SlideShare ist ein Scribd-Unternehmen logo

Ea33762765

IJERA Editor
IJERA Editor

International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.

TechnologieBusiness
1 von 4
Srinivas Naik, Rajesh Adepu / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 3, May-Jun 2013, pp.762-765 762 | P a g e Focus on Nefarious Behavior threats in Cloud Srinivas Naik*, Rajesh Adepu** *(Department of Computer Science, Princeton College of Engineering, Hyderabad- 501 301) ** (Department of Computer Science, Princeton College of Engineering, Hyderabad – 501 301) ABSTRACT Computing over cloud is emerging into internet space with virtual platform based applications and attracting users with its effortless deployments. This enhanced features of cloud computing has withdrawn attention of intruders and has made prone to threats due to which it has lead to security concerns. As more services migrate to cloud architecture the cloud will become a more appealing target for cyber criminals. This journal discusses current threats to cloud computing as well as summarizing the currently available detection systems for malware in the cloud. Keywords – Cloud threats, Malware, Security, Threat Detection, INTRODUCTION Cloud Computing is emerging as the de facto service model for modern enterprises. Cloud Services such as Apple’s iCloud, and established products, such as Dropbox, have proven that remote storage and seamless access to data across multiple devices are popular features among consumers. In the future we will see an increase in the reliance of cloud computing as more and more consumers move to mobile platforms for their computing needs. Cloud technologies are made possible through the use of virtualization in order to share physical server resources between multiple virtual machines (VMs) and resources as in FIG 1. The advantages of this approach include an increase in the number of clients that can be serviced per physical server and the ability to provide infrastructure as a service (IaaS). Fig 1 Disadvantages include a more complex software stack and a relatively small understanding of security issues. The security issues of regular operating systems (OSs) are well known due to decades of testing and experience in this area. Security breaches now commonly occur at the application level and are less commonly due to a flaw in the OS itself. Exceptions to this are usually due to the inclusion of new features into an OS kernel either to provide new functionality or to support new hardware. Virtualisation is not only subject to the security issues of applications and operating systems, but also introduces new security issues that are not as well understood, such as the sharing of hardware resources between VMs. Clouds themselves are composed of a number of virtualized environments which are networked together. The compact topology of this network and the high probability of relative homogeneity across VMs create an ideal environment for rapid malware propagation. Protecting against malware in the cloud therefore requires a certain level of coordination between virtualized environments if threats are to be reliably detected and dealt with. In this journal we review previous work on malware detection, both conventional and in the presence of virtualization in order to determine the best approach for detection in the cloud. We also argue the benefits of distributing detection throughout the cloud and present a novel approach to coordinating detection across the cloud. Below phases provides background to the research area, specifically: cloud technologies, security in the cloud, malware detection and detection in the cloud. Further phase will focuses on malware detection at the hypervisor level and introduces our work in this area. BACKGROUND A. Cloud Technologies Cloud computing is an umbrella term for services that offer offsite computing and storage. There are three main types of cloud computing: software as a service (SaaS), platform as a service (PaaS) and infrastructure as a service (IaaS). Not all of these require virtualisation, SaaS for example could be implemented as a typical client/server service, but virtualisation allows hardware to be better utilised and enables the infrastructure itself to be hired out, as is the case in IaaS.
Srinivas Naik, Rajesh Adepu / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 3, May-Jun 2013, pp.762-765 763 | P a g e There are various implementations of virtualisation, but they areall built on the concept of virtual machines (VMs). The VMs exist as a virtual computer system and each have their own operating system (OS) and applications. The VMs are managed by a virtual machine monitor (VMM), which is sometimes referred to as a hypervisor. Virtualization products such as VM Ware ESXi, Xen Hypervisor, KVM Hypervisor, etc are examples of bare-metal hypervisors. Another form of virtualization exists at application level within an OS, known as hosted hypervisors. Basically referring it as type-I and type-II hypervisors respectively. Type-I hypervisors are focused in this journal due to their use for cloud services. The cloud itself is usually composed of many physical server machines, or hardware nodes. These nodes each have their own VMM hosting some VMs. There are a number of reasons for having multiple hardware nodes, the first being limited resources. It is important not to run too many VMs on a single hardware node because of the limited size of RAM and disk space available. With more than one physical machine it is possible to load balance based on CPU, RAM or network utilisation. Another reason for multiple hardware nodes is redundancy. If a fault is detected on a server the VMs can be migrated to another server before it goes down. This is achieved in the same way as load balancing, but solves a slightly different problem. B. Security in the Cloud Previous work on cloud security has suggested that there are a number of security issues associated with cloud computing. Below are the following threats to cloud computing: Threat 1: Data Breaches Threat 2: Data Loss or Leakage Threat 3: Account or Service Hijacking Threat 4: Insecure Interfaces and APIs Threat 5: Denial of Service Threat 6: Malicious Insiders Threat 7:Abuse and wicked Use of Cloud Computing Threat 8: Unknown Security Profile Threat 9: Shared Technology Issues Of these, threats 3, 4 and 9 are directly related to malware. Account and Service Hijacking can be targeted by XSS malware for example to perform unauthorized activities. Insecure Interfaces and APIs would allow malware running on one VM to execute code or access data on another VM. Shared Technology Issues include the sharing of physical memory between multiple VMs. This could lead to a new form of worm that, instead of spreading via networks, could spread by writing to the memory owned by another VM. This kind of propagation would be unique to virtualized environments. Few Threats could be indirectly related to malware, for example in the deployment of malware by malicious individuals. Few vulnerabilities fall into Denial of Service (Threat 5) when a specific input gets triggered. Malicious Insiders (Threat 6) is a similar threat, but instead of being customers the malicious individuals are instead employees of the cloud providers. Abuse and Nefarious Use of Cloud Computing (Threat 7) is possible due to the relative anonymity of cloud subscription. Malicious organizations could use cloud space as a platform to launch attacks. Account Hijacking (Threat 3) is a common threat throughout the Internet and would allow malicious individuals to perform similar actions to threats 1 and 4. Threats 2 and 8 are not related to malware and are concerned with data loss, which is a natural occurance in computer systems, and the opacity that is inherent in the cloud. Data Loss or Leakage is exacerbated in virtualised environments because the system as a whole is more complicated than a single OS computer system. Unknown Security Profile is in contrast to in-house servers where the implementation of data storage and networking is known. A customer has no guarantee that the security measures promised by a cloud provider are actually in place; there is a level of opacity that is not an issue in alternatives to the cloud. The below table briefs the level of relevance of existing threats (2013-Q1) Threat Description Current Relevance (%) Data Breaches 91 Data Loss or Leakage 91 AccountorService Hijacking 87 Insecure Interfaces and APIs 90 Denial of Service 81 Malicious Insiders 88 Abuse and wicked Use of Cloud Computing 84 Unknown Security Profile 81 Shared Technology Issues 82 Table. 1 TABLE 1 explores the relevance of threats that has been studied in current quarter. When using software, especially complex software, there is always a risk of an improper implementation or configuration, more so than when using hardware for the same task. Take for example a simple server. The remotely exploitable vulnerabilities are confined to the OS and application software. The same server implemented as a VM is subject to the vulnerabilities of the VMM, OS and applications. It can therefore be assumed that hardware sharing under the management of software is inherently less secure than distinctly separate machines. C. Malware Detection
