Advertisement

On some artificial intelligence methods and technologies for cloud-computing protection

  • A. A. Grusho
  • M. I. Zabezhailo
  • A. A. Zatsarinnyi
  • V. O. Piskovskii
General Section
  • 128 Downloads

Abstract

An overview of data-mining technologies used in applied information security systems is presented. The focus is made on a new and actively developing trend, cloud-computing media (including the socalled fog computing). The status and promising opportunities of using artificial intelligence models and methods to solve information security problems are also discussed.

Keywords

artificial intelligence data mining cloud computing information security mathematical models and methods 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Reese, G., Cloud Application Architectures: Building Applications and Infrastructure in the Cloud, O’Reilly Media, 2009.Google Scholar
  2. 2.
    The Doctrine of Information Security of the Russian Federation. http://www.scrf.gov.ru/documents/6/5. html.Google Scholar
  3. 3.
    Fog Computing and the Internet of Things: Extend the Cloud to Where the Things Are. White paper. CISCO, 2015. http://www.cisco.com/c/dam/en_us/solutions/trends/iot/docs/computing-overview.pdf.Google Scholar
  4. 4.
    Open Fog Consortium. http://www.openfogconsortium. org/.Google Scholar
  5. 5.
    Open Fog Consortium. White Papers. http://www. openfogconsortium.org/resources/#white-papers.Google Scholar
  6. 6.
    McKendrick, J., Fog computing: A new IoT architecture?, RT Insight. http://www.rtinsights.com/what-isfog- computing-open-consortium/.Google Scholar
  7. 7.
    Bulanov, K., The media learned about Russian bank losing 100 million rubles after cyber attack, RBK, Dec. 1,2016. http://www.rbc.ru/finances/01/12/2016/583f7b749a79477669f0f916?from=main.Google Scholar
  8. 8.
    Koshkarov, A., Hackers stole more than 1 billion rubles from banks within half a year, RBK, July 19,2016. http://www.rbc.ru/finances/19/07/2016/578e222d9a794700144a8d80?from=main.Google Scholar
  9. 9.
    Sberbank: Hackers steal most, Vesti-Ekon., Oct. 6, 2016. http://www.vestifinance.ru/articles/71772.Google Scholar
  10. 10.
    Goryacheva, V., Sberbank will be protected on-line, Kommersant, Nov. 29,2016. http://www.kommersant.ru/doc/3155975?utm_source=kommersant&utm_medium=finance&utm_campaign=four.Google Scholar
  11. 11.
    Gref, G.O., Evolve or die out. (Speech at the 3rd Annual Convention of Graduates of the Skolkovo Business School, May 24, 2016). http://trends.skolkovo.ru/2016/05/evolyutsioniruy-ili-vyimresh-german-gref-nakonvente-vyipusknikov-skolkovo/.Google Scholar
  12. 12.
    Legg, S. and Hutter, M., A Collection of Definitions of Intelligence. Technical Report. IDSIA-07-07, June 15, 2007. https://arxiv.org/pdf/0706.3639.pdf.Google Scholar
  13. 13.
    Legg, S. and Hutter, M, Universal intelligence: A definition of machine intelligence, Minds Mach., 2007, vol. 17, no. 4, pp. 391–444. http://www.vetta.org/documents/legg-hutter-2007-universal-intelligence.pdf.CrossRefGoogle Scholar
  14. 14.
    Grusho, A.A., Zabezhailo, M.I., Zatsarinnyi, A.A., Piskovskii, V.O., and Borokhov, S.V, On the potential applications of data mining for information security provision of cloud-based environments, Autom. Doc. Math. Linguist., 2015, vol. 49, no. 6, pp. 193–201.CrossRefGoogle Scholar
  15. 15.
    Security Guidance Working Group. https://cloudsecurityalliance.org/group/security-guidance/.Google Scholar
  16. 16.
    Solutions for Protecting against Security Threats from CSA. https://habrahabr.ru/post/183168/.Google Scholar
  17. 17.
    Selection of organizations to perform work and provide services in the development of the Single Cross-Channel Fraud Detection System for the needs of PAO Sberbank. PURCHASE #31503176509. http://zakupki. gov.ru/223/purchase/public/purchase/info/common-info. html?noticeInfoId=5302472.Google Scholar
