) Keeping organizational secrets: protective institutional mechanisms and their costs. Ind Corp Chang 6(3):623–663

    Google Scholar 

  55. Alarqan MA, Zaaba ZF, Almomani A (2019) Detection mechanisms of DDoS attack in cloud computing environment: a survey. In: Proceedings of international conference on advances in cyber security. Springer, Singapore, pp 138–152

  56. Bhadauria R, Sanyal S (2012) Survey on security issues in cloud computing and associated mitigation techniques. Int J Comput Appl 47(18):47–66

    Google Scholar 

  57. Hydara I, Sultan ABM, Zulzalil H, Admodisastro N (2015) Current state of research on cross-site scripting (XSS)—a systematic literature review. Inf Softw Technol 58:170–186

    Google Scholar 

  58. Sabahi F (2012) Secure virtualization for cloud environment using hypervisor-based technology. Int J Mach Learn Comput 2(1):39

    Google Scholar 

  59. Lombardi F, Di Pietro R (2011) Secure virtualization for cloud computing. J Netw Comput Appl 34(4):1113–1122

    Google Scholar 

  60. Pearce M, Zeadally S, Hunt R (2013) Virtualization: issues, security threats, and solutions. ACM Comput Surv (CSUR) 45(2):1–39

    Google Scholar 

  61. Win SS, Thwin MMS (2019) Handling the hypervisor hijacking attacks on virtual cloud environment. In: Advances in biometrics. Springer, Cham, pp 25–50

  62. Luo S, Lin Z, Chen X, Yang Z, Chen J (2011) Virtualization security for cloud computing service. In: Proceedings of the international conference on cloud and service computing. IEEE, pp 174–179

  63. Dabrowsk C, Mills K (2011) VM leakage and orphan control in open-source clouds. In: Proceedings of the 3rd international conference on cloud computing technology and science. IEEE, pp 554–559

  64. Yang C, Ye J (2015) Secure and efficient fine-grained data access control scheme in cloud computing. J High Speed Netw 21(4):259–271

    Google Scholar 

  65. Yu S, Wang C, Ren K, Lou W (2010) Achieving secure, scalable, and fine-grained data access control in cloud computing. In: Proceedings of INFOCOM. IEEE, pp 1–9

  66. Wang Y, Wu Q, Qin B, Shi W, Deng RH, Hu J (2016) Identity-based data outsourcing with comprehensive auditing in clouds. IEEE Trans Inf Forensics Secur 12(4):940–952

    Google Scholar 

  67. Tchernykh A, Schwiegelsohn U, Talbi EG, Babenko M (2019) Towards understanding uncertainty in cloud computing with risks of confidentiality, integrity, and availability. J Comput Sci 36:100581

    Google Scholar 

  68. Erway CC, Küpçü A, Papamanthou C, Tamassia R (2015) Dynamic provable data possession. ACM Trans Inf Syst Secur (TISSEC) 17(4):1–29

    Google Scholar 

  69. Thokchom S, Saikia DK (2019) Privacy preserving and public auditable integrity checking on dynamic cloud data. IJ Netw Secur 21(2):221–229

    Google Scholar 

  70. Wu J, Li Y, Wang T, Ding Y (2019) CPDA: a confidentiality-preserving deduplication cloud storage with public cloud auditing. IEEE Access 7:160482–160497

    Google Scholar 

  71. Pitchai R, Babu S, Supraja P, Anjanayya S (2019) Prediction of availability and integrity of cloud data using soft computing technique. Soft Comput 23(18):8555–8562

    Google Scholar 

  72. Chow R, Golle P, Jakobsson M, Shi E, Staddon J, Masuoka R, Molina J (2019) Controlling data in the cloud: outsourcing computation without outsourcing control. In: Proceedings of the workshop on cloud computing security. ACM, pp 85–90

  73. Del Piccolo V, Amamou A, Haddadou K, Pujolle G (2016) A survey of network isolation solutions for multi-tenant data centers. IEEE Commun Surv Tutor 8(4):2787–2821

    Google Scholar 

  74. Factor M, Hadas D, Harnama A, Har'El N, Kolodner EK, Kurmus A, Sorniotti A (2013) Secure logical isolation for multi-tenancy in cloud storage. In: Proceedings of the 29th symposium on mass storage systems and technologies. IEEE, pp 1–5

  75. Bhuyan MH, Kashyap HJ, Bhattacharyya DK, Kalita JK (2014) Detecting distributed denial of service attacks: methods, tools and future directions. Comput J 57(4):537–556

