Outline of the Proposed Topic of Research

Name of the candidateMeera GID Number2013P !P"10 Place of Research #or$ % Or&ani'ation(IT) Pilani* DetailsNameDr. Research
Audit and monitoring methodologies for secure IaaS cloud infrastructures.

+derabad ,ampusProposed )uper-isor +derabad ,ampus1. Proposed Topic of

Geetha$umari/ualificationPh.D.Desi&nation0ssistant

ProfessorOr&ani'ation(IT) Pilani*

2. Ob1ecti-es of the Proposed Research

aProvide secure provenance mechanisms for data items across organizational boundaries within the cloud. bDevise solutions for bridging the semantic gap between VMs and VMMs, considering scalabilit issues for cloud environments. cDevelop evidence correlation techni!ues for addressing distributed nature of attac"s.

2e+3ords Securit , Secure Provenance, Semantic gap, Virtual Machine Introspection, #vidence correlation

3. (ac$&round of the Proposed Research

Introduction $loud computing, is an emerging computing paradigm aiming to share storage, computation, and services transparentl among a massive users, that has recentl gathered great momentum from not onl industr but also academia. According to the %ational Institute of Standards and &echnolog

'%IS&(, $loud computing is a model for enabling ubi!uitous, convenient, on)demand networ" access to a shared pool of configurable computing resources 'e.g., networ"s, servers, storage, applications, and services( that can be rapidl provisioned and released with minimal management effort or service provider interaction. &his cloud model is composed of five essential characteristics, three service models, and four deplo ment models *+,. 4ssential ,haracteristics5 -n)demand self service .road networ" access /esource pooling /apid elasticit Measured Service )er-ice Models5 Software as a Service 'SaaS( 0 &he capabilit provided to the consumer is to use the provider applications running on a cloud infrastructure . 1oogle, Microsoft, Salesforce and other ma2or software giants have launched their own SaaS applications. Platform as a Service 'PaaS( 0 &he capabilit provided to the consumer is to deplo onto the cloud infrastructure consumer)created or ac!uired applications created using programming languages, libraries, services, and tools supported b the provider. A t pical e3ample of PaaS is the Microsoft Azure Platform. Infrastructure as a Service 'IaaS( 0 &he capabilit provided to the consumer is to provision processing, storage, networ"s, and other fundamental computing resources where the consumer is able to deplo and run arbitrar software, which can include operating s stems and applications. At present, Microsoft, Amazon and other providers provide IaaS services based on hardware. &here are also open)source IaaS vendors li"e #ucal ptus and -penStac". Deplo+ment Models5 Private clouds 0 &he cloud infrastructure is provisioned for e3clusive use b a single organization comprising multiple consumers. $ommunit clouds 0 &he cloud infrastructure is provisioned for e3clusive use b a specific communit of consumers from organizations that have shared concerns. Public clouds 0 &he cloud infrastructure is provisioned for open use b the general public. 4 brid clouds 0 &he cloud infrastructure is a composition of two or more distinct cloud infrastructures 'private, communit , or public(. #ssentiall , cloud computing reflects the idea of I& infrastructure as a service, which enables users to access resource on)demand and pa for use. So it was regarded as the third revolution of the information industr , and it will be the main form of the future information societ . 4owever, securit challenges have become a ma2or concern that hinders sustainable development in clouds. &he centralized management of cloud computing center will become the ma2or targets of hac"er attac"s5 coupled with magnitude s stem and unprecedented openness, sharing, and comple3it , so its securit problems are more severe than ever*6,.

,loud )ecurit+ 5 ,hallen&es Securit problems faced b the cloud s stem about in the following five aspects*6,0 7irst, face more securit attac"s0 due to the vast amounts of user data stored in the cloud s stem, for attac"ers there has greater allure. Second, virtualization technolog 0 it not onl brings cloud computing platform fle3ibilit for resource configuration, but also brings new securit challenges. -nce hac"ed, all the virtual machines running on the virtualization platform will be under control of attac"ers. &hird, ensure continuit of the cloud platform services and high availabilit of user data and business0 Amazon data center downtime event, 1oogle8s 1mail failing to use event and so on are associated with cloud computing availabilit . $loud computing service need to provide a fault tolerant mechanism to bac"up user data to reduce the impact in application if the original data is destro ed. 7ourth, ensure the safet and privac of user data0 user data is stored in the cloud s stem and hence the primar purpose is to provide user privac . In this case, laws, regulations and processes are the problems that are the most urgent to be solved, and relevant laws and regulations should be established and improved to protect third)part securit . 7ifth, perfect the cloud standards0 Man manufacturers have defined their own application standards and data formats, forcing the user deplo ing I& s stem and their own business in accordance with the framewor" set b different service provider. 9ltimatel , all of this leads to business fragmented and chaotic s stem which are adverse to users8 application. Interoperabilit between varieties of cloud services is essential to ensure the cloud not to fall into isolated development situation and then promote common progress. 4ence establishing cloud standards is crucial to the future evolution of cloud computing. &he $loud Securit Alliance'$SA( identifies issues that are either uni!ue to or greatl amplified b the "e characteristics of $loud $omputing and its shared, on)demand nature such as *:, 0 Abuse and %efarious 9se of $loud $omputing Insecure Application Programming Interfaces Malicious Insiders Shared &echnolog Vulnerabilities Data ;oss<;ea"age Account, Service = &raffic 4i2ac"ing 9n"nown ris" profile