Srinivas Naik, Rajesh Adepu / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 3, May-Jun 2013, pp.762-765 764 | P a g e Malware detection has been an important issue in computing since the late ’80s. Since then the predominant method of malware detection is to scan a computer system for infection by matching malware signatures to files on the computer. Although detection of known samples is extremely reliable, signature based detection only works for malware that has been obtained, analyzed and a suitable signature identified. It has to be understood that signature based detection can be thwarted by analysing the malware instructions and identifying the instructions that comprise the signature. By altering this specific portion of code it is possible to evade detection; in effect the process takes a known sample and converts it into an unknown sample. Another downside to signature based detection is the maintenance of the signature database. With the constant evolution of malware and the polymorphic nature of many samples it has become necessary to drop old samples from databases. If this practice continues malware samples which have already been identified will become undetectable and will once again become useful to cyber criminals. Other malware detection techniques are available in order to overcome the problems of obfuscation and polymorphism. Instead of scanning for matching signatures it is possible to analyze the behavior of a malware sample and base detection on observation of running processes. There are a variety of ways this could be achieved. One approach is to monitor the process names themselves. Unfamiliar or uncommon processes can be assumed to be malicious until further information can be obtained. Another approach is to base detection on the behavior of the process itself. If a process begins executing instructions that match the behavior of a known malware sample then that process can be considered harmful. Similar techniques can be applied to the monitoring of network activity. If certain addresses or port numbers, or some other features, are present in the traffic directed towards or away from the computer system it can be assumed that malware is either targeting the system or is already running within the system. The downside to both signature and behavior-based detection is that they occur within the OS itself. This gives malware the opportunity to alter the information that is provided to the detection software by the OS. If, for example, the security software polls the OS for a list of running processes it is possible that malware can alter this list so that the malware process itself is not present in the list. The detection software will then have no knowledge of the malware process and the malware will have escaped detection. This behavior is usually associated with rootkits, but could be employed by any malware. To combat, AntiMalware organization offers sandboxing products available in the market. Non-OS processes can be encapsulated in a safe execution environment that monitors for malware using both behaviour-based and signature-based detection. There is, however, no guarantee that malware has not infected the OS prior to installation of the detection software, or that infection could occur due to processes running outside of the sandbox. As long as the detection software exists in the same execution environment as other processes, including malware processes, there is an opportunity for subversion. A better approach would be to perform the detection from outside looking in. D. Detection in the Cloud As mentioned in the previous subsection, detection would be best achieved from outside of the OS. This is possible in clouds because they are built on virtualisation which encapsulates each OS in its own VM. Detection is now possible by executing detection software in a privileged domain within the virtualization environment. There needs to be further step in providing libraries to create monitoring softwares through VM introspection. Detection in the cloud not only enables introspection, it could also improve the reliability of statistics based approaches. Behavioural and anomaly detection techniques are built on statistical analysis and are subject to a level of uncertainty. In an isolated computer system this uncertainty cannot be improved upon because access to additional information is not possible. Detection at the hypervisor level, however, can combine the data from many VMs which has the potential to reduce uncertainty and false positives in any results. Although the solutions for malware detection discussed so far seem promising there is another security risk that is unique to the cloud. The compact network topology of clouds coupled with the likelihood of homogeneous software deployment could allow rapidly propagating malware, such as worms, to propagate even faster and with an increased success rate. This indicates that coordination across the cloud is an important consideration. Not only would a certain level of communication between detection software CONCLUSION In this journal we summarized the security issues facing cloud Computing. It was determined that as well as conventional attack vectors, which are present in operating systems, virtualization also introduces new opportunities for malware writers. These are due to the sharing of physical resources through software mechanisms, which if implemented incorrectly would allow malware to access the memory in other VMs. This could lead to new forms of malware that spread in a worm-
Srinivas Naik, Rajesh Adepu / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 3, May-Jun 2013, pp.762-765 765 | P a g e like way by writing to memory instead of spreading via the network. REFERENCES Journal Papers: [1] Krešimir Popović, Željko Hocenski, “Cloud computing security issues and challenges” Proc. MIPRO 2010, May 24- 28, 2010, Opatija, Croatia. [2] A. Moser, C. Kruegel, and E. Kirda, “Exploring multiple execution paths for malware analysis,” in Security and Privacy, 2007. SP’07. IEEE Symposium on, 2007, pp. 231–245 [3] Shivlal Mewada, Umesh Kumar Singh, Pradeep Sharma, “Security Based Model for Cloud Computing”, IRACST– International Journal of Computer Networks and Wireless Communications (IJCNWC), Vol. 1, No. 1, pp(13-19), December 2011 Proceedings Papers: [4] U. Gurav and R. Shaikh, “Virtualization: a key feature of cloud computing,” in Proceedings of the International Conference and Workshop on Emerging Trends in Technology, 2010, pp. 227–229 [5] A. Dinaburg, P. Royal, M. Sharif, and W. Lee, “Ether: malware analysis via hardware virtualization extensions,” in Proceedings of the 15th ACM conference on Computer and communications security, 2008, pp. 51–62W.J. Book, Modelling design and control of flexible manipulator arms: A tutorial review, Proc. 29th IEEE Conf. on Decision and Control, San Francisco, CA, 1990, 500-506. [6] Meiko Jensen, J¨org Schwenk, Nils Gruschka, Luigi Lo Iacono “ On Technical Security Issues in Cloud Computing” 2009 IEEE International Conference on Cloud Computing