    Google Scholar 

  76. Krishnan D, Chatterjee M (2012) An adaptive distributed intrusion detection system for cloud computing framework. In: Proceedings of the international conference on security in computer networks and distributed systems. Springer, Berlin, pp 466–473

  77. Cha B, Kim J (2011) Study of multistage anomaly detection for secured cloud computing resources in future internet. In: Proceedings of the 9th international conference on dependable, autonomic and secure computing. IEEE, pp 1046–1050

  78. Modi CN, Patel DR, Patel A, Muttukrishnan R (2012) Bayesian classifier and snort based network intrusion detection system in cloud computing. In: Proceedings of the 3rd international conference on computing, communication and networking technologies. IEEE, pp 1–7

  79. Yang L, Zhang T, Song J, Wang JS, Chen P (2012) Defense of DDoS attack for cloud computing. Proc Int Conf Comput Sci Autom Eng IEEE 2:626–629

    Google Scholar 

  80. Jeyanthi N, Barde U, Sravani M, Tiwari V, Iyengar NCSN (2013) Detection of distributed denial of service attacks in cloud computing by identifying spoofed IP. Int J Commun Netw Distrib Syst 11(3):262–279

    Google Scholar 

  81. Kushwah GS, Ranga V (2020) Voting extreme learning machine based distributed denial of service attack detection in cloud computing. J Inf Secur Appl 53:102532

    Google Scholar 

  82. Gupta BB, Badve OP (2017) Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a cloud computing environment. Neural Comput Appl 28(12):3655–3682

    Google Scholar 

  83. Guenane F, Nogueira M, Pujolle G (2014) Reducing DDoS attacks impact using a hybrid cloud-based firewalling architecture. In: Proceedings of the global information infrastructure and networking symposium. IEEE, pp 1–6

  84. Liu H (2010) A new form of DOS attack in a cloud and its avoidance mechanism. In: Proceedings of the ACM workshop on cloud computing security workshop, pp 65–76

  85. Wahab OA, Bentahar J, Otrok H, Mourad A (2015) A survey on trust and reputation models for Web services: Single, composite, and communities. Decis Support Syst 74:121–134

    Google Scholar 

  86. Kaur Chahal J, Bhandari A, Behal S (2019) Distributed denial of service attacks: a threat or challenge. New Rev Inf Netw 24(1):31–103

    Google Scholar 

  87. Douligeris C, Mitrokotsa A (2004) DDoS attacks and defense mechanisms: classification and state-of-the-art. Comput Netw 44(5):643–666

    Google Scholar 

  88. Jia Q, Wang H, Fleck D, Li F, Stavrou A, Powell W (2014) Catch me if you can: a cloud-enabled DDoS defense. In: Proceedings of the 44th annual IEEE/IFIP international conference on dependable systems and networks. IEEE, pp 264–275

  89. Modi C, Patel D, Borisaniya B, Patel H, Patel A, Rajarajan M (2013) A survey of intrusion detection techniques in cloud. J Netw Comput Appl 36(1):42–57

    Google Scholar 

  90. Madan BB, Goševa-Popstojanova K, Vaidyanathan K, Trivedi KS (2004) A method for modeling and quantifying the security attributes of intrusion tolerant systems. Perform Eval 56(1–4):167–186

    Google Scholar 

  91. Osanaiye O, Choo K-KR, Dlodlo M (2016) Distributed denial of service (DDoS) resilience in cloud: review and conceptual cloud DDoS mitigation framework. J Netw Comput Appl 67:147–165

    Google Scholar 

  92. Zekri M, El Kafhali S, Aboutabit N, Saadi Y (2017) DDoS attack detection using machine learning techniques in cloud computing environments. In: Proceedings of the 3rd international conference on cloud computing technologies and applications. IEEE, pp 1–7

  93. Idhammad M, Afdel K, Belouch M (2018) Distributed intrusion detection system for cloud environments based on data mining techniques. Proc Comput Sci 127:35–41

    Google Scholar 

  94. Hajimirzaei B, Navimipour NJ (2019) Intrusion detection for cloud computing using neural networks and artificial bee colony optimization algorithm. ICT Express 5(1):56–59

    Google Scholar 

  95. Aldweesh A, Derhab A, Emam AZ (2020) Deep learning approaches for anomaly-based intrusion detection systems: a survey, taxonomy, and open issues. Knowl-Based Syst 189:105124

