Abstract
Today cloud technologies and their applications are implementing in various ICT infrastructures. It has led to increased attention to the problems of cyber threats, the growth of which is inseparably linked with the growth of ICT. In this paper the analysis of the existing models, systems and methods for cyber threats detection was carried out for their disadvantages defining. A model of cloud service has been developed; it allows to ensure the security of cloud service based on cloud computing and conduct appropriate simulations. Improved method for cyber threats detection has been developed, it allows to detect cyber threats in cloud services and classify them. The developed method was experimentally investigated using NSL-KDD data base as well as simulation tools RStudio and CloudSim. It was proved the correctness of its work and the possibility of application in cloud services as well as increase efficiency of cloud system security by 48.02%. In addition, a cloud service model has been developed that can be used to build cloud services based on the various cloud computing architecture. In the future, based on the proposed method and model, appropriate tools for detecting and classifying cyber threats in cloud services can be developed. It is significant because it can be autonomous functional unit of SIEM as well as other instrumental tools of CSIRT/SOC.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Abidar, R., Moummadi, K., Moutaouakkil, F., Medromi, H.: Intelligent and pervasive supervising platform for information system security based on multi-agent systems. Int. Rev. Comput. Softw. 10(1), 44–51 (2015)
Ivanov, A.: Security as main pain of the cloud computing, Online access mode. http://www.cnews.ru/reviews/free/saas/articles/articles12.shtml
Active security for advanced threats counteraction, Online access mode. http://www.itsec.ru/articles2/target/aktivnaya-zaschita-kak-metod-protivodeystviya-prodvinutym-kiberugrozam
The 6 Major Cyber Security Risks to Cloud Computing, Online access mode. http://www.adotas.com/2017/08/the-6-major-cyber-security-risks-to-cloud-computing/
Google Security Whitepaper for Google Cloud Platform, Online access mode. https://habrahabr.ru/post/183168/
Dokas, P., Ertoz, L., Kumar, V.: Data mining for network intrusion detection. Recent Adv. Intrusion Detect. 15(78), 21–30 (2014)
Ahmed, P.: An intrusion detection and prevention system in cloud computing: a systematic review. J. Netw. Comput. Appl. 11, 1–18 (2016)
Anderson, J.P.: Computer security threat monitoring and surveillance. Tech. Rep. Contract 36, 179–185 (1982)
Carl, G., Kesidis, G., Brooks, R.R., Rai, S.: Denial-of-service attack-detection techniques. Internet Comput. IEEE 10, 82–89 (2006)
Hu, Z., Gnatyuk, V., Sydorenko, V., et al.: Method for cyberincidents network-centric monitoring in critical information infrastructure”. Int. J. Comput. Netw. Inf. Secur. 9(6), 30–43 (2017). https://doi.org/10.5815/ijcnis.2017.06.04
Chatzigiannakis, V., Androulidakis, G., Maglaris, B.: A Distributed Intrusion Detection Prototype Using Security Agents, HP OpenView University Association, pp. 14–25 (2004)
Abraham, T.: IDDM: intrusion detection using data mining techniques. DSTO Electron. Surveill. Res. Lab. 9, 30–39 (2001)
Zaliskyi, M., Odarchenko, R., Gnatyuk, S., Petrova, Y., Chaplits, A.: Method of traffic monitoring for DDoS attacks detection in e-health systems and networks. In: CEUR Workshop Proceedings, 20186, vol. 2255, pp. 193–204 (2018)
Chouhan, M.: Adaptive detection technique for cache-based side channel attack using bloom filter for secure cloud. Conf. Comput. Inf. Sci. 1, 293–297 (2016)
Zhengbing, H., Gnatyuk, S., Koval, O., Gnatyuk, V., Bondarovets, S.: Anomaly detection system in secure cloud computing environment. Int. J. Comput. Netw. Inf. Secur. 9(4), 10–21 (2017). https://doi.org/10.5815/ijcnis.2017.04.02
