A study of threat detection systems and techniques in the cloud

Pamela Carvallo; Ana R. Cavalli; Natalia Kushik

doi:10.1007/978-3-319-76687-4_10

A study of threat detection systems and techniques in the cloud

Pamela Carvallo
, Ana R. Cavalli
, Natalia Kushik

Université Paris-Saclay
Montimage

Résultats de recherche: Le chapitre dans un livre, un rapport, une anthologie ou une collection › Contribution à une conférence › Revue par des pairs

Résumé

This paper presents a study of existing threat detection techniques in cloud computing, together with an experimental evaluation of a subset of them. We consider the threats defined in the Cloud Security Alliance (CSA) report as well as the techniques for their detection, starting from classical signature-based approaches and finishing with recent machine learning based techniques. This paper also contains an analysis of original results presented in international conferences, published as journal papers, Internet resources, and standards. The main contributions of the study include: 1. providing a closer relationship between top threats in cloud computing and known detection techniques; 2. evaluating existing detection techniques concerning cloud computing principles and security challenges nowadays; and 3. reviewing commonly utilized datasets and their association with threats in the last five years. As existing detection techniques tend to target specific threats (or their groups), we also present the experimental evaluation of the applicability of known detection approaches against non-targeted threat groups.

langue originale	Anglais
titre	Risks and Security of Internet and Systems - 12th International Conference, CRiSIS 2017, Revised Selected Papers
rédacteurs en chef	Nora Cuppens, Frederic Cuppens, Axel Legay, Jean-Louis Lanet, Joaquin Garcia-Alfaro
Editeur	Springer Verlag
Pages	140-155
Nombre de pages	16
ISBN (imprimé)	9783319766867
Les DOIs	https://doi.org/10.1007/978-3-319-76687-4_10
état	Publié - 1 janv. 2018
Modification externe	Oui
Evénement	12th International Conference on Risks and Security of Internet and Systems, CRiSIS 2017 - Dinard, France Durée: 19 sept. 2017 → 21 sept. 2017

Série de publications

Nom	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	10694 LNCS
ISSN (imprimé)	0302-9743
ISSN (Electronique)	1611-3349

Une conférence

Une conférence	12th International Conference on Risks and Security of Internet and Systems, CRiSIS 2017
Pays/Territoire	France
La ville	Dinard
période	19/09/17 → 21/09/17

Accès au document

10.1007/978-3-319-76687-4_10

Autres fichiers et liens

Lien vers la publication dans Scopus

Contient cette citation

Carvallo, P., Cavalli, A. R., & Kushik, N. (2018). A study of threat detection systems and techniques in the cloud. Dans N. Cuppens, F. Cuppens, A. Legay, J.-L. Lanet, & J. Garcia-Alfaro (eds.), Risks and Security of Internet and Systems - 12th International Conference, CRiSIS 2017, Revised Selected Papers (p. 140-155). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol 10694 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-76687-4_10

Carvallo, Pamela ; Cavalli, Ana R. ; Kushik, Natalia. / A study of threat detection systems and techniques in the cloud. Risks and Security of Internet and Systems - 12th International Conference, CRiSIS 2017, Revised Selected Papers. Editeur / Nora Cuppens ; Frederic Cuppens ; Axel Legay ; Jean-Louis Lanet ; Joaquin Garcia-Alfaro. Springer Verlag, 2018. p. 140-155 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{035c90d7da1348d097f3e87f2ed57c8d,

title = "A study of threat detection systems and techniques in the cloud",

abstract = "This paper presents a study of existing threat detection techniques in cloud computing, together with an experimental evaluation of a subset of them. We consider the threats defined in the Cloud Security Alliance (CSA) report as well as the techniques for their detection, starting from classical signature-based approaches and finishing with recent machine learning based techniques. This paper also contains an analysis of original results presented in international conferences, published as journal papers, Internet resources, and standards. The main contributions of the study include: 1. providing a closer relationship between top threats in cloud computing and known detection techniques; 2. evaluating existing detection techniques concerning cloud computing principles and security challenges nowadays; and 3. reviewing commonly utilized datasets and their association with threats in the last five years. As existing detection techniques tend to target specific threats (or their groups), we also present the experimental evaluation of the applicability of known detection approaches against non-targeted threat groups.",

keywords = "Cloud computing, Cloud-related threats, Detection systems, Security",

author = "Pamela Carvallo and Cavalli, \{Ana R.\} and Natalia Kushik",

note = "Publisher Copyright: {\textcopyright} Springer International Publishing AG, part of Springer Nature 2018.; 12th International Conference on Risks and Security of Internet and Systems, CRiSIS 2017 ; Conference date: 19-09-2017 Through 21-09-2017",

year = "2018",

month = jan,

day = "1",

doi = "10.1007/978-3-319-76687-4\_10",

language = "English",

isbn = "9783319766867",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "140--155",

editor = "Nora Cuppens and Frederic Cuppens and Axel Legay and Jean-Louis Lanet and Joaquin Garcia-Alfaro",

booktitle = "Risks and Security of Internet and Systems - 12th International Conference, CRiSIS 2017, Revised Selected Papers",

