Literature Search The primary focus of behind the literature search is to research about the latest trends in the log analysis based monitoring tools of cloud which also provides the features for forensics ability. We list below our analysis of different papers we read which pertains information related to our topic. We have analyzed various tools and techniques available, which are doing log analysis on a cloud. The motive of which is to create a novel log based private cloud analysis build with the help of OpenStack cloud operating system. The paper ‘Cloud Computing Log Forensics- The new frontier’ talks about the complication when forensics is applied to the cloud.[1] Since there is no one to one mapping in cloud and …show more content…
The paper proposes solutions to the aforementioned issues in a very detailed manner. The paper ‘Log file 's centralization to improve cloud security’ proposes a centralized, secure and comprehensive architecture for log-based analysis for cloud computing platform [3]. It suggests the use of logs generated by cloud due to different activities performed, defining the policies of which log file should be kept and which files must be transferred, and reporting of the attacks and threats and attacks based on the analysis of these logs. Algorithms like map-reduce are applied which can report about the patterns which can lead to attacks based on comparison with the stored values. Updating the policies based on the new findings during the analysis of the logs files. The paper ‘Event Correlation for Log Analysis in the Cloud’ proposes an approach for correlating different log based events so that these logs can be segregated [4]. It uses Infrastructure-as-a-service (IaaS) like OpenStack and through various correlation condition like Attribute-Based Correlation, Conjunctive Correlation, and Disjunctive Correlation and through this correlation criteria are set. Once policies for correlating events are defined, association rule mining can be applied to the log data. Based on the mining, classification and clustering of the events can be done which can later be used for detection of attacks and abnormalities in the system. The paper ‘Secure logging
Cloud Forensics combines cloud computing and digital forensics. It is concerned with computer forensics with some consideration to network/intrusion forensics. Computer forensic focus on using procedures to create audit trails based on the residing data. Network forensic focus on analyzing network traffic and gathering information by monitoring that traffic to extract or collect information that might be considered a possible evidence. Intrusion forensic is concerned with investigating possible intrusions to computers or networks [4] [5].
The scope of this memorandum is to develop a research project on the subject of cloud computing security and specifically the innovative ways developers are trying to secure data in the cloud. I will briefly describe the current cloud computing security structure and discuss measurement protocols that have been developed recently in order to test and measure the effectiveness of cloud security (Yesilyurt, et al.,
This section of paper includes why we need cloud computing as a security control tool against the cyber criminal activities and in how many ways it can be implemented. As we are living in a technical era, many aspects of our lives rely on the Internet and computers, including transportation, communications, government, medicine, finance and education. Consider how much of our personal information is stored either on our own computer or on someone else’s system.
Over the past several years the term cloud computing has become common in homes and organizations alike. Cloud computing can be defined as a pooled set of computing resources that are furnished via the internet. There are three types of cloud services typically available, these services are Platform as a Service (PaaS), Infrastructure as a Service (IaaS), and Software as a Service (SaaS). Organizations can benefit greatly from cloud services because they eliminate the need to buy and manage physical resources. Although such an action cuts cost it leaves organization victim to the vulnerabilities and threats that exist in cloud computing. Throughout this paper I will discuss the vulnerabilities and threats that come
Threats endanger some essential security prerequisites in a cloud. These threats have large privacy breach, data leakage and unapproved information access at various cloud layers. Cloud computing is an adaptable, practical, and demonstrated conveyance stage for giving business or buyer IT administrations over the Web. Cloud computing influences numerous innovations it additionally acquires their security issues, which we talk about here, recognizing the primary vulnerabilities in this sort of frameworks and the most imperative threats found in the writing identified with Cloud computing and its surroundings and also to distinguish and relate vulnerabilities and threats with conceivable arrangements.
When computer services are offered physically, users have access to the resources that computers use. The services include network, storage and operating system. The term cloud computing refers to the offering of such services over the internet. Many companies charge money for their offered cloud services while others don’t. Cyber-forensic investigations have been affected by cloud computing since the beginning of the cloud. Computer Forensics is based on the investigation of crimes or policy breaches that are done through the examination of electronics and computers and other storage devices. This paper seeks to access the impact of cloud computing and storage on cyber-forensic investigations.