Empfohlen

IRJET- Developing an Algorithm to Detect Malware in Cloud
IRJET- Developing an Algorithm to Detect Malware in CloudIRJET- Developing an Algorithm to Detect Malware in Cloud
IRJET- Developing an Algorithm to Detect Malware in CloudIRJET Journal
 
Investigative analysis of security issues and challenges in cloud computing a...
Investigative analysis of security issues and challenges in cloud computing a...Investigative analysis of security issues and challenges in cloud computing a...
Investigative analysis of security issues and challenges in cloud computing a...IAEME Publication
 
Cloud technology to ensure the protection of fundamental methods and use of i...
Cloud technology to ensure the protection of fundamental methods and use of i...Cloud technology to ensure the protection of fundamental methods and use of i...
Cloud technology to ensure the protection of fundamental methods and use of i...SubmissionResearchpa
 
IRJET- Security Attacks Detection in Cloud using Machine Learning Algorithms
IRJET- Security Attacks Detection in Cloud using Machine Learning AlgorithmsIRJET- Security Attacks Detection in Cloud using Machine Learning Algorithms
IRJET- Security Attacks Detection in Cloud using Machine Learning AlgorithmsIRJET Journal
 
A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingA Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingIRJET Journal
 
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Editor IJCATR
 
Secure intrusion detection and attack measure selection
Secure intrusion detection and attack measure selectionSecure intrusion detection and attack measure selection
Secure intrusion detection and attack measure selectionUvaraj Shan
 
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...IJIR JOURNALS IJIRUSA
 

Empfohlen

IRJET- Developing an Algorithm to Detect Malware in Cloud
IRJET- Developing an Algorithm to Detect Malware in CloudIRJET- Developing an Algorithm to Detect Malware in Cloud
IRJET- Developing an Algorithm to Detect Malware in CloudIRJET Journal
 
Investigative analysis of security issues and challenges in cloud computing a...
Investigative analysis of security issues and challenges in cloud computing a...Investigative analysis of security issues and challenges in cloud computing a...
Investigative analysis of security issues and challenges in cloud computing a...IAEME Publication
 
Cloud technology to ensure the protection of fundamental methods and use of i...
Cloud technology to ensure the protection of fundamental methods and use of i...Cloud technology to ensure the protection of fundamental methods and use of i...
Cloud technology to ensure the protection of fundamental methods and use of i...SubmissionResearchpa
 
IRJET- Security Attacks Detection in Cloud using Machine Learning Algorithms
IRJET- Security Attacks Detection in Cloud using Machine Learning AlgorithmsIRJET- Security Attacks Detection in Cloud using Machine Learning Algorithms
IRJET- Security Attacks Detection in Cloud using Machine Learning AlgorithmsIRJET Journal
 
A Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingA Comparative Review on Data Security Challenges in Cloud Computing
A Comparative Review on Data Security Challenges in Cloud ComputingIRJET Journal
 
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Editor IJCATR
 
Secure intrusion detection and attack measure selection
Secure intrusion detection and attack measure selectionSecure intrusion detection and attack measure selection
Secure intrusion detection and attack measure selectionUvaraj Shan
 
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...IJIR JOURNALS IJIRUSA
 
Advance security in cloud computing for military weapons
Advance security in cloud computing for military weaponsAdvance security in cloud computing for military weapons
Advance security in cloud computing for military weaponsIRJET Journal
 
Ijaprr vol1-1-1-5dr tejinder
Ijaprr vol1-1-1-5dr tejinderIjaprr vol1-1-1-5dr tejinder
Ijaprr vol1-1-1-5dr tejinderijaprr_editor
 
SVAC Firewall Restriction with Security in Cloud over Virtual Environment
SVAC Firewall Restriction with Security in Cloud over Virtual EnvironmentSVAC Firewall Restriction with Security in Cloud over Virtual Environment
SVAC Firewall Restriction with Security in Cloud over Virtual EnvironmentIJTET Journal
 
Cloud computing final show
Cloud computing final showCloud computing final show
Cloud computing final showahmad abdelhafeez
 
Cloud servers-new-risk-considerations
Cloud servers-new-risk-considerationsCloud servers-new-risk-considerations
Cloud servers-new-risk-considerationsAccenture
 
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...Deenuji Loganathan
 
Presentation1 shweta
Presentation1 shweta Presentation1 shweta
Presentation1 shweta swet4
 