In addition, cloud s stems also have to address issues regarding multi)tenanc , loss of control, data recover , compliance implications, audit and so on *>,. As an other s stem, cloud infrastructures also have to follow the $onfidentialit , Integrit and Availabilit '$IA( model for providing information securit . Also, for intelligentl controlling access to cloud resources, enforcing policies, auditing usage, and providing the information necessar to bill for services, the Authentication, authorization, and accounting 'AAA( framewor" is necessar . &hese combined processes are considered important for effective management and securit . 4owever, cloud infrastructures demand much above the traditional securit solutions, which do not map well to the virtualized environments, because of the comple3 and d namic nature of the cloud

computing. It is implicit that new virtualization)aware securit solutions should be implemented to ensure the preemptive securit to the overall s stem. &he cloud securit solutions should have the intelligence to be self)defending and have the abilit to provide real)time monitoring, detection and prevention of "nown and un"nown threats. 0ttac$s on the cloud &he following are the ma2or t pe of attac"s launched on clouds*?, 0 +. Denial of service 'DoS( attac" According to the 9nited States $omputer #mergenc /eadiness &eam '9S)$#/&( DoS attac" is a t pe of attac" where an attac"er attempts to prevent legitimate users from accessing networ" or computer resources. Distributed Denial of Services 'DDoS( means, the attac"er is using multiple computers to launch the denial)of)service attac". 6. $ross VM side channel '$VMS$( attac" &his "ind of attac" can be used to collect information from a target VM where an attac"er can reside on a different VM on the same ph sical hardware. >. Malicious insiders 'MI( attac" &his is one of the most widel discussed and most difficult to detect attac" t pes in an networ", where an attac"er is an insider and therefore bestowed with trust and access. :. Attac"s targeting shared memor 'A&SM( In this t pe of attac", an attac"er ta"es the advantage of shared memor 'ph sical and cache memor ( of a ph sical<virtual machine. &his is an initial level of attac" in cloud computing and can lead up to several other t pes of attac"s. ?. Phishing attac" 'PA( Phishing is an attempt b an individual or group to solicit personal information from unsuspecting users b emplo ing social engineering techni!ues. &his "ind of attac" is mainl done b sending lin"s of a website in emails or instant messengers. In cloud computing, phishing attac"s can be classified into two threat categories. 7irst, as an abusive behavior where an attac"er can use the cloud service to host a phishing attac" site. Second, phishing attac"s can also be performed to hi2ac" account and services of cloud computing. Malware in2ection attac"s, authentication attac"s, man)in)the)middle cr ptographic attac"s and so on are other possible attac"s on the cloud *@,. 4ence in our wor" we will be anal sing the private IaaS cloud infrastructures proactivel for addressing some of the securit challenges mentioned above and will provide solutions to address these challenges.

". 6iterature Re-ie3

7. Gaps in 48istin& Research

9. Methodolo&+

:. #or$ Plan
Ae have organized the proposed research wor" that comprises of three sub problems into a research plan with five phases. &he stage)wise and the month)wise wor" plan and intermediate outcomes for the design and development of the proposed solution are shown below. Ae intend to implement the solution within a time frame of >@ months.

7igure @. Aor" Plan for the proposed solution Phase I5 6iterature Re-ie35 &his phase would involve an in depth literature surve of the topic. &he stud of the e3isting literature would span for about si3 to eight months. Phase II5 &his phase would span for about eight months to complete.

Phase III5 &he entire phase would ta"e about eight months for completion.

Phase I;5 &his phase would span for about eight months.

Phase ;5 ,onclusion and Thesis #ritin&5 &he results thus obtained throughout our research will be compiled into a thesis with supportive data and implementation details. Ae will be investing a period of si3 months to carr out the same.

&he methodolog outlined above is given in the form of a table below.

<. References
+P. Mell and &. 1rance, he %IS& Definition of $loud $omputing,9S %at Inst. of Science and &echnolog , 6B++5 http0<<csrc.nist.gov<publications<nistpubs<CBB)+:?<SPCBB)+:?.pdf 6Dandong, Ehang, and Ehang Dongsheng. F$loud computing and cloud securit challenges.F Information Technology in Medicine and Education (ITME), 2012 International Symposium on . Vol. 6. I###, 6B+2. >A. .ehl, F#merging securit challenges in cloud computing0 An insight to cloud securit challenges and their mitigation, F in Information and $ommunication &echnologies 'AI$&(, 6B++ Aorld $ongress on, dec. 6B++, pp. 6+G)662. :$loud Securit Alliance, F&op threats to cloud computing v+.B, F https0<<cloudsecurit alliance.org<topthreats<csathreats.v+.B.pdf, 6B+B. ?Md. &anzim Hhorshed, A...M. Shaw"at Ali, and Saleh A. Aasimi. 6B+6. A surve on gaps, threat remediation challenges and some thoughts for proactive attac" detection in cloud computing.7uture 1ener. $omput. S st. 6C, @ 'Iune 6B+6(, C>>)C?+. @Singh, A2e , and Maneesh Shrivastava. F-verview of Attac"s on $loud $omputing.F International Journal of Engineering and Inno ati e Technology (IJEIT) +.: '6B+6(.