  18. 18.
    Top Threats to Cloud Computing V1.0. Cloud Security Alliance. 2010. http://www.cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf.Google Scholar
  19. 19.
    The Treacherous Twelve 'Cloud Computing Top Threats in 2016. Cloud Security Alliance, Feb. 29, 2016. https://cloudsecurityalliance.org/group/top-threats/#_downloads.Google Scholar
  20. 20.
    Top Threats to Cloud Computing. Update 2016-2017. Cloud Security Alliance, Dec. 4, 2016. https://cloudsecurityalliance. org/group/top-threats/#_downloads.Google Scholar
  21. 21.
    Threats of Cloud Computing and Methods of Their Protection, PVSM.RU, ITNews. http://www.pvsm.ru/virtualizatsiya/36437/print/.Google Scholar
  22. 22.
    Software Defined Networks. http://habrahabr.ru/company/muk/blog/251959/.Google Scholar
  23. 23.
    ETSI: Network Function Virtualization. http://www.etsi.org/technologies-clusters/technologies/nfv.Google Scholar
  24. 24.
    The Internet2 Community: Enabling the Future. http://www.internet2.edu/.Google Scholar
  25. 25.
    GENI: Exploring Networks of the Future. http://www.geni.net.Google Scholar
  26. 26.
    Miklashevskaya, A., Internet of Things can be deadly dangerous, Kommersant, Dec. 11,2016. http://www.kommersant.ru/doc/3168591?utm_source=kommersant&utm_medium=tech&utm_campaign=four.Google Scholar
  27. 27.
    SubCommTech and SubCMT Examine Recent Cyber Attacks. The Energy and Commerce Committee (114th Congress). Press Release, Nov. 16, 2016. https://energycommerce.house.gov/news-center/pressreleases/subcommtech-and-subcmt-examine-recentcyber- attacks.Google Scholar
  28. 28.
    Mell, P. and Grance, T., The NIST Definition of Cloud Computing. http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf.Google Scholar
  29. 29.
    Jansen, W. and Grance, T., Guidelines on Security and Privacy in Public Cloud Computing. NIST SP800-144. http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-144.pdf.Google Scholar
  30. 30.
    NIST Cloud Computing Security Reference Architecture. http://www.nist.gov/sites/default/files/documents/itl/cloud/NIST_SP-500-291_Version-2_2013_June18_ FINAL.pdf.Google Scholar
  31. 31.
    Scarfone, K. and Mell, P., Guide to Intrusion Detection and Prevention Systems (IDPS). NIST Special Publication 800-94. Revision 1, 2012. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.259.5143&rep=rep1&type=pdf.Google Scholar
  32. 32.
    Khramtsovskaya, N.A., Standards and Guidelines for Using Cloud Computing. http://www.eos.ru/upload/Information%20Management_13-03_12-21.pdf.Google Scholar
  33. 33.
    ISO/IEC 27040:2015: Information Technology—Security Techniques—Storage Security. http://www.iso.org/obp/ui/#iso:std:iso-iec:27040:ed-1:v1:en.Google Scholar
  34. 34.
    Draft GOST (State Standard) RXXXXX-20XX: Information Protection. Requirements for the Protection of Information Processed Using the Technology of Cloud Computing. General Provisions. http://docs.cntd.ru/document/1200102839.Google Scholar
  35. 35.
    Cisco ASR 9000 DDoS Protection Solution. http://www.cisco.com/c/en/us/solutions/service-provider/service-provider-security-solutions/asr-9000-ddosprotection- solution.html.Google Scholar
  36. 36.
    Kader, M., Network Attacks. http://lagman-join. narod.ru/spy/CNEWS/cisco_attacks.html.Google Scholar
  37. 37.
    Classification of Network Attacks, CISCO, June 20, 2005. http://www.internet-technologies.ru/articles/article_237.html.Google Scholar
  38. 38.
    Intel Cloud Security Platform. http://itnews.com.ua/60064.html.Google Scholar
  39. 39.
    Anley, C., Heasman, J., Linder, F., and Richarte, G., The Shellcoder’s Handbook. Discovering and Exploiting Security Holes, Indianapolis: Wiley Publ., 2007.Google Scholar
  40. 40.
    Vulnerabilities in Remote Desktop Could Allow Remote Code Execution, Microsoft Security TechCenter, Microsoft Security Bulletin ms12-020—Critical. http://technet.microsoft.com/enus/security/bulletin/ms12-020.Google Scholar