Li, H.-H., Wu, C.-L.: Study of network access control system featuring collaboratively interacting network security components. Int. Rev. Comput. Softw. 8(2), 527–532 (2013)
Dilek, S., Çakır, H., Aydın, M.: Applications of artificial intelligence techniques to combating cyber crimes: a review. Int. J. Artif. Intell. Appl. 6(1), 21–39 (2015)
How Big Data Can Improve Cyber Security, Online access mode. https://csce.ucmss.com/cr/books/2017/LFS/CSREA2017/ABD3239.pdf
Kirichenko, L.: Cyber threats detection using social networks analysis. Int. J. Inf. Technol. Knowl. 11, 23–32 (2017)
Cisco creates self-defending networks for cyber threats detection, Online access mode. https://nag.ru/news/newsline/30762/v-cisco-sozdayut-samooboronyayuschuyusya-set-dlya-vyiyavleniya-kiberugroz.html
Xiaohua, Y.: Early detection of cyber security threats using structured behavior modeling. ACM Trans. Inf. Syst. Secur. 5, 10–35 (2013)
Methods for deep analytics to counteract of modern threats, Online access mode. http://bis-expert.ru/sites/default/files/archives/2016/bis9_konovalov.pdf
Sakr, M.M., Tawfeeq, M.A., El-Sisi, A.B.: An efficiency optimization for network intrusion detection system. Int. J. Comput. Netw. Inf. Secur. (IJCNIS) 11(10), 1–11 (2019). https://doi.org/10.5815/ijcnis.2019.10.01
Pat. No WO2015159287. System and method for cyber threats detection; author Malachi Y.; Accessed 22 October 2015
Hassan, Z., Odarchenko, R., Gnatyuk, S., et al.: Detection of distributed denial of service attacks using snort rules in cloud computing & remote control systems. In: Proceedings of the 2018 IEEE 5th Intern. Conf. on Methods and Systems of Navigation and Motion Control, 16–18 October 2018. Kyiv, Ukraine, pp. 283–288 (2018)
Byrski, A., Carvalho, M.: Agent-based immunological intrusion detection system for mobile ad-hoc networks. In: Bubak, M., van Albada, G.D., Dongarra, J., Sloot, P.M.A. (eds.) ICCS 2008. LNCS, vol. 5103, pp. 584–593. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-69389-5_66
Zhang, Z.: Hide: a hierarchical network intrusion detection system using statistical preprocessing and neural network classification. IEEE Workshop Inf. Assur. Secur. 16, 85–90 (2001)
Pat. No US20020038430 A1. System and method of data collection, processing, analysis, and annotation for monitoring cyber-threats and the notification thereof to subscribers; authors Charles Ed., Samuel M., Roger N., Daniel O.; Accessed 23 March 2012
Pat. No US9749343B2. System and method of cyber threat structure mapping and application to cyber threat mitigation; authors John P, Frederick D., Henry P., Keane M.; Accessed 4 March 2013
Arora, I.S., Bhatia, G.K., Singh, A.P.: Comparative analysis of classification algorithms on KDD’99 data set. Int. J. Comput. Netw. Inf. Secur. (IJCNIS) 8(9), 34–40 (2016). https://doi.org/10.5815/ijcnis.2016.09.05
Buyya, R., Ranjan, R., Calheiros, R.: Modeling and simulation of scalable cloud computing environments and the CloudSim toolkit: Challenges and opportunities. In: International Conference on High Performance Computing Simulation USA, IEEE, pp. 1–11 (2009)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Hu, Z., Gnatyuk, S., Akhmetov, B., Simakhin, V., Ospanova, D., Akatayev, N. (2021). Method for Cyber Threats Detection and Identification in Modern Cloud Services. In: Hu, Z., Petoukhov, S., Dychka, I., He, M. (eds) Advances in Computer Science for Engineering and Education IV. ICCSEEA 2021. Lecture Notes on Data Engineering and Communications Technologies, vol 83. Springer, Cham. https://doi.org/10.1007/978-3-030-80472-5_28
Download citation
DOI: https://doi.org/10.1007/978-3-030-80472-5_28
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-80471-8
Online ISBN: 978-3-030-80472-5
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)