}

Carvallo, P, Cavalli, AR & Kushik, N 2018, A study of threat detection systems and techniques in the cloud. Dans N Cuppens, F Cuppens, A Legay, J-L Lanet & J Garcia-Alfaro (eds), Risks and Security of Internet and Systems - 12th International Conference, CRiSIS 2017, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), VOL. 10694 LNCS, Springer Verlag, p. 140-155, 12th International Conference on Risks and Security of Internet and Systems, CRiSIS 2017, Dinard, France, 19/09/17. https://doi.org/10.1007/978-3-319-76687-4_10

A study of threat detection systems and techniques in the cloud. / Carvallo, Pamela; Cavalli, Ana R.; Kushik, Natalia.
Risks and Security of Internet and Systems - 12th International Conference, CRiSIS 2017, Revised Selected Papers. Ed. / Nora Cuppens; Frederic Cuppens; Axel Legay; Jean-Louis Lanet; Joaquin Garcia-Alfaro. Springer Verlag, 2018. p. 140-155 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol 10694 LNCS).

Résultats de recherche: Le chapitre dans un livre, un rapport, une anthologie ou une collection › Contribution à une conférence › Revue par des pairs

TY - GEN

T1 - A study of threat detection systems and techniques in the cloud

AU - Carvallo, Pamela

AU - Cavalli, Ana R.

AU - Kushik, Natalia

N1 - Publisher Copyright: © Springer International Publishing AG, part of Springer Nature 2018.

PY - 2018/1/1

Y1 - 2018/1/1

N2 - This paper presents a study of existing threat detection techniques in cloud computing, together with an experimental evaluation of a subset of them. We consider the threats defined in the Cloud Security Alliance (CSA) report as well as the techniques for their detection, starting from classical signature-based approaches and finishing with recent machine learning based techniques. This paper also contains an analysis of original results presented in international conferences, published as journal papers, Internet resources, and standards. The main contributions of the study include: 1. providing a closer relationship between top threats in cloud computing and known detection techniques; 2. evaluating existing detection techniques concerning cloud computing principles and security challenges nowadays; and 3. reviewing commonly utilized datasets and their association with threats in the last five years. As existing detection techniques tend to target specific threats (or their groups), we also present the experimental evaluation of the applicability of known detection approaches against non-targeted threat groups.

AB - This paper presents a study of existing threat detection techniques in cloud computing, together with an experimental evaluation of a subset of them. We consider the threats defined in the Cloud Security Alliance (CSA) report as well as the techniques for their detection, starting from classical signature-based approaches and finishing with recent machine learning based techniques. This paper also contains an analysis of original results presented in international conferences, published as journal papers, Internet resources, and standards. The main contributions of the study include: 1. providing a closer relationship between top threats in cloud computing and known detection techniques; 2. evaluating existing detection techniques concerning cloud computing principles and security challenges nowadays; and 3. reviewing commonly utilized datasets and their association with threats in the last five years. As existing detection techniques tend to target specific threats (or their groups), we also present the experimental evaluation of the applicability of known detection approaches against non-targeted threat groups.

KW - Cloud computing

KW - Cloud-related threats

KW - Detection systems

KW - Security

UR - https://www.scopus.com/pages/publications/85043989152

U2 - 10.1007/978-3-319-76687-4_10

DO - 10.1007/978-3-319-76687-4_10

M3 - Conference contribution

AN - SCOPUS:85043989152

SN - 9783319766867

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 140

EP - 155

BT - Risks and Security of Internet and Systems - 12th International Conference, CRiSIS 2017, Revised Selected Papers

A2 - Cuppens, Nora

A2 - Cuppens, Frederic

A2 - Legay, Axel

A2 - Lanet, Jean-Louis

A2 - Garcia-Alfaro, Joaquin

PB - Springer Verlag

T2 - 12th International Conference on Risks and Security of Internet and Systems, CRiSIS 2017

Y2 - 19 September 2017 through 21 September 2017

ER -

Carvallo P, Cavalli AR, Kushik N. A study of threat detection systems and techniques in the cloud. Dans Cuppens N, Cuppens F, Legay A, Lanet JL, Garcia-Alfaro J, rédacteurs en chef, Risks and Security of Internet and Systems - 12th International Conference, CRiSIS 2017, Revised Selected Papers. Springer Verlag. 2018. p. 140-155. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-76687-4_10

A study of threat detection systems and techniques in the cloud

Résumé

Série de publications

Une conférence

Accès au document

Autres fichiers et liens

Empreinte digitale

Contient cette citation