Detecting Security System Misconfiguration Threats in Cloud Computing Environments Using AI
DOI:
https://doi.org/10.54536/ajise.v3i3.3272Keywords:
Artificial Intelligence (AI), Cloud Computing, Deep Learning, HFACS Methods, Machine Learning Techniques, IRDS4CAbstract
Cloud computing solutions are being gradually adopted in organizations, and this has raised a lot of questions about the risks that come with using cloud-based services, especially misconfiguration errors in cloud-based systems. Considering these challenges, the current study aimed to assess the use of AI-based security systems to identify misconfiguration errors in cloud computing platforms. The study has focused on the perceived effectiveness of implementing AI security systems for behavioral analysis, and the implementation of traditional security systems has been assessed. The study utilized an exploratory qualitative review approach analyzing the recent studies and the recent literature available on recognized databases of interest with a particular focus on the prevalence of misconfiguration errors, its importance for early detection, and the use of AI methods. The study results showed that the most significant threat and the main reason for cloud insecurity and breaches lie in cloud misconfiguration. However, the analysis of the study also exposed that AI and machine learning techniques have a promising future and could be enacted as an accurate technique for the automation of the early misconfiguration detection model. Furthermore, the research has also pointed out that planning and deception-based approaches and human factors analysis can also be used in an attempt to strengthen cloud security against misconfiguration threats. In general, the study has postulated that the enhancement of optimum AI-based security systems is fundamental to optimizing the misconfiguration error detection systems and the security of data in cloud computing.
Downloads
References
Abdi, A. H., Audah, L., Saleh, A., Alhartomi, M. A., Rasheed, H., Ahmed, S., & Tahir, A. (2024). Security Control and Data Planes of SDN: A Comprehensive Review of Traditional, AI and MTD Approaches to Security Solutions. IEEE Access.
Abouelyazid, M., & Xiang, C. (2019). Architectures for AI Integration in Next-Generation Cloud Infrastructure, Development, Security, and Management. International Journal of Information and Cybersecurity, 3(1), 1-19.
Ahmadi, S. (2024). Systematic Literature Review on Cloud Computing Security: Threats and Mitigation Strategies. Ahmadi, S.(2024) Systematic Literature Review on Cloud Computing Security: Threats and Mitigation Strategies. Journal of Information Security, 15, 148-167.
Ahmed, M., Kambam, H. R., Liu, Y., Jaidka, S., & Petrova, K. (2024). Impact and Significance of Human Factors in Digital Information Security. International Journal of Information Science and Technology, 7(2), 1-17.
Al-Zewairi, M. A. S. (2021). A novel multilayer IDS architecture for learning undefined attacks. Princess Sumaya University for Technology.
Ali, M., Khan, S. U., & Vasilakos, A. V. (2015). Security in cloud computing: Opportunities and challenges. Information sciences, 305, 357-383.
Aljehani, S., & Farooqi, N. S. (2022). A Systematic Literature Review on Security Challenges In A Hybrid Cloud Database. International Journal of Engineering & Technology.
Aljuhani, A. (2021). Machine learning approaches for combating distributed denial of service attacks in modern networking environments. IEEE Access, 9, 42236-42264.
Alliance., C. S. (2019). Cloud Security Report. https://cloudsecurityalliance.org/artifacts/cloud-security-report-2019/
Assaf, G., & Assaad, R. H. (2023). Key decision-making factors influencing bundling strategies: Analysis of bundled infrastructure projects. Journal of Infrastructure Systems, 29(2), 04023006.
Aswathy, S., & Tyagi, A. K. (2022). Privacy Breaches through Cyber Vulnerabilities: Critical Issues, Open Challenges, and Possible Countermeasures for the Future. In Security and Privacy-Preserving Techniques in Wireless Robotics (pp. 163-210). CRC Press.
Aurelien, J. (2021). Exploring effective defensive cybersecurity strategies for small businesses. Colorado Technical University.
Aydeger, A., Saputro, N., & Akkaya, K. (2020). Cloud-based deception against network reconnaissance attacks using SDN and NFV. In 2020 IEEE 45th Conference on Local Computer Networks (LCN).
Battleson, D. A., West, B. C., Kim, J., Ramesh, B., & Robinson, P. S. (2016). Achieving dynamic capabilities with cloud computing: An empirical investigation. European Journal of Information Systems, 25(3), 209-230.