  41. 41.
    Vulnerability in Oracle Java Runtime Environment Could Allow Remote Code Execution, Multi-State Information Sharing and Analysis Center. https://msisac.cisecurity.org/advisories/2013/2013-041.cfm.Google Scholar
  42. 42.
    CVE Details. Security Vulnerabilities Published in 2013. http://www.cvedetails.com/vulnerability-list.php.Google Scholar
  43. 43.
    Rashid, F.Y, The dirty dozen: 12 cloud security threats, InfoWorld (IDG), Mar. 11, 2016. http://www.infoworld. com/article/3041078/security/the-dirty-dozen-12-cloudsecurity- threats.html.Google Scholar
  44. 44.
    World's most used penetration testing software, Rapid7' s Metasploit. http://www.metasploit.com.Google Scholar
  45. 45.
    Rapid7: Accelerating ITInsight. http://www.rapid7. com/company/index.php.Google Scholar
  46. 46.
    Sun, E. and Haley, P., 2015 Incident Detection and Response Survey Results, Boston (MA): Rapid7. http://www.rapid7.com/company/resources/incidentdetection- response-survey.php.Google Scholar
  47. 47.
    Borisenko, K.A, Methods and model of organization of protection of virtualized computer networks of distributed cloud computing environments against network attacks, Cand. Sci. (Eng.) Dissertation, St. Petersburg: LETI, 2016. http://www.eltech.ru/assets/files/nauka/dissertacii/2016/Borisenko/Dissertaciya-Borisenko.pdf.Google Scholar
  48. 48.
    Borisenko, K., Rukavitsyn, A., Gurtov, A., and Shorov, A, Detecting the origin of DDoS attacks in OpenStack cloud platform using data mining techniques, Internet Things, Smart Spaces, Next Gener. Networks Syst., 2016, pp. 303–315.CrossRefGoogle Scholar
  49. 49.
    Kholod, I., Petuhov, I., and Kapustin, N, Creation of data mining cloud service on the actor mode, Internet Things, Smart Spaces, Next Gener. Networks Syst., 2015, no. 9247, pp. 585–599.CrossRefGoogle Scholar
  50. 50.
    Petukhov, I.V, Representation of algorithms for data mining and their implementation in distributed environments based on the model of actors, Cand. Sci. (Eng.) Dissertation, St. Petersburg: LETI, 2016. http://www. eltech.ru/assets/files/nauka/dissertacii/2016/Petuhov/Dissertaciya_Petuhov.pdf.Google Scholar
  51. 51.
    Gaivoronskaya, S.A., Investigation of methods for detecting shellcodes in high-speed data channels, Cand. Sci. (Eng.) Dissertation, Moscow: Moscow State University,2014. https://cs.msu.ru/sites/cmc/files/theses/gaivoronski-diss.pdf.Google Scholar
  52. 52.
    Gaivoronski, S. and Gamayunov, D, Hide and seek: Worms digging at the internet backbones and edges, Proceedings of the 7th Spring/Summer Young Researchers’ Colloquium on Software Engineering (SYRCoSE 2013), Kazan, 2013, pp. 94–107.Google Scholar
  53. 53.
    Kramarov, L.S. and Babenko, L.K, Detection of network attacks and selection of countermeasures in cloud systems, Izv. YuFU, Tekh. Nauki, 2013, no. 12(149), pp. 94–101.Google Scholar
  54. 54.
    Varghese, G., Resolving oracle 8i problems with changes in hardware, Papers from the Proceedings of the 17th NACCQ 2004, Mann, S. and Clear, C., Eds.,2004, pp. 452–454.Google Scholar
  55. 55.
    Revilak, S., O’Neil, P., and O’Neil, E, Precisely serializable snapshot isolation, Proceedings of the 2011 IEEE 27th International Conference on Data Engineering, IEEE, 2011, pp. 482–493.CrossRefGoogle Scholar
  56. 56.
    Eswaran, P., Gray, J., Lorie, R., and Traiger, I, The notions of consistency and predicate locks in a database system, Commun. ACM, 1976, vol. 19, no. 11, pp. 624–633.MathSciNetCrossRefzbMATHGoogle Scholar
  57. 57.
    Bernstein, P.A., Hadzilacos, V., and Goodman, N., Concurrency Control and Recovery in Database Systems, Reading, MA: Addison-Wesley, 1987.Google Scholar
  58. 58.
    O’Neil, P., Database: Principles, Programming, Performance, San-Francisco, CA: Morgan Kaufmann Publ., 1994.zbMATHGoogle Scholar