SECURITY CONCERNS IN WIRELESS SENSOR NETWORKS
SECURITY CONCERNS IN WIRELESS SENSOR NETWORKSSECURITY CONCERNS IN WIRELESS SENSOR NETWORKS
SECURITY CONCERNS IN WIRELESS SENSOR NETWORKSIAEME Publication
 
Nebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi VerzeNebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi VerzeTUESDAY Business Network
 
A review of security attacks and intrusion detection schemes in wireless sens...
A review of security attacks and intrusion detection schemes in wireless sens...A review of security attacks and intrusion detection schemes in wireless sens...
A review of security attacks and intrusion detection schemes in wireless sens...ijwmn
 
Microsoft Forefront - Security for Communications Server Datasheet
Microsoft Forefront - Security for Communications Server DatasheetMicrosoft Forefront - Security for Communications Server Datasheet
Microsoft Forefront - Security for Communications Server DatasheetMicrosoft Private Cloud
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
IRJET- Survey on Security Threats and Remedies in Cloud Computing
IRJET- Survey on Security Threats and Remedies in Cloud ComputingIRJET- Survey on Security Threats and Remedies in Cloud Computing
IRJET- Survey on Security Threats and Remedies in Cloud ComputingIRJET Journal
 
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...IJNSA Journal
 
Trend micro v2
Trend micro v2Trend micro v2
Trend micro v2JD Sherry
 
Novel Advances in Measuring and Preventing Software Security Weakness: Contin...
Novel Advances in Measuring and Preventing Software Security Weakness: Contin...Novel Advances in Measuring and Preventing Software Security Weakness: Contin...
Novel Advances in Measuring and Preventing Software Security Weakness: Contin...theijes
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud ComputingAshish Patel
 
(Pdf) yury chemerkin _i-society_2013
(Pdf) yury chemerkin _i-society_2013(Pdf) yury chemerkin _i-society_2013
(Pdf) yury chemerkin _i-society_2013STO STRATEGY
 
Bh33345348
Bh33345348Bh33345348
Bh33345348IJERA Editor
 
Dq33705710
Dq33705710Dq33705710
Dq33705710IJERA Editor
 
Fk33964970
Fk33964970Fk33964970
Fk33964970IJERA Editor
 
Ev33889894
Ev33889894Ev33889894
Ev33889894IJERA Editor
 

Weitere ähnliche Inhalte

Was ist angesagt?

Advance security in cloud computing for military weapons
Advance security in cloud computing for military weaponsAdvance security in cloud computing for military weapons
Advance security in cloud computing for military weaponsIRJET Journal
 
Ijaprr vol1-1-1-5dr tejinder
Ijaprr vol1-1-1-5dr tejinderIjaprr vol1-1-1-5dr tejinder
Ijaprr vol1-1-1-5dr tejinderijaprr_editor
 
SVAC Firewall Restriction with Security in Cloud over Virtual Environment
SVAC Firewall Restriction with Security in Cloud over Virtual EnvironmentSVAC Firewall Restriction with Security in Cloud over Virtual Environment
SVAC Firewall Restriction with Security in Cloud over Virtual EnvironmentIJTET Journal
 
Cloud servers-new-risk-considerations
Cloud servers-new-risk-considerationsCloud servers-new-risk-considerations
Cloud servers-new-risk-considerationsAccenture
 
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...Deenuji Loganathan
 
Presentation1 shweta
Presentation1 shweta Presentation1 shweta
Presentation1 shweta swet4
 
SECURITY CONCERNS IN WIRELESS SENSOR NETWORKS
SECURITY CONCERNS IN WIRELESS SENSOR NETWORKSSECURITY CONCERNS IN WIRELESS SENSOR NETWORKS
SECURITY CONCERNS IN WIRELESS SENSOR NETWORKSIAEME Publication
 
A review of security attacks and intrusion detection schemes in wireless sens...
A review of security attacks and intrusion detection schemes in wireless sens...A review of security attacks and intrusion detection schemes in wireless sens...
A review of security attacks and intrusion detection schemes in wireless sens...ijwmn
 
Microsoft Forefront - Security for Communications Server Datasheet
Microsoft Forefront - Security for Communications Server DatasheetMicrosoft Forefront - Security for Communications Server Datasheet
Microsoft Forefront - Security for Communications Server DatasheetMicrosoft Private Cloud
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
IRJET- Survey on Security Threats and Remedies in Cloud Computing
IRJET- Survey on Security Threats and Remedies in Cloud ComputingIRJET- Survey on Security Threats and Remedies in Cloud Computing
IRJET- Survey on Security Threats and Remedies in Cloud ComputingIRJET Journal
 
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...IJNSA Journal
 
Trend micro v2
Trend micro v2Trend micro v2
Trend micro v2JD Sherry
 
Novel Advances in Measuring and Preventing Software Security Weakness: Contin...
Novel Advances in Measuring and Preventing Software Security Weakness: Contin...Novel Advances in Measuring and Preventing Software Security Weakness: Contin...
Novel Advances in Measuring and Preventing Software Security Weakness: Contin...theijes
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud ComputingAshish Patel
 
(Pdf) yury chemerkin _i-society_2013
(Pdf) yury chemerkin _i-society_2013(Pdf) yury chemerkin _i-society_2013
(Pdf) yury chemerkin _i-society_2013STO STRATEGY
 

Was ist angesagt? (18)

Advance security in cloud computing for military weapons
Advance security in cloud computing for military weaponsAdvance security in cloud computing for military weapons
Advance security in cloud computing for military weapons
 
Ijaprr vol1-1-1-5dr tejinder
Ijaprr vol1-1-1-5dr tejinderIjaprr vol1-1-1-5dr tejinder
Ijaprr vol1-1-1-5dr tejinder
 
SVAC Firewall Restriction with Security in Cloud over Virtual Environment
SVAC Firewall Restriction with Security in Cloud over Virtual EnvironmentSVAC Firewall Restriction with Security in Cloud over Virtual Environment
SVAC Firewall Restriction with Security in Cloud over Virtual Environment
 
Cloud computing final show
Cloud computing final showCloud computing final show
Cloud computing final show
 
Cloud servers-new-risk-considerations
Cloud servers-new-risk-considerationsCloud servers-new-risk-considerations
Cloud servers-new-risk-considerations
 
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...
 