Belal, M. M., & Sundaram, D. M. (2022). A comprehensive review on intelligent security defenses in the cloud: Taxonomy, security issues, ML/DL techniques, challenges, and future trends. Journal of King Saud University-Computer and Information Sciences, 34(10), 9102-9131.
Belzer, J. A. (2017). Unmanned aircraft systems in the national airspace system: Establishing equivalency in safety and training through a fault tree analysis approach. Ohio University.
Bhadra, S., & Mohammed, S. (2020). Cloud computing threats and risks: Uncertainty and uncontrollability in the risk society. Electronics Journal, 7(2), 1047-1071.
Bhardwaj, A., Mangat, V., Vig, R., Halder, S., & Conti, M. (2021). Distributed denial of service attacks in the cloud: State-of-the-art of scientific and commercial solutions. Computer Science Review, 39, 100332.
Bojović, D., & Lygre, J. T. (2023). To deceive or not deceive: Unveiling the adoption determinants of defensive cyber deception in Norwegian organizations. University of Agder.
Bramer, W. M., De Jonge, G. B., Rethlefsen, M. L., Mast, F., & Kleijnen, J. (2018). A systematic approach to searching: an efficient and complete method to develop literature searches. Journal of the Medical Library Association: JMLA, 106(4), 531.
Brenner, B., Hollerer, S., Bhosale, P., Sauter, T., Kastner, W., Fabini, J., & Zseby, T. (2023). Better safe than sorry: Risk Management based on a safety-augmented Network Intrusion Detection System. IEEE Open Journal of the Industrial Electronics Society.
Brown, A., Gupta, M., & Abdelsalam, M. (2023). Automated machine learning for deep learning based malware detection. arXiv. https://doi.org/10.48550/arXiv.2303.01679
Buyya, R., Srirama, S. N., Casale, G., Calheiros, R., Simmhan, Y., Varghese, B., Gelenbe, E., Javadi, B., Vaquero, L. M., & Netto, M. A. (2018). A manifesto for future generation cloud computing: Research directions for the next decade. ACM computing surveys (CSUR), 51(5), 1-38.
Choudhary, C., Vyas, N., & Kumar Lilhore, U. (2023). Cloud Security: Challenges and Strategies for Ensuring Data Protection. In 2023 3rd International Conference on Technological Advancements in Computational Sciences (ICTACS), 669-673.
Cornejo, G. A. (2021). Human errors in data breaches: An exploratory configurational analysis. Nova Southeastern University.
Dawood, M., Tu, S., Xiao, C., Alasmary, H., Waqas, M., & Rehman, S. U. (2023). Cyberattacks and security of cloud computing: a complete guideline. Symmetry, 15(11), 1981.
Dhayanidhi, G. (2022). Research on IoT threats & implementation of AI/ML to address emerging cybersecurity issues in IoT with cloud computing. IEEE Access.
Dindar, S., Kaewunruen, S., & An, M. (2020). Bayesian network-based human error reliability assessment of derailments. Reliability Engineering & System Safety, 197, 106825.
Dunn, C., Moustafa, N., & Turnbull, B. (2020). Robustness evaluations of sustainable machine learning models against data poisoning attacks in the Internet of things. Sustainability, 12(16), 6434.
Dwivedi, Y. K., Hughes, L., Ismagilova, E., Aarts, G., Coombs, C., Crick, T., Duan, Y., Dwivedi, R., Edwards, J., & Eirug, A. (2021). Artificial Intelligence (AI): Multidisciplinary perspectives on emerging challenges, opportunities, and agenda for research, practice, and policy. International Journal of Information Management, 57, 101994.
Eiras, F., Petrov, A., Vidgen, B., Schroeder, C., Pizzati, F., Elkins, K., Mukhopadhyay, S., Bibi, A., Purewal, A., & Botos, C. (2024). Risks and Opportunities of Open-Source Generative AI. arXiv preprint arXiv:2405.08597.
El-Kosairy, A., & Abdelbaki, N. (2023). Deception as a service: intrusion and ransomware detection system for cloud computing (IRDS4C). Advances in Computational Intelligence, 3(3), 9.
Elmrabit, N., Zhou, F., Li, F., & Zhou, H. (2020). Evaluation of machine learning algorithms for anomaly detection. In Proceedings of the 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security).
