Ph.D XXXVII

Supervisor: Gian Luca Foresti

Phone: +39 0432 558423

Room: L2c-05-BC (Lab Avires)

Mail: madni.hussainahmad@spes.uniud.it

Research Project

Trust in Cloud Computing

Now a days, data integrity and protection in cloud computing is becoming the more critical paradigm because of popularity of the cloud computing services. Privacy and security of the data are the main characteristics to build the trust of users. These characteristics can be assured with such a model that can protect and isolate the data from hacks and attacks possible in cloud computing.

Cloud computing is resource sharing platform providing Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), and Data as a Service (DaaS). Among all these services, SaaS and DaaS are mostly related to each other and sensitive with respect to security and reliability for users. Data security challenges for cloud computing include storage, data center operation, integrity, access, confidentiality, breaches, segregation. Possible vulnerabilities include lack of expertise, lack of customer checks, migration of applications to the cloud, visibility into resources in cloud, integration with IT environment, regulatory compliance, and lack of security knowledge.

Some existing security methods include digital signatures, certificates (IPSec, SSL, TLS, HTTPS), password authentication, ABS (Attribute Based Signature), SAML (Security Assertion Markup Language), OAuth (Open Authorization), Multi-factor authentication, role-based accounts, antimalware applications, security policies, security logs, Implementation of IDS (Intrusion Detection System)/IPS (Intrusion Prevention System) and DDoS protector. In the existing methods, IDS and IPS systems are the most effective methods for the security and protection of cloud computing. In our current work, we proposed the IDS model using deep learning to detect and classify network attacks in cloud computing, but additional state-of-the art IPS systems are required for the safety of data and cloud resources.

In our future work, we explore the deep learning-based IDS and IPS systems to protect the integrity and privacy of the data in cloud. The most critical part of the cloud is data, which is sensitive for cloud users, but the data is linked directly or indirectly with all services of the cloud including IaaS, SaaS, and PaaS. Thus, a complete solution to protect the fundamental resources in the cloud is required. Thus, IDS and IPS are the most important and effective systems to protect the cloud services by constraining the users with different authentication and authorization schemes. In our proposed model, deep learning model is implemented on augmented data to be safe from the issues of data scarcity, class imbalance, and model overfitting. Moreover, transfer learning is implemented to make the model adaptive for similar but novel attacks which contain the similar traits in the network. Deep learning model along with data augmentation and transfer learning produces a well-formed trained model that detects, classifies, and prevents from attacks in the cloud. Moreover, we also work on the efficient (i.e., less memory footprints and storage, inference time, etc.) deep learning-based model for IDS and IPS.