Presentation1 shweta
Presentation1 shweta Presentation1 shweta
Presentation1 shweta
 
SECURITY CONCERNS IN WIRELESS SENSOR NETWORKS
SECURITY CONCERNS IN WIRELESS SENSOR NETWORKSSECURITY CONCERNS IN WIRELESS SENSOR NETWORKS
SECURITY CONCERNS IN WIRELESS SENSOR NETWORKS
 
Nebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi VerzeNebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi Verze
 
A review of security attacks and intrusion detection schemes in wireless sens...
A review of security attacks and intrusion detection schemes in wireless sens...A review of security attacks and intrusion detection schemes in wireless sens...
A review of security attacks and intrusion detection schemes in wireless sens...
 
Microsoft Forefront - Security for Communications Server Datasheet
Microsoft Forefront - Security for Communications Server DatasheetMicrosoft Forefront - Security for Communications Server Datasheet
Microsoft Forefront - Security for Communications Server Datasheet
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
 
IRJET- Survey on Security Threats and Remedies in Cloud Computing
IRJET- Survey on Security Threats and Remedies in Cloud ComputingIRJET- Survey on Security Threats and Remedies in Cloud Computing
IRJET- Survey on Security Threats and Remedies in Cloud Computing
 
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...
 
Trend micro v2
Trend micro v2Trend micro v2
Trend micro v2
 
Novel Advances in Measuring and Preventing Software Security Weakness: Contin...
Novel Advances in Measuring and Preventing Software Security Weakness: Contin...Novel Advances in Measuring and Preventing Software Security Weakness: Contin...
Novel Advances in Measuring and Preventing Software Security Weakness: Contin...
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud Computing
 
(Pdf) yury chemerkin _i-society_2013
(Pdf) yury chemerkin _i-society_2013(Pdf) yury chemerkin _i-society_2013
(Pdf) yury chemerkin _i-society_2013
 

Andere mochten auch

Intervencoes do trabalho social
Intervencoes do trabalho socialIntervencoes do trabalho social
Intervencoes do trabalho socialisaias tafulane
 

Andere mochten auch (20)

Bh33345348
Bh33345348Bh33345348
Bh33345348
 
Dq33705710
Dq33705710Dq33705710
Dq33705710
 
Fk33964970
Fk33964970Fk33964970
Fk33964970
 
Ev33889894
Ev33889894Ev33889894
Ev33889894
 
Eu33884888
Eu33884888Eu33884888
Eu33884888
 
Eq33857862
Eq33857862Eq33857862
Eq33857862
 
Intervencoes do trabalho social
Intervencoes do trabalho socialIntervencoes do trabalho social
Intervencoes do trabalho social
 
Fj3110731078
Fj3110731078Fj3110731078
Fj3110731078
 
Fq3111191124
Fq3111191124Fq3111191124
Fq3111191124
 
Fk3110791084
Fk3110791084Fk3110791084
Fk3110791084
 
He3113871392
He3113871392He3113871392
He3113871392
 
Ak34224227
Ak34224227Ak34224227
Ak34224227
 
Bu34437441
Bu34437441Bu34437441
Bu34437441
 
Y34147151
Y34147151Y34147151
Y34147151
 
Hd3312521256
Hd3312521256Hd3312521256
Hd3312521256
 
El33827831
El33827831El33827831
El33827831
 
Ed33777782
Ed33777782Ed33777782
Ed33777782
 
Gr3311701176
Gr3311701176Gr3311701176
Gr3311701176
 
Gw3312111217
Gw3312111217Gw3312111217
Gw3312111217
 
Ef33787793
Ef33787793Ef33787793
Ef33787793
 

Ähnlich wie Ea33762765

A Multi-Level Security for Preventing DDOS Attacks in Cloud Environments
A Multi-Level Security for Preventing DDOS Attacks in Cloud EnvironmentsA Multi-Level Security for Preventing DDOS Attacks in Cloud Environments
A Multi-Level Security for Preventing DDOS Attacks in Cloud Environmentsmlaij
 
Cloud computing challenges and solutions
Cloud computing challenges and solutionsCloud computing challenges and solutions
Cloud computing challenges and solutionsIJCNCJournal
 
Ijaprr vol1-1-1-5dr tejinder
Ijaprr vol1-1-1-5dr tejinderIjaprr vol1-1-1-5dr tejinder
Ijaprr vol1-1-1-5dr tejinderijaprr
 
SECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURESECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTUREacijjournal
 
Challenges and Mechanisms for Securing Data in Mobile Cloud Computing
Challenges and Mechanisms for Securing Data in Mobile Cloud ComputingChallenges and Mechanisms for Securing Data in Mobile Cloud Computing
Challenges and Mechanisms for Securing Data in Mobile Cloud Computingijcnes
 
A Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
A Detailed Analysis of the Issues and Solutions for Securing Data in CloudA Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
A Detailed Analysis of the Issues and Solutions for Securing Data in CloudIOSR Journals
 
Securing Cloud from Cloud Drain
Securing Cloud from Cloud DrainSecuring Cloud from Cloud Drain
Securing Cloud from Cloud DrainEswar Publications
 
