On cloud security attacks: A taxonomy and intrusion detection and prevention as a service

Salman Iqbal, Miss Laiha Mat Kiah, Babak Dhaghighi, Muzammil Hussain, Suleman Khan, Muhammad Khurram Khan, Kim-Kwang Raymond Choo

Research output: Contribution to journalReview articlepeer-review

115 Citations (Scopus)

Abstract

Major provisioning of cloud computing is mainly delivered via Software as a Service, Platform as a Service and Infrastructure as a Service. However, these service delivery models are vulnerable to a range of security attacks, exploiting both cloud specific and existing web service vulnerabilities. Taxonomies are a useful tool for system designers as they provide a systematic way of understanding, identifying and addressing security risks. In this research work, Cloud based attacks and vulnerabilities are collected and classify with respect to their cloud models. We also present taxonomy of cloud security attacks and potential mitigation strategies with the aim of providing an in-depth understanding of security requirements in the cloud environment. We also highlight the importance of intrusion detection and prevention as a service.
Original languageEnglish
Pages (from-to)98-120
Number of pages23
JournalJournal of Network and Computer Applications
Volume74
Early online date16 Aug 2016
DOIs
Publication statusPublished - Oct 2016

Fingerprint

Dive into the research topics of 'On cloud security attacks: A taxonomy and intrusion detection and prevention as a service'. Together they form a unique fingerprint.

Cite this