© 2010 Cloud Security Alliance. All rights reserved. You may download, store, display on your computer, view, print, and link to the Cloud Security Alliance “Top Threats to Cloud Computing” at http://www.cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf subject to the following: (a) the Guidance may be used solely for your personal, informational, non-commercial use; (b) the Guidance may not be modified or altered in any way; (c) the
Considering both the gains and harms related to the cloud world, Cloud Security Alliance(CSA) has set some cloud security standards throughout the industry. The report “Treacherous 12 - Top Threats” is an important research artifact done by the CSA. Though there are
On the security concern of the cloud is data mining based privacy attack that involves analyzing data over a long period to extract valuable information of the client without client concern. Privacy violation of the client may cause when the unauthorized access to cloud by the outsider attack or cloud provider. Now a days there are many techniques comes where a user can extract large value of data. Cloud provider also uses that techniques like google uses the techniques to learn client behavior and result according to it. Data mining is now a days become a potential treat in cloud computing .these techniques eases the work of unauthorized attacker to access the data and they use data mining techniques to extraxt the data from the cloud.
Computer services are normally offered physically. Here the user of the computer can have access to the resources that the computer use. The resources includes network, storage and operating system. The term cloud computing refers to the offering of such services over the internet. Many companies offer cloud services and in turn charge for the service that they offer, while others don’t. Cyber-forensic investigations have been affected by cloud computing since the beginning of the cloud. Computer Forensics is based on the investigation of crimes or policy breaches that are done through the examination of electronics and computers and other storage devices. This paper seeks to access the impact of cloud computing and storage on
One of the main reasons to deliver security and privacy for the data in cloud computing is, as it utilizes distributed resources in an unsecured location or environment to allocate their services among people that belong to different organizations [1]. Enlargement in cloud adoption rates will result in increased computing security problems [2]. The greatest terror of cloud clients is that, most of the companies are not relaxed or comfortable accumulating their data and applications on systems that exists outside of their own assumed data centers [3]. Increased security of potential unwarranted approach and discovery to customer’s personal information is caused by relocating workloads to a distributed infrastructure. Data security and privacy protection issues are relevant to both hardware and software in the cloud architecture. This study is to review different security challenges and solutions for protecting data in the cloud and also aims at enhancing the data security and privacy protection for the trustworthy cloud environment. In this paper, we made a research analysis of an overview of security and privacy levels in secure provisioning and composition, about the interfaces which are been provided to user throughout the data storage and recovery and backup techniques which have been developed in the cloud p province where the data of the clients can be backed up[4]
Usage of remote servers via internet to store, manage and process data instead of using a personal computer is known as Cloud computing. It’s a set of Information Technology services with the ability to scale up or down their service requirements. Most of the cloud services are provided by a third party service provider. In cloud computing, organizations can utilize IT services without in advance investment. Despite its benefits obtained from the cloud computing, the organizations are slow in accepting it due to security issues and challenges. Security is one of the major problems which hinder the growth of cloud. It’s not wise to handing over the important data to another company; such that clients need to be vigilant in understanding the risks of data infringement in this new environment. This paper discusses a detailed analysis of the cloud computing security issues and challenges. (Ayoleke)
The following covers an overview of cloud computing monitoring systems. In section I, a definition of cloud computing is provided, and the three models for cloud computing that are in existence toady along with their essential features. In section II, I look at cloud computing monitoring systems and an overview of their common features. Section III, covers some of the third party tools that may used in monitoring system. Section IV, gives a few examples of some of the monitoring systems that are being used as well as some insight into their designs and implementation. Lastly section V, covers a brief look at computing in the past and how cloud computing monitoring might be in the coming future.
With the growing of technology and people around the world using the internet more often, the cloud is becoming more popular than ever before. The United States National Institute of Standards and Technology has defined cloud computing as follows: "Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction [1]." There are many uses of the cloud but the main uses people use the cloud for is to host websites, store documents, and to stream TV shows and movies. With all this new flooding of the cloud computing network, the dependability of cloud computing systems have come into question for all cloud service providers, consumers, and brokers around the world. Fig. 1 is just one example of the growth of cloud computing of a single company.
Big data has become enduring as cost effective approaches have emerged to five V’s in Big Data, the five V’s are: high Volume, high Velocity, high Variety, Veracity and Value of information. Within this data lie valuable patterns and information previously hidden because of the amount of work required extract them. In the era of technology the commodity hardware, cloud architechers and open source software bring Big data processing into the reach of the less well resourced. Big data processing is the eminently feasible even the small garage startups, who can cheaply rent server time in the cloud. The frame work to process and analyze stored Big data is named Hadoop. HDFS in Hadoop is used to store the data and Map Reduce is the tool to process the data. Hadoop ecosystem (including Pig, Hive, Mahout, and Hadoop), stream mining, complex-event processing, and NoSQL databases are enabling the analysis of large-scale, heterogeneous datasets at unprecedented scales and speeds. These technologies are transforming security analytics by facilitating the storage, maintenance, and analysis of security information. For instance, the WINE platform [1] and Bot-Cloud [2] allow the use of Map Reduce to efficiently process data for security analysis. Earlier Security Information and Event Management (SIEM)[3] tools were not developed