Literature Review: Security on cloud computing
Literature Review: Security on cloud computingLiterature Review: Security on cloud computing
Literature Review: Security on cloud computingSuranga Nisiwasala
 
IRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud ComputingIRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud ComputingIRJET Journal
 
IRJET- An Effective Protection on Content based Retrieval in Cloud Storehouse
IRJET- An Effective Protection on Content based Retrieval in Cloud StorehouseIRJET- An Effective Protection on Content based Retrieval in Cloud Storehouse
IRJET- An Effective Protection on Content based Retrieval in Cloud StorehouseIRJET Journal
 
Security in cloud computing kashyap kunal
Security in cloud computing kashyap kunalSecurity in cloud computing kashyap kunal
Security in cloud computing kashyap kunalKashyap Kunal
 
Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...csandit
 
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...cscpconf
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekEr. rahul abhishek
 
Iaetsd cloud computing and security challenges
Iaetsd cloud computing and security challengesIaetsd cloud computing and security challenges
Iaetsd cloud computing and security challengesIaetsd Iaetsd
 
CMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docxCMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docxmccormicknadine86
 

Ähnlich wie Ea33762765 (20)

A Multi-Level Security for Preventing DDOS Attacks in Cloud Environments
A Multi-Level Security for Preventing DDOS Attacks in Cloud EnvironmentsA Multi-Level Security for Preventing DDOS Attacks in Cloud Environments
A Multi-Level Security for Preventing DDOS Attacks in Cloud Environments
 
Cloud computing challenges and solutions
Cloud computing challenges and solutionsCloud computing challenges and solutions
Cloud computing challenges and solutions
 
Ijaprr vol1-1-1-5dr tejinder
Ijaprr vol1-1-1-5dr tejinderIjaprr vol1-1-1-5dr tejinder
Ijaprr vol1-1-1-5dr tejinder
 
SECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURESECURE CLOUD ARCHITECTURE
SECURE CLOUD ARCHITECTURE
 
Security of the Data Secure the Data SASE, CNAPP and CSMA functions
Security of the Data Secure the Data SASE, CNAPP and CSMA functionsSecurity of the Data Secure the Data SASE, CNAPP and CSMA functions
Security of the Data Secure the Data SASE, CNAPP and CSMA functions
 
Challenges and Mechanisms for Securing Data in Mobile Cloud Computing
Challenges and Mechanisms for Securing Data in Mobile Cloud ComputingChallenges and Mechanisms for Securing Data in Mobile Cloud Computing
Challenges and Mechanisms for Securing Data in Mobile Cloud Computing
 
Vertualisation
VertualisationVertualisation
Vertualisation
 
A Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
A Detailed Analysis of the Issues and Solutions for Securing Data in CloudA Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
A Detailed Analysis of the Issues and Solutions for Securing Data in Cloud
 
Securing Cloud from Cloud Drain
Securing Cloud from Cloud DrainSecuring Cloud from Cloud Drain
Securing Cloud from Cloud Drain
 
Literature Review: Security on cloud computing
Literature Review: Security on cloud computingLiterature Review: Security on cloud computing
Literature Review: Security on cloud computing
 
IRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud ComputingIRJET- Detection and Isolation of Zombie Attack under Cloud Computing
IRJET- Detection and Isolation of Zombie Attack under Cloud Computing
 
IRJET- An Effective Protection on Content based Retrieval in Cloud Storehouse
IRJET- An Effective Protection on Content based Retrieval in Cloud StorehouseIRJET- An Effective Protection on Content based Retrieval in Cloud Storehouse
IRJET- An Effective Protection on Content based Retrieval in Cloud Storehouse
 
Security in cloud computing kashyap kunal
Security in cloud computing kashyap kunalSecurity in cloud computing kashyap kunal
Security in cloud computing kashyap kunal
 
Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...Design and implement a new cloud security method based on multi clouds on ope...
Design and implement a new cloud security method based on multi clouds on ope...
 
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
 
Project 3
Project 3Project 3
Project 3
 
Iaetsd cloud computing and security challenges
Iaetsd cloud computing and security challengesIaetsd cloud computing and security challenges
Iaetsd cloud computing and security challenges
 
CMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docxCMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docx
 
