Abstract
Cloud technologies and their applications are implementing in various ICT infrastructures. Today cyber threats mitigation in clouds is hot topic and it has scientific interest. Authors analyzed cyber threats detection methods and defined their disadvantages. Next, model of cloud service was proposed and it allows to ensure the cyber security of cloud services. An improved method for cyber threats detection has been developed, it allows to detect cyber threats in cloud services and classify them. The developed method was experimentally investigated using the NSL-KDD database as well as simulation tools RStudio and CloudSim. It was proved the correctness of its work and the possibility of application in cloud services as well as increase efficiency of cloud system security. Cyber Incidents Response System has been developed that can be used to build cloud services based on the various cloud computing architecture. It is significant because it can be the autonomous functional unit of cyber incident response system or other instrumental cybersecurity tools.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Abidar, R., Moummadi, K., Moutaouakkil, F., Medromi, H.: Intelligent and pervasive supervising platform for information system security based on multi-agent systems. Int. Rev. Comput. Softw. 10(1), 44–51 (2015)
Ivanov, A.: Security as main pain of the cloud computing, Online access mode. http://www.cnews.ru/reviews/free/saas/articles/articles12.shtml
Active security for advanced threats counteraction, Online access mode. http://www.itsec.ru/articles2/target/aktivnaya-zaschita-kak-metod-protivodeystviya-prodvinutym-kiberugrozam
The 6 Major Cyber Security Risks to Cloud Computing, Online access mode. http://www.adotas.com/2017/08/the-6-major-cyber-security-risks-to-cloud-computing/
Google Security Whitepaper for Google Cloud Platform, Online access mode. https://habrahabr.ru/post/183168/
Dokas, P., Ertoz, L., Kumar, V.: Data mining for network intrusion detection. Recent Adv. Intrusion Detect. 15(78), 21–30 (2014)
Ahmed, P.: An intrusion detection and prevention system in cloud computing: a systematic review. J. Netw. Comput. Appl. 11, 1–18 (2016)
Iavich, M., Gnatyuk, S., Odarchenko, R., Bocu, R., Simonov, S.: The novel system of attacks detection in 5G. In: Barolli, L., Woungang, I., Enokido, T. (eds.) AINA 2021. LNNS, vol. 226, pp. 580–591. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-75075-6_47
Carl, G., Kesidis, G., Brooks, R.R., Rai, S.: Denial-of-service attack-detection techniques. Internet Comput. IEEE 10, 82–89 (2006)
Hu, Z., et al.: Statistical techniques for detecting cyberattacks on computer networks based on an analysis of abnormal traffic behavior. Int. J. Comput. Netw. Inf. Secur. 12(6), 1–13 (2020)
Chatzigiannakis, V., Androulidakis, G., Maglaris, B.: A Distributed Intrusion Detection Prototype Using Security Agents, HP OpenView University Association, pp. 14–25 (2004)
Berdibayev, R., Gnatyuk, S., Yevchenko, Y., Kishchenko, V.: A concept of the architecture and creation for SIEM system in critical infrastructure. In: Zaporozhets, A., Artemchuk, V. (eds.) Systems, Decision and Control in Energy II. SSDC, vol. 346, pp. 221–242. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-69189-9_13
Zaliskyi, M., Odarchenko, R., Gnatyuk, S., Petrova, Y., Chaplits, A.: Method of traffic monitoring for DDoS attacks detection in e-health systems and networks. CEUR Workshop Proceedings, 20186, vol. 2255, pp. 193–204
Dilek, S., Çakır, H., Aydın, M.: Applications of artificial intelligence techniques to combating cyber crimes: a review. Int. J. Artif. Intell. Appl. 6(1), 21–39 (2015)
How Big Data Can Improve Cyber Security, Online access mode. https://csce.ucmss.com/cr/books/2017/LFS/CSREA2017/ABD3239.pdf
Kirichenko, L.: Cyber threats detection using social networks analysis. Int. J. Inf. Technol. Knowl. 11, 23–32 (2017)
Charles, E., Samuel, M., Roger, N., et al.: Pat. № US20020038430 A1. System and method of data collection, processing, analysis, and annotation for monitoring cyber-threats and the notification thereof to subscribers (2012)
John, P., Frederick, D., Henry, P., et al.: Pat. № US9749343B2. System and method of cyber threat structure mapping and application to cyber threat mitigation (2013)
Chouhan, M.: Adaptive detection technique for cache-based side channel attack using Bloom Filter for secure cloud. Conf. Comput. Inf. Sci. 1, 293–297 (2016)
Sakr, M.M., Tawfeeq, M.A., El-Sisi, A.B.: An Efficiency optimization for network intrusion detection system. Int. J. Comput. Netw. Inf. Secur. 11(10), 1–11 (2019). https://doi.org/10.5815/ijcnis.2019.10.01
Byrski, A., Carvalho, M.: Agent-based immunological intrusion detection system for mobile ad-hoc networks. In: Bubak, M., van Albada, G.D., Dongarra, J., Sloot, P.M.A. (eds.) ICCS 2008. LNCS, vol. 5103, pp. 584–593. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-69389-5_66
Zhang, Z.: Hide: a hierarchical network intrusion detection system using statistical preprocessing and neural network classification. IEEE Workshop Inf. Assur. Secur. 16, 85–90 (2001)
Arora, I.S., Bhatia, G.K., Singh, A.P.: Comparative analysis of classification algorithms on KDD’99 data set. Int. J. Comput. Netw. Inf. Secur. 8(9), 34–40 (2016). https://doi.org/10.5815/ijcnis.2016.09.05
Hassan, Z., Odarchenko, R., Gnatyuk, S. et al.: Detection of distributed denial of service attacks using snort rules in cloud computing & remote control systems. In: Proceedings of the 2018 IEEE 5th International Conference on Methods and Systems of Navigation and Motion Control, October 16–18, pp. 283–288. Kyiv, Ukraine (2018)
Acknowledgment
This research study was conducted with support of research grant № AP06851243 “Methods, models and tools for security events and incidents management for detecting and preventing cyber attacks on critical infrastructures of digital economics” (2020–2022), funded by Ministry of Digital Development, Innovation and Aerospace Industry of the Republic of Kazakhstan.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Gnatyuk, S., Berdibayev, R., Smirnova, T., Avkurova, Z., Iavich, M. (2021). Cloud-Based Cyber Incidents Response System and Software Tools. In: Lopata, A., Gudonienė, D., Butkienė, R. (eds) Information and Software Technologies. ICIST 2021. Communications in Computer and Information Science, vol 1486. Springer, Cham. https://doi.org/10.1007/978-3-030-88304-1_14
Download citation
DOI: https://doi.org/10.1007/978-3-030-88304-1_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-88303-4
Online ISBN: 978-3-030-88304-1
eBook Packages: Computer ScienceComputer Science (R0)