Visible to the public Multi-Level Proactive Security Auditing for Clouds

TitleMulti-Level Proactive Security Auditing for Clouds
Publication TypeConference Paper
Year of Publication2019
AuthorsMajumdar, Suryadipta, Tabiban, Azadeh, Mohammady, Meisam, Oqaily, Alaa, Jarraya, Yosr, Pourzandi, Makan, Wang, Lingyu, Debbabi, Mourad
Conference Name2019 IEEE Conference on Dependable and Secure Computing (DSC)
Keywordscloud computing, Cloud Security, cloud tenant protection, data protection, formal verification, Human Behavior, Multi-Level Security, multilevel proactive security auditing system, proactive auditing, pubcrawl, Resiliency, runtime cloud security auditing, Scalability, security auditing, Security Audits, security of data, security policy verification
AbstractRuntime cloud security auditing plays a vital role in mitigating security concerns in a cloud. However, there currently does not exist a comprehensive solution that can protect a cloud tenant against the threats rendered from the multiple levels (e.g., user, virtual, and physical) of the cloud design. Furthermore, most of the existing solutions suffer from slow response time and require significant manual efforts. Therefore, a simple integration of the existing solutions for different levels is not a practical solution. In this paper, we propose a multilevel proactive security auditing system, which overcomes all the above-mentioned limitations. To this end, our main idea is to automatically build a predictive model based on the dependency relationships between cloud events, proactively verify the security policies related to different levels of a cloud by leveraging this model, and finally enforce those policies on the cloud based on the verification results. Our experiments using both synthetic and real data show the practicality and effectiveness of this solution (e.g., responding in a few milliseconds to verify each level of the cloud).
Citation Keymajumdar_multi-level_2019