    Google Scholar 

  96. Aamir M, Zaidi SMA (2019) DDoS attack detection with feature engineering and machine learning: the framework and performance evaluation. Int J Inf Secur 18(6):761–785

    Google Scholar 

  97. Tuan TA, Long HV, Kumar R, Priyadarshini I, Son NTK (2020) Performance evaluation of Botnet DDoS attack detection using machine learning. Evol Intel 13(2):283–294

    Google Scholar 

  98. Wang M, Lu Y, Qin J (2020) A dynamic MLP-based DDoS attack detection method using feature selection and feedback. Comput Secur 88:101645

    Google Scholar 

  99. Hezavehi SM, Rahmani R (2020) An anomaly-based framework for mitigating effects of DDoS attacks using a third party auditor in cloud computing environments. Clust Comput 23(4):2609–2627

    Google Scholar 

  100. Priyadarshini R, Barik RK (2019) A deep learning based intelligent framework to mitigate DDoS attack in fog environment. J King Saud Univ Comput Inf Sci. https://doi.org/10.1016/j.jksuci.2019.04.010

    Article  Google Scholar 

  101. Habib B, Khurshid F, Dar AH, Shah Z (2019) DDoS mitigation in eucalyptus cloud platform using snort and packet filtering—IP-tables. In: Proceedings of the 4th international conference on information systems and computer networks. IEEE, pp 546–550

  102. Kim H, Kim J, Kim Y, Kim I, Kim KJ (2019) Design of network threat detection and classification based on machine learning on cloud computing. Clust Comput 22(1):2341–2350

    Google Scholar 

  103. Wu M, Song Z, Moon YB (2019) Detecting cyber-physical attacks in cyber manufacturing systems with machine learning methods. J Intell Manuf 30(3):1111–1123

    Google Scholar 

  104. Abusitta A, Bellaiche M, Dagenais M (2018) An SVM-based framework for detecting DoS attacks in virtualized clouds under changing environment. J Cloud Comput 7(1):1–18

    Google Scholar 

  105. Nahmias D, Cohen A, Nissim N, Elovici Y (2020) Deep feature transfer learning for trusted and automated malware signature generation in private cloud environments. Neural Netw 124:243–257

    Google Scholar 

  106. Garg S, Kaur K, Kumar N, Kaddoum G, Zomaya AY, Ranjan R (2019) A hybrid deep learning-based model for anomaly detection in cloud datacenter networks. IEEE Trans Netw Serv Manag 16(3):924–935

    Google Scholar 

  107. Chiba Z, Abghour N, Moussaid K, Rida M (2019) Intelligent approach to build a deep neural network based IDS for cloud environment using combination of machine learning algorithms. Comput Secur 86:291–317

    Google Scholar 

  108. Nguyen KK, Hoang DT, Niyato D, Wang P, Nguyen D, Dutkiewicz E (2018) Cyberattack detection in mobile cloud computing: a deep learning approach. In: Proceedings of the wireless communications and networking conference. IEEE, pp 1–6

  109. Shaaban AR, Abd-Elwanis E, Hussein M (2019) DDoS attack detection and classification via convolutional neural network (CNN). In: Proceedings of the 9th international conference on intelligent computing and information systems. IEEE, pp 233–238

  110. Çalışır S, Atay R, Pehlivanoğlu MK, Duru N (2019) Intrusion detection using machine learning and deep learning techniques. In: Proceedings of the 4th international conference on computer science and engineering. IEEE, pp 656–660

  111. Sethi K, Kumar R, Prajapati N, Bera P (2020) Deep reinforcement learning based intrusion detection system for cloud infrastructure. In: Proceedings of the international conference on communication systems and networks. IEEE, pp 1–6

  112. Catak FO, Mustacoglu AF (2019) Distributed denial of service attack detection using autoencoder and deep neural networks. J Intell Fuzzy Syst 37(3):3969–3979

    Google Scholar 

  113. Prasad KM, Siva VS, Nagamuneiah J, Nelaballi S (2020) An ensemble framework for flow-based application layer DDoS attack detection using data mining techniques. In: ICT analysis and applications. Springer, Singapore, pp 9–19

  114. Mehare V, Thakur RS (2018) Data mining models for anomaly detection using artificial immune system. In: Proceedings of the international conference on recent advancement on computer and communication. Springer, Singapore, pp 425–432

  115. Ashaba AA, Mirembe DP (2018) Data mining based algorithms for intrusion detection systems. Int J Technol Manag 3(2):1–10

