TY - JOUR
T1 - On cloud security attacks
T2 - A taxonomy and intrusion detection and prevention as a service
AU - Iqbal, Salman
AU - Mat Kiah, Miss Laiha
AU - Dhaghighi, Babak
AU - Hussain, Muzammil
AU - Khan, Suleman
AU - Khan, Muhammad Khurram
AU - Raymond Choo, Kim-Kwang
PY - 2016/10
Y1 - 2016/10
N2 - Major provisioning of cloud computing is mainly delivered via Software as a Service, Platform as a Service and Infrastructure as a Service. However, these service delivery models are vulnerable to a range of security attacks, exploiting both cloud specific and existing web service vulnerabilities. Taxonomies are a useful tool for system designers as they provide a systematic way of understanding, identifying and addressing security risks. In this research work, Cloud based attacks and vulnerabilities are collected and classify with respect to their cloud models. We also present taxonomy of cloud security attacks and potential mitigation strategies with the aim of providing an in-depth understanding of security requirements in the cloud environment. We also highlight the importance of intrusion detection and prevention as a service.
AB - Major provisioning of cloud computing is mainly delivered via Software as a Service, Platform as a Service and Infrastructure as a Service. However, these service delivery models are vulnerable to a range of security attacks, exploiting both cloud specific and existing web service vulnerabilities. Taxonomies are a useful tool for system designers as they provide a systematic way of understanding, identifying and addressing security risks. In this research work, Cloud based attacks and vulnerabilities are collected and classify with respect to their cloud models. We also present taxonomy of cloud security attacks and potential mitigation strategies with the aim of providing an in-depth understanding of security requirements in the cloud environment. We also highlight the importance of intrusion detection and prevention as a service.
KW - Cloud computing
KW - Taxonomy
KW - Security attacks
KW - Intrusion detection
U2 - 10.1016/j.jnca.2016.08.016
DO - 10.1016/j.jnca.2016.08.016
M3 - Review article
SN - 1084-8045
VL - 74
SP - 98
EP - 120
JO - Journal of Network and Computer Applications
JF - Journal of Network and Computer Applications
ER -