N017259396
N017259396N017259396
N017259396
 

Kürzlich hochgeladen

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 

Kürzlich hochgeladen (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 

Ea33762765

  • 1. Srinivas Naik, Rajesh Adepu / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 3, May-Jun 2013, pp.762-765 762 | P a g e Focus on Nefarious Behavior threats in Cloud Srinivas Naik*, Rajesh Adepu** *(Department of Computer Science, Princeton College of Engineering, Hyderabad- 501 301) ** (Department of Computer Science, Princeton College of Engineering, Hyderabad – 501 301) ABSTRACT Computing over cloud is emerging into internet space with virtual platform based applications and attracting users with its effortless deployments. This enhanced features of cloud computing has withdrawn attention of intruders and has made prone to threats due to which it has lead to security concerns. As more services migrate to cloud architecture the cloud will become a more appealing target for cyber criminals. This journal discusses current threats to cloud computing as well as summarizing the currently available detection systems for malware in the cloud. Keywords – Cloud threats, Malware, Security, Threat Detection, INTRODUCTION Cloud Computing is emerging as the de facto service model for modern enterprises. Cloud Services such as Apple’s iCloud, and established products, such as Dropbox, have proven that remote storage and seamless access to data across multiple devices are popular features among consumers. In the future we will see an increase in the reliance of cloud computing as more and more consumers move to mobile platforms for their computing needs. Cloud technologies are made possible through the use of virtualization in order to share physical server resources between multiple virtual machines (VMs) and resources as in FIG 1. The advantages of this approach include an increase in the number of clients that can be serviced per physical server and the ability to provide infrastructure as a service (IaaS). Fig 1 Disadvantages include a more complex software stack and a relatively small understanding of security issues. The security issues of regular operating systems (OSs) are well known due to decades of testing and experience in this area. Security breaches now commonly occur at the application level and are less commonly due to a flaw in the OS itself. Exceptions to this are usually due to the inclusion of new features into an OS kernel either to provide new functionality or to support new hardware. Virtualisation is not only subject to the security issues of applications and operating systems, but also introduces new security issues that are not as well understood, such as the sharing of hardware resources between VMs. Clouds themselves are composed of a number of virtualized environments which are networked together. The compact topology of this network and the high probability of relative homogeneity across VMs create an ideal environment for rapid malware propagation. Protecting against malware in the cloud therefore requires a certain level of coordination between virtualized environments if threats are to be reliably detected and dealt with. In this journal we review previous work on malware detection, both conventional and in the presence of virtualization in order to determine the best approach for detection in the cloud. We also argue the benefits of distributing detection throughout the cloud and present a novel approach to coordinating detection across the cloud. Below phases provides background to the research area, specifically: cloud technologies, security in the cloud, malware detection and detection in the cloud. Further phase will focuses on malware detection at the hypervisor level and introduces our work in this area. BACKGROUND A. Cloud Technologies Cloud computing is an umbrella term for services that offer offsite computing and storage. There are three main types of cloud computing: software as a service (SaaS), platform as a service (PaaS) and infrastructure as a service (IaaS). Not all of these require virtualisation, SaaS for example could be implemented as a typical client/server service, but virtualisation allows hardware to be better utilised and enables the infrastructure itself to be hired out, as is the case in IaaS.
  • 2. Srinivas Naik, Rajesh Adepu / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 3, May-Jun 2013, pp.762-765 763 | P a g e There are various implementations of virtualisation, but they areall built on the concept of virtual machines (VMs). The VMs exist as a virtual computer system and each have their own operating system (OS) and applications. The VMs are managed by a virtual machine monitor (VMM), which is sometimes referred to as a hypervisor. Virtualization products such as VM Ware ESXi, Xen Hypervisor, KVM Hypervisor, etc are examples of bare-metal hypervisors. Another form of virtualization exists at application level within an OS, known as hosted hypervisors. Basically referring it as type-I and type-II hypervisors respectively. Type-I hypervisors are focused in this journal due to their use for cloud services. The cloud itself is usually composed of many physical server machines, or hardware nodes. These nodes each have their own VMM hosting some VMs. There are a number of reasons for having multiple hardware nodes, the first being limited resources. It is important not to run too many VMs on a single hardware node because of the limited size of RAM and disk space available. With more than one physical machine it is possible to load balance based on CPU, RAM or network utilisation. Another reason for multiple hardware nodes is redundancy. If a fault is detected on a server the VMs can be migrated to another server before it goes down. This is achieved in the same way as load balancing, but solves a slightly different problem. B. Security in the Cloud Previous work on cloud security has suggested that there are a number of security issues associated with cloud computing. Below are the following threats to cloud computing: Threat 1: Data Breaches Threat 2: Data Loss or Leakage Threat 3: Account or Service Hijacking Threat 4: Insecure Interfaces and APIs Threat 5: Denial of Service Threat 6: Malicious Insiders Threat 7:Abuse and wicked Use of Cloud Computing Threat 8: Unknown Security Profile Threat 9: Shared Technology Issues Of these, threats 3, 4 and 9 are directly related to malware. Account and Service Hijacking can be targeted by XSS malware for example to perform unauthorized activities. Insecure Interfaces and APIs would allow malware running on one VM to execute code or access data on another VM. Shared Technology Issues include the sharing of physical memory between multiple VMs. This could lead to a new form of worm that, instead of spreading via networks, could spread by writing to the memory owned by another VM. This kind of propagation would be unique to virtualized environments. Few Threats could be indirectly related to malware, for example in the deployment of malware by malicious individuals. Few vulnerabilities fall into Denial of Service (Threat 5) when a specific input gets triggered. Malicious Insiders (Threat 6) is a similar threat, but instead of being customers the malicious individuals are instead employees of the cloud providers. Abuse and Nefarious Use of Cloud Computing (Threat 7) is possible due to the relative anonymity of cloud subscription. Malicious organizations could use cloud space as a platform to launch attacks. Account Hijacking (Threat 3) is a common threat throughout the Internet and would allow malicious individuals to perform similar actions to threats 1 and 4. Threats 2 and 8 are not related to malware and are concerned with data loss, which is a natural occurance in computer systems, and the opacity that is inherent in the cloud. Data Loss or Leakage is exacerbated in virtualised environments because the system as a whole is more complicated than a single OS computer system. Unknown Security Profile is in contrast to in-house servers where the implementation of data storage and networking is known. A customer has no guarantee that the security measures promised by a cloud provider are actually in place; there is a level of opacity that is not an issue in alternatives to the cloud. The below table briefs the level of relevance of existing threats (2013-Q1) Threat Description Current Relevance (%) Data Breaches 91 Data Loss or Leakage 91 AccountorService Hijacking 87 Insecure Interfaces and APIs 90 Denial of Service 81 Malicious Insiders 88 Abuse and wicked Use of Cloud Computing 84 Unknown Security Profile 81 Shared Technology Issues 82 Table. 1 TABLE 1 explores the relevance of threats that has been studied in current quarter. When using software, especially complex software, there is always a risk of an improper implementation or configuration, more so than when using hardware for the same task. Take for example a simple server. The remotely exploitable vulnerabilities are confined to the OS and application software. The same server implemented as a VM is subject to the vulnerabilities of the VMM, OS and applications. It can therefore be assumed that hardware sharing under the management of software is inherently less secure than distinctly separate machines. C. Malware Detection