    Google Scholar 

  116. Lee W, Stolfo SJ, Mok KW (2000) Adaptive intrusion detection: a data mining approach. Artif Intell Rev 14(6):533–567

    MATH  Google Scholar 

  117. Pietraszek T, Tanner A (2005) Data mining and machine learning-towards reducing false positives in intrusion detection. Inf Secur Tech Rep 10(3):169–183

    Google Scholar 

  118. Garg S, Kaur K, Batra S, Aujla GS, Morgan G, Kumar N, Ranjan R (2020) En-ABC: an ensemble artificial bee colony based anomaly detection scheme for cloud environment. J Parallel Distrib Comput 135:219–233

    Google Scholar 

  119. Kesavamoorthy R, Soundar KR (2019) Swarm intelligence based autonomous DDoS attack detection and defense using multi agent system. Clust Comput 22(4):9469–9476

    Google Scholar 

  120. Kalaivani S, Vikram A, Gopinath G (2019) An effective swarm optimization based intrusion detection classifier system for cloud computing. In: Proceedings of the 5th international conference on advanced computing and communication systems. IEEE, pp 185–188

  121. Chiba Z, Abghour N, Moussaid K, El Omri A, Rida M (2018) A novel architecture combined with optimal parameters for back propagation neural networks applied to anomaly network intrusion detection. Comput Secur 75:36–58

    Google Scholar 

  122. Chiba Z, Abghour N, Moussaid K, El Omri A, Rida M (2019) New anomaly network intrusion detection system in cloud environment based on optimized back propagation neural network using improved genetic algorithm. Int J Commun Netw Inf Secur 11(1):61–84

    Google Scholar 

  123. Zeadally S, Adi E, Baig Z, Khan IA (2020) Harnessing artificial intelligence capabilities to improve cybersecurity. IEEE Access 8:23817–23837

    Google Scholar 

  124. Selvaraj A, Patan R, Gandomi AH, Deverajan GG, Pushparaj M (2019) Optimal virtual machine selection for anomaly detection using a swarm intelligence approach. Appl Soft Comput 84:105686

    Google Scholar 

  125. Chen Z, Jiang F, Cheng Y, Gu X, Liu W, Peng J (2018) XGBoost classifier for DDoS attack detection and analysis in SDN-based cloud. In: Proceedings of the international conference on big data and smart computing. IEEE, pp 251–256

  126. Balamurugan V, Saravanan R (2019) Enhanced intrusion detection and prevention system on cloud environment using hybrid classification and OTS generation. Clust Comput 22(6):13027–13039

    Google Scholar 

  127. Rakotondravony N, Taubmann B, Mandarawi W, Weishäupl E, Xu P, Kolosnjaji B, Reiser HP (2017) Classifying malware attacks in IaaS cloud environments. J Cloud Comput 6(1):26

    Google Scholar 

  128. Alsirhani A, Sampalli S, Bodorik P (2018) DDoS attack detection system: utilizing classification algorithms with Apache spark. In: Proceedings of the 9th IFIP international conference on new technologies, mobility and security. IEEE, pp 1–7

  129. Jia B, Huang X, Liu R, Ma Y (2017) A DDoS attack detection method based on hybrid heterogeneous multiclassifier ensemble learning. J Electr Comput Eng 2017:9

    Google Scholar 

  130. Mahmood HA (2018) Network intrusion detection system (NIDS) in cloud environment based on hidden Naïve Bayes multiclass classifier. Al-Mustansiriyah J Sci 28(2):134–142

    Google Scholar 

  131. Garg S, Kaur K, Kumar N, Batra S, Obaidat MS (2018) HyClass: hybrid classification model for anomaly detection in cloud environment. In: Proceedings of the international conference on communications. IEEE, pp 1–7

  132. Rajendran R, Kumar SS, Palanichamy Y, Arputharaj K (2019) Detection of DoS attacks in cloud networks using intelligent rule based classification system. Clust Comput 22(1):423–434

    Google Scholar 

  133. Alsirhani A, Sampalli S, Bodorik P (2019) DDoS detection system: using a set of classification algorithms controlled by fuzzy logic system in apache spark. IEEE Trans Netw Serv Manag 16(3):936–949

    Google Scholar 

  134. Aldribi A, Traoré I, Moa B, Nwamuo O (2020) Hypervisor-based cloud intrusion detection through online multivariate statistical change tracking. Comput Secur 88:101646