Eppley, E. (2019). Critical success factors for digital forensic investigations in cloud computing: An exploratory multiple-case study [Doctoral dissertation, Capella University].
Goel, P. K., & Singhal, A. (2023). Security issues and threats in cloud computing: Problems and solutions. In Proceedings of the 2023 3rd International Conference on Advancement in Electronics & Communication Engineering (AECE) (pp. 1019-1023).
Gupta, A., Anpalagan, A., Carvalho, G. H., Khwaja, A. S., Guan, L., & Woungang, I. (2019). RETRACTED: Prevailing and emerging cyber threats and security practices in IoT-enabled smart grids: A survey. Elsevier.
Haber, M. J., Chappell, B., & Hills, C. (2022). Attack vectors. In Cloud attack vectors: Building effective cyber-defense strategies to protect cloud resources (pp. 117-219). Springer.
Hong, J. B., Nhlabatsi, A., Kim, D. S., Hussein, A., Fetais, N., & Khan, K. M. (2019). Systematic identification of threats in the cloud: A survey. Computer Networks, 150, 46-69.
Ismayilov, E. A. (2022). Cloud security: A review of current issues and proposed solutions. Azerbaijan Journal of High Performance Computing.
Jolkkonen, T. (2022). Cloud Asset Identification Strategy.
Kaptan, M., Sarıali̇oğlu, S., Uğurlu, Ö., & Wang, J. (2021). The evolution of the HFACS method used in the analysis of marine accidents: A review. International Journal of Industrial Ergonomics, 86, 103225.
Khalil, I., Khreishah, A., & Azeem, M. (2014). Cloud Computing Security: A Survey. Computers, 3, 1-35. https://doi.org/10.3390/computers3010001
Kumar, R., & Goyal, R. (2019). Assurance of data security and privacy in the cloud: A three-dimensional perspective. Software Quality Professional, 21(2), 7-26.
Kuparinen-Koho, T. (2020). Risks in the user interaction of alarm functionality in situation awareness systems.
Li, W., Tug, S., Meng, W., & Wang, Y. (2019). Designing collaborative blockchain signature-based intrusion detection in IoT environments. Future Generation Computer Systems, 96, 481-489.
Loaiza Enriquez, R. (2021). Cloud Security Posture Management/CSPM) in Azure.
Loureiro, S. (2021). Security misconfigurations and how to prevent them. Network Security, 2021(5), 13-16.
Ma, X., Zhou, A., Zhang, S., & Wang, S. (2020, 6-9 July 2020). Cooperative Service Caching and Workload Scheduling in Mobile Edge Computing. IEEE INFOCOM 2020 - IEEE Conference on Computer Communications,
Macas, M., Wu, C., & Fuertes, W. (2022). A survey on deep learning for cybersecurity: Progress, challenges, and opportunities. Computer Networks, 212, 109032.
Makhdoom, I., Abolhasan, M., Lipman, J., Liu, R. P., & Ni, W. (2018). Anatomy of threats to the Internet of Things. IEEE communications surveys & tutorials, 21(2), 1636-1675.
MarketsandMarkets. (2023). Cloud computing market size, share, growth drivers, opportunities & statistics. https://www.marketsandmarkets.com/Market-Reports/cloud-computing-market-234.html
Marques, C., Malta, S., & Magalhães, J. (2021). DNS firewall based on machine learning. Future Internet, 13(12), 309.
Mathews, R. (2017). Interrogating “privacy” in a world brimming with high political entanglements, surveillance, interdependence & interconnections. In Vol. 7 (pp. 265-324). Springer.
Meftah, S., Rachidi, T., & Assem, N. (2019). Network-based intrusion detection using the UNSW-NB15 dataset. International Journal of Computing and Digital Systems, 8(5), 478-487.
Mohan, P. V., Dixit, S., Gyaneshwar, A., Chadha, U., Srinivasan, K., & Seo, J. T. (2022). Leveraging computational intelligence techniques for defensive deception: a review, recent advances, open problems, and future directions. Sensors, 22(6), 2194.
Mohanty, S. N., Potluri, S., Prakash, V. B., Srinath, B., & Manjunath, B. (2021). Cloud security concepts, threats, and solutions: Artificial intelligence based Approach. Cloud Security: Techniques and Applications, 1, 1.