  • 3. Srinivas Naik, Rajesh Adepu / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 3, May-Jun 2013, pp.762-765 764 | P a g e Malware detection has been an important issue in computing since the late ’80s. Since then the predominant method of malware detection is to scan a computer system for infection by matching malware signatures to files on the computer. Although detection of known samples is extremely reliable, signature based detection only works for malware that has been obtained, analyzed and a suitable signature identified. It has to be understood that signature based detection can be thwarted by analysing the malware instructions and identifying the instructions that comprise the signature. By altering this specific portion of code it is possible to evade detection; in effect the process takes a known sample and converts it into an unknown sample. Another downside to signature based detection is the maintenance of the signature database. With the constant evolution of malware and the polymorphic nature of many samples it has become necessary to drop old samples from databases. If this practice continues malware samples which have already been identified will become undetectable and will once again become useful to cyber criminals. Other malware detection techniques are available in order to overcome the problems of obfuscation and polymorphism. Instead of scanning for matching signatures it is possible to analyze the behavior of a malware sample and base detection on observation of running processes. There are a variety of ways this could be achieved. One approach is to monitor the process names themselves. Unfamiliar or uncommon processes can be assumed to be malicious until further information can be obtained. Another approach is to base detection on the behavior of the process itself. If a process begins executing instructions that match the behavior of a known malware sample then that process can be considered harmful. Similar techniques can be applied to the monitoring of network activity. If certain addresses or port numbers, or some other features, are present in the traffic directed towards or away from the computer system it can be assumed that malware is either targeting the system or is already running within the system. The downside to both signature and behavior-based detection is that they occur within the OS itself. This gives malware the opportunity to alter the information that is provided to the detection software by the OS. If, for example, the security software polls the OS for a list of running processes it is possible that malware can alter this list so that the malware process itself is not present in the list. The detection software will then have no knowledge of the malware process and the malware will have escaped detection. This behavior is usually associated with rootkits, but could be employed by any malware. To combat, AntiMalware organization offers sandboxing products available in the market. Non-OS processes can be encapsulated in a safe execution environment that monitors for malware using both behaviour-based and signature-based detection. There is, however, no guarantee that malware has not infected the OS prior to installation of the detection software, or that infection could occur due to processes running outside of the sandbox. As long as the detection software exists in the same execution environment as other processes, including malware processes, there is an opportunity for subversion. A better approach would be to perform the detection from outside looking in. D. Detection in the Cloud As mentioned in the previous subsection, detection would be best achieved from outside of the OS. This is possible in clouds because they are built on virtualisation which encapsulates each OS in its own VM. Detection is now possible by executing detection software in a privileged domain within the virtualization environment. There needs to be further step in providing libraries to create monitoring softwares through VM introspection. Detection in the cloud not only enables introspection, it could also improve the reliability of statistics based approaches. Behavioural and anomaly detection techniques are built on statistical analysis and are subject to a level of uncertainty. In an isolated computer system this uncertainty cannot be improved upon because access to additional information is not possible. Detection at the hypervisor level, however, can combine the data from many VMs which has the potential to reduce uncertainty and false positives in any results. Although the solutions for malware detection discussed so far seem promising there is another security risk that is unique to the cloud. The compact network topology of clouds coupled with the likelihood of homogeneous software deployment could allow rapidly propagating malware, such as worms, to propagate even faster and with an increased success rate. This indicates that coordination across the cloud is an important consideration. Not only would a certain level of communication between detection software CONCLUSION In this journal we summarized the security issues facing cloud Computing. It was determined that as well as conventional attack vectors, which are present in operating systems, virtualization also introduces new opportunities for malware writers. These are due to the sharing of physical resources through software mechanisms, which if implemented incorrectly would allow malware to access the memory in other VMs. This could lead to new forms of malware that spread in a worm-
  • 4. Srinivas Naik, Rajesh Adepu / International Journal of Engineering Research and Applications (IJERA) ISSN: 2248-9622 www.ijera.com Vol. 3, Issue 3, May-Jun 2013, pp.762-765 765 | P a g e like way by writing to memory instead of spreading via the network. REFERENCES Journal Papers: [1] Krešimir Popović, Željko Hocenski, “Cloud computing security issues and challenges” Proc. MIPRO 2010, May 24- 28, 2010, Opatija, Croatia. [2] A. Moser, C. Kruegel, and E. Kirda, “Exploring multiple execution paths for malware analysis,” in Security and Privacy, 2007. SP’07. IEEE Symposium on, 2007, pp. 231–245 [3] Shivlal Mewada, Umesh Kumar Singh, Pradeep Sharma, “Security Based Model for Cloud Computing”, IRACST– International Journal of Computer Networks and Wireless Communications (IJCNWC), Vol. 1, No. 1, pp(13-19), December 2011 Proceedings Papers: [4] U. Gurav and R. Shaikh, “Virtualization: a key feature of cloud computing,” in Proceedings of the International Conference and Workshop on Emerging Trends in Technology, 2010, pp. 227–229 [5] A. Dinaburg, P. Royal, M. Sharif, and W. Lee, “Ether: malware analysis via hardware virtualization extensions,” in Proceedings of the 15th ACM conference on Computer and communications security, 2008, pp. 51–62W.J. Book, Modelling design and control of flexible manipulator arms: A tutorial review, Proc. 29th IEEE Conf. on Decision and Control, San Francisco, CA, 1990, 500-506. [6] Meiko Jensen, J¨org Schwenk, Nils Gruschka, Luigi Lo Iacono “ On Technical Security Issues in Cloud Computing” 2009 IEEE International Conference on Cloud Computing