    Google Scholar 

  135. Aborujilah A, Musa S (2017) Cloud-based DDoS HTTP attack detection using covariance matrix approach. J Comput Netw Commun 2017:0140–3664

    Google Scholar 

  136. Al-Hawawreh MS (2017) SYN flood attack detection in cloud environment based on TCP/IP header statistical features. In: Proceedings of the 8th international conference on information technology. IEEE, pp 236–243

  137. Pandey VC, Peddoju SK, Deshpande PS (2018) A statistical and distributed packet filter against DDoS attacks in Cloud environment. Sādhanā 43(3):32

    Google Scholar 

  138. Kholidy HA (2019) Correlation-based sequence alignment models for detecting masquerades in cloud computing. IET Inf Secur 14(1):39–50

    Google Scholar 

  139. Ivannikova E, Zolotukhin M, Hämäläinen T (2017) Probabilistic transition-based approach for detecting application-layer DDOS attacks in encrypted software-defined networks. In: International conference on network and system security. Springer, Cham, pp 531–543

  140. Devi BK, Subbulakshmi T (2019) Cloud-based DDoS attack detection and defence system using statistical approach. Int J Inf Comput Secur 11(4–5):447–475

    Google Scholar 

  141. Mollah MB, Azad MdAK, Vasliakos A (2017) Security and privacy challenges in mobile cloud computing: Survey and way ahead. J Netw Comput Appl 84:38–54

    Google Scholar 

  142. Basu S, Bardhan A, Gupta K, Saha P, Pal M, Bose M, Sarkar P (2018) Cloud computing security challenges and solutions—a survey. In: Proceedings of the 8th annual computing and communication workshop and conference, pp 347–356

  143. Tank D, Aggarwal A, Chaubey N (2019) Virtualization vulnerabilities, security issues, and solutions: a critical study and comparison. Int J Inf Technol. https://doi.org/10.1007/s41870-019-00294-x

    Article  Google Scholar 

  144. Akshaya JMS, Padmavathi G (2019) Taxonomy of security attacks and risk assessment of cloud computing. In: Advances in big data and cloud computing. Springer, Singapore, pp 37–59

  145. Maroc S, Zhang J (2019) Comparative analysis of cloud security classifications, taxonomies, and ontologies. In: Proceedings of the international conference on artificial intelligence and computer science, pp 666–672

  146. Singh KP, Rishiwal V, Kumar P (2018) Classification of data to enhance data security in cloud computing. In: Proceedings of the 3rd international conference on internet of things: smart innovation and usages, pp 1–5

  147. Almutairy NM, Al-Shqeerat KHA, Al Hamad HA (2019) A taxonomy of virtualization security issues in cloud computing environments. Indian J Sci Technol 12(3):1–19

    Google Scholar 

  148. Hussain SA, Fatima M, Saeed A, Raza I, Shahzad RK (2017) Multilevel classification of security concerns in cloud computing. Appl Comput Inf 13(1):57–65

    Google Scholar 

  149. Singh A, Chatterjee K (2017) Cloud security issues and challenges: a survey. J Netw Comput Appl 79:88–115

    Google Scholar 

  150. El Kafhali S, Salah K (2017) Efficient and dynamic scaling of fog nodes for IoT devices. J Supercomput 73(12):5261–5284

    Google Scholar 

  151. Zhang D, Haider F, St-Hilaire M, Makaya C (2019) Model and algorithms for the planning of fog computing networks. IEEE Internet Things J 6(2):3873–3884

    Google Scholar 

  152. Chenthara S, Ahmed K, Wang H, Whittaker F (2019) Security and privacy-preserving challenges of e-Health solutions in cloud computing. IEEE access 7:74361–74382

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Sciences and Techniques, Computer, Networks, Mobility and Modeling Laboratory: IR2M, Hassan First University of Settat, 26000, Settat, Morocco

    Said El Kafhali & Mohamed Hanini

  2. Advanced Science and Technologies Laboratory, Computer Sciences Department, Polydisciplinary Faculty, Abdelmalek Essaadi University, Larache, Morocco

    Iman El Mir

Authors
  1. Said El Kafhali
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Iman El Mir
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mohamed Hanini
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Said El Kafhali.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

El Kafhali, S., El Mir, I. & Hanini, M. Security Threats, Defense Mechanisms, Challenges, and Future Directions in Cloud Computing. Arch Computat Methods Eng 29, 223–246 (2022). https://doi.org/10.1007/s11831-021-09573-y

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11831-021-09573-y

Search

Navigation