Moualla, S., Khorzom, K., & Jafar, A. (2021). Improving the Performance of Machine Learning‐Based Network Intrusion Detection Systems on the UNSW‐NB15 Dataset. Computational Intelligence and Neuroscience, 2021(1), 5557577.
Moura, J., & Hutchison, D. (2020). Fog computing systems: State-of-the-art research issues and future trends, with a focus on resilience. Journal of Network and Computer Applications, 169, 102784.
Murturi, I., Egyed, A., & Dustdar, S. (2022). Utilizing AI Planning on the Edge. IEEE Internet Computing, 26(2), 28-35. https://doi.org/10.1109/MIC.2021.3073434
Networks., P. A. (2021). Cloud Threat Report. https://www.paloaltonetworks.com/resources/research/cloud-threat-report
Nobles, C. (2022a). Investigating cloud computing misconfiguration errors using the human factors analysis and classification system. Scientific Bulletin, 27(1), 59-66.
Nobles, C. (2022b). Investigating Cloud Computing Misconfiguration Errors using the Human Factors Analysis and Classification System. Scientific Bulletin, 27, 59 - 66.
Okafor, W., Okafor, K. C., Edeagu, S., Chijindu, V., & Iloanusi, O. N. Efficient Container Time Synchronization Data Center Network for Smart Grid Cyber-Physical Architecture. O. and Chijindu, Vincent. C. and Iloanusi, Ogechukwu N., Efficient Container Time Synchronization Data Center Network for Smart Grid Cyber-Physical Architecture.
Oluoha, O. U., Yange, T. S., Okereke, G. E., & Bakpo, F. S. (2021). Cutting Edge Trends in Deception Based Intrusion Detection Systems—A Survey. Journal of Information Security, 12(4), 250-269.
Pan, H., Li, Z., Zhang, P., Cui, P., Salamatian, K., & Xie, G. (2022). Misconfiguration-Free Compositional SDN for Cloud Networks. IEEE Transactions on Dependable and Secure Computing.
Pandey, S., Singh, R. K., Gunasekaran, A., & Kaushik, A. (2020). Cyber security risks in globalized supply chains: conceptual framework. Journal of Global Operations and Strategic Sourcing, 13(1), 103-128.
Parast, F. K., Sindhav, C., Nikam, S., Yekta, H. I., Kent, K. B., & Hakak, S. (2022). Cloud computing security: A survey of service-based models. Computers & Security, 114, 102580.
Ponemon, L. (2020). Cost of a Data Breach Report 2019. IBM Security.
Prasad, N., Lopes, J., Shah, U., Narukulla, N., & Swamy, H. (2022). Security Challenges and Solutions in Cloud-Based Artificial Intelligence and Machine Learning Systems. International Journal on Recent and Innovation Trends in Computing and Communication, 10, 286-292.
Safonov, V. O. (2016). Trustworthy cloud computing. John Wiley & Sons.
Serem, E. K., Mugo, D. M., & Too, B. K. (2021). Deceptive decoys: Combining believable user and network activities and deceptive network setup in enhancing effectiveness. Technology (IJEET), 12(6), 281-292.
Shibli, M. A., Masood, R., Habiba, U., Kanwal, A., Ghazi, Y., & Mumtaz, R. (2014). Access control as a service in the cloud: challenges, impact, and strategies. Continued Rise of the Cloud: Advances and Trends in Cloud Computing, 55-99.
Singh, P., Kaur, A., Aujla, G. S., Batth, R. S., & Kanhere, S. (2020). Daas: Dew computing is a service for intelligent intrusion detection in edge-of-things ecosystems. IEEE Internet of Things Journal, 8(16), 12569-12577.
Sivan, R., & Zukarnain, Z. A. (2021). Security and privacy in a cloud-based e-health system. Symmetry, 13(5), 742.
Stutz, D., de Assis, J. T., Laghari, A. A., Khan, A. A., Andreopoulos, N., Terziev, A., Deshpande, A., Kulkarni, D., & Grata, E. G. (2024). Enhancing security in cloud computing using artificial intelligence (AI). In Applying artificial intelligence in cybersecurity analytics and cyber threat detection (pp. 179-220). Springer.
Symon, G., Cassell, C., & Johnson, P. (2018). Evaluative practices in qualitative management research: A critical review. International Journal of Management Reviews, 20(1), 134-154.