  59. 59.
    Conolly, T. M. and Begg, C.E., Database Systems. A Practical Approach to Design, Implementation, and Management, Reading, MA,US: Addison-Wesley,1999, 2nd ed.Google Scholar
  60. 60.
    Berenson, H., Bernstein, P., Gray, J., Melton, J., O’Neil, E., and O’Neil, P., A critique of ANSI SQL isolation levels, Proc. 1995 ACM SIGMOD International Conference on Management of Data, New York: ACM, 1995, pp. 1–10.Google Scholar
  61. 61.
    Reitblatt, R., Foster, N., Rexford, J., and Walker, D., Consistent updates for software-defined networks: Change you can believe in!, HOTNETS '11,2011, no. 7, pp. 1–6.Google Scholar
  62. 62.
    Reitblatt, M., Foster, N., Rexford, J., Schlesinger, C., and Walker, D, Abstractions for network update, Proc. Assoc. for Compt. Mach. SIGCOMM Conf., 2012, pp. 323–334.Google Scholar
  63. 63.
    McGeer, R., A correct, zero-overhead protocol for network updates, Proc. of the 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, 2013, pp. 161–162. http://conferences.sigcomm.org/sigcomm/2013/papers/hotsdn/p161.pdf.CrossRefGoogle Scholar
  64. 64.
    McGeer, R, Declarative verifiable SDI specifications, IEEE Security and Privacy Workshops, 2016, pp. 198–203. http://spw16.langsec.org/papers/mcgeer-verifiable-sdi-specs.pdf.Google Scholar
  65. 65.
    Grusho, A.A., Zabezhailo, M.I., Zatsarinnyi, A.A., and Piskovskii, V.O, Secure automatic reconfiguration of cloud computing environments, Sist. Sredstva Inf., 2016, vol. 26, no. 3, pp. 83–92.Google Scholar
  66. 66.
    Grusho, A.A., Zabezhailo, M.I., and Zatsarinnyi, A.A, Control and management of information flows in the cloud environment, Inf. Primen., 2015, vol. 9, no. 4, pp. 95–101.Google Scholar
  67. 67.
    Grusho, A.A., Zabezhailo, M.I., and Zatsarinnyi, A.A, One method of reducing computations in the formation of Galois closures, Inf. Primen., 2016, vol. 10, no. 4, pp. 97–106.Google Scholar
  68. 68.
    Volkov, V.A, Analysis of threats and methods of protection of cloud services, Molodii Vchenii, 2015, no. 12(27), pp. 38–43. http://molodyvcheny.in.ua/files/journal/2015/12/05.pdf.Google Scholar
  69. 69.
    Emel'yanova, Yu.G. and Fralenko, V.P, Analysis of problems and prospects for the creation of an intelligent system for detecting and preventing network attacks on cloud computing, Program. Sist.: Teor. Prilozh., 2011, no. 4(8), pp. 17–31.Google Scholar
  70. 70.
    Snort. http://www.snort.org.Google Scholar
  71. 71.
    Talalaev, A.A., Tishchenko, I.P., Khachumov, V.M., and Fralenko, V.P, Development of a neural network monitoring module for abnormal network activity, Neirokomp’yut.: Razrab. Primen., 2011, no. 7, pp. 32–38.Google Scholar
  72. 72.
    Fifth ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. http://kdd.ics. uci.edu/databases/kddcup99/kddcup99.html.Google Scholar
  73. 73.
    Hadamard, J., Sur les problèmes aux dérivéespartielles et leur signification physique, 1902, pp. 49–52.Google Scholar
  74. 74.
    Tikhonov, A.N, On the stability of inverse problems, Dokl. AN SSSR, 1943, vol. 39, no. 5, pp. 195–198.MathSciNetGoogle Scholar
  75. 75.
    Tikhonov, A.N., Correct and ill-posed problems, in The Great Soviet Encyclopedia, Prokhorov, A.M., Ed., Moscow: Sovetskaya entsiklopediya,1969, 3rd ed.Google Scholar
  76. 76.
    Ashby, W.R., An Introduction to Cybernetics, Martino Fine Books, 2015.zbMATHGoogle Scholar
  77. 77.
    Turing, A.M, Computing machinery and intelligence, Mind, 1950, vol. 59, pp. 433–460.MathSciNetCrossRefGoogle Scholar

Copyright information

© Allerton Press, Inc. 2017

Authors and Affiliations

  • A. A. Grusho
    • 1
  • M. I. Zabezhailo
    • 1
  • A. A. Zatsarinnyi
    • 1
  • V. O. Piskovskii
    • 2
  1. 1.Federal Research Center Informatics and ControlRussian Academy of SciencesMoscowRussia
  2. 2.Applied Research Center for Computer NetworksMoscowRussia

Personalised recommendations