Tabrizchi, H., & Kuchaki Rafsanjani, M. (2020). A survey on security challenges in cloud computing: issues, threats, and solutions. The journal of supercomputing, 76(12), 9493-9532.
Taofeek, O. T., Alawida, M., Alabdulatif, A., Omolara, A. E., & Abiodun, O. I. (2022). A cognitive deception model for generating fake documents to curb data exfiltration in networks during cyber-attacks. IEEE Access, 10, 41457-41476.
Uddin, M., Khalique, A., Jumani, A. K., Ullah, S. S., & Hussain, S. (2021). Next-generation blockchain-enabled virtualized cloud security solutions: review and open challenges. Electronics, 10(20), 2493.
Vibhute, A. D., Khan, M., Patil, C. H., Gaikwad, S. V., Mane, A. V., & Patel, K. K. (2024). Network anomaly detection and performance evaluation of Convolutional Neural Networks on UNSW-NB15 dataset. Procedia Computer Science, 235, 2227-2236.
Wang, L., Han, M., Li, X., Zhang, N., & Cheng, H. (2021). Review of classification methods on unbalanced data sets. IEEE Access, 9, 64606-64628.
Wang, S., Zhu, F., Yao, Y., Tang, W., Xiao, Y., & Xiong, S. (2021). A computing resources prediction approach based on ensemble learning for complex system simulation in the cloud environment. Simulation Modelling Practice and Theory, 107, 102202.
Welsh, T., & Benkhelifa, E. (2020). On resilience in cloud computing: A survey of techniques across the cloud domain. ACM computing surveys (CSUR), 53(3), 1-36.
Westland, J. (2002). The cost of errors in software development: evidence from industry. Journal of Systems and Software, 62, 1-9. https://doi.org/10.1016/S0164-1212(01)00130-3
Wiegmann, D., Faaborg, T., Boquet, A., Detwiler, C., Holcomb, K., & Shappell, S. (2005). Human error and general aviation accidents: A comprehensive, fine-grained analysis using HFACS.
Wood, K., & Pereira, E. (2010). An investigation into cloud configuration and security. 2010 International Conference for Internet Technology and Secured Transactions.
Wu, H., Han, H., Wang, X., & Sun, S. (2020). Research on artificial intelligence enhancing internet of things security: A survey. IEEE Access, 8, 153826-153848.
Ye, G., Tan, Q., Gong, X., Xiang, Q., Wang, Y., & Liu, Q. (2018). Improved HFACS on human factors of construction accidents: a China perspective. Advances in Civil Engineering, 2018(1), 4398345.
Yungaicela-Naula, N. M., Sharma, V., & Scott-Hayward, S. (2024). Misconfiguration in O-RAN: Analysis of the impact of AI/ML. Computer Networks, 110455.
Zeebaree, I., Abdulrahman, L. M., Abdulkareem, N. M., & Salim, B. W. (2024). The Distributed Machine Learning in Cloud Computing and Web Technology: A Review of Scalability and Efficiency. Journal of Information Technology and Informatics, 3(1).
Zhang, J., Pan, L., Han, Q.-L., Chen, C., Wen, S., & Xiang, Y. (2021). Deep learning based attack detection for cyber-physical system cybersecurity: A survey. IEEE/CAA Journal of Automatica Sinica, 9(3), 377-391.
Zhang, X., Wang, J., & Zhu, S. (2021). Dual generative adversarial networks based on unknown encryption ransomware attack detection. IEEE Access, 10, 900-913.
Zhang, Y., He, H., Legunsen, O., Li, S., Dong, W., & Xu, T. (2021). An evolutionary study of configuration design and implementation in cloud systems. In 2021 IEEE/ACM 43rd International Conference on Software Engineering (ICSE).
Zhu, M., Anwar, A. H., Wan, Z., Cho, J.-H., Kamhoua, C., & Singh, M. P. (2021). Game-theoretic and machine learning-based approaches for defensive deception: A survey. arXiv preprint arXiv:2101.10121. https://arxiv.org/abs/2101.10121
Zighan, S. (2024). Navigating the cyber landscape: A framework for transitioning from business continuity to digital resilience. In 2024 2nd International Conference on Cyber Resilience (ICCR) (pp. TBD). IEEE.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 Hamza Mahmood Khan, Syed Murtaza Haider Zaidi
This work is licensed under a Creative Commons Attribution 4.0 International License.