International Journal of Computer Science & Network Security

국제컴퓨터통신보호논문지학회 (International Journal of Computer Science & Network Security)
권호 표지
DOI QR코드

DOI QR Code

Building On/off Attacks Detector for Effective Trust Evaluation in Cloud Services Environment

  • SALAH T. ALSHAMMARI (Department of Computer Science College of Computing and Information Technology King Abdul-Aziz University Jeddah) ;
  • AIIAD ALBESHRI (Department of Computer Science College of Computing and Information Technology King Abdul-Aziz University Jeddah) ;
  • KHALID ALSUBHI (Department of Computer Science College of Computing and Information Technology King Abdul-Aziz University Jeddah)
  • 투고 : 2024.07.05
  • 발행 : 2024.07.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

Cloud computing is a widely used technology that has changed the way people and organizations store and access information. This technology is quite versatile, which is why extensive amounts of data can be stored in the cloud. Furthermore, businesses can access various services over the cloud without having to install applications. However, the cloud computing services are provided over a public domain, which means that both trusted and non-trusted users can access the services. Though there are several advantages of cloud computing services, especially to business owners, various challenges are also posed in terms of the privacy and security of information and online services. A kind of threat that is widely faced in the cloud environment is the on/off attack. In this kind of attack, a few entities exhibit proper behavior for a given time period to develop a highly a positive reputation and gather trust, after which they exhibit deception. A viable solution is provided by the given trust model for preventing the attacks. This method works by providing effective security to the cloud services by identifying malicious and inappropriate behaviors through the application of trust algorithms that can identify on-off attacks.

키워드

참고문헌

  1. Talal H. Noor, Quan Z. Sheng, and Abdullah Alfazi, "Reputation Attacks Detection for Effective Trust Assessment Among Cloud Services," in 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 2013, pp. 469-476.
  2. Eric Chang, "General Attacks and Approaches in Cloud-Scale Networks," in IEEE International Conference on Computer Communications, 2019.
  3. Swati Mahajan, Sarika Mahajan, Shubhangi Jadhav, and Sangita Kolate, "Trust Management in E-commerce Websites," in International Research Journal of Engineering and Technology (IRJET), 2017, pp. 2934-2936.
  4. T. H. Noor, Q. Z. Sheng, L. Yao, S. Dustdar, and A. H.H. Ngu, "CloudArmor: Supporting Reputation-Based Trust Management for Cloud Services," IEEE Transactions on Parallel and Distributed Systems, vol. 27, no. 2, pp. 367-380, 2015.
  5. P. Varalakshmi, T. Judgi, and D. Balaji, "Trust Management Model Based on Malicious Filtered Feedback in Cloud. In International Conference on Data Science Analytics and Applications," in International Conference on Data Science Analytics and Applications, 2018, pp. 178-187.
  6. X. Li, and J. Du, "Adaptive and Attribute-based Trust Model for Service Level Agreement Guarantee in Cloud Computing," IET Information Security, vol. 7, no. 1, pp. 39-50, 2013.
  7. Huang Lanying, XiongZenggang, Wangguangwei, "A Trust-role Access Control Model Facing Cloud Computing," Proceedings of the 35th Chinese Control Conference , July 27-29, 2016.
  8. G. Lin, D. Wang, Y. Bie, and M. Lei, "MTBAC: A Mutual Trust Based Access Control Model in Cloud Computing," China Communications, vol. 11, no. 4, pp. 154-162, 2014.
  9. C. Zhu, H. Nicanfar, V. C. M. Leung, and L. T. Yang, "An Authenticated Trust and Reputation Calculation and Management System for Cloud and Sensor Networks Integration," IEEE Transactions on Information Forensics and Security, vol. 10, no. 1, pp. 118-131, 2014.
  10. C. Uikey, and D. S. Bhilare, "TrustRBAC: Trust Role Based Access Control Model in Multi-domain Cloud Environments," in International Conference on Information, Communication, Instrumentation and Control (ICICIC), 2017, p. 978-1-5090-6314-7.
  11. P. Zhang, Y. Kong, and M. Zhou, "A Domain Partition-Based Trust Model for Unreliable Clouds," IEEE Transactions on Information Forensics and Security, vol. 13, no. 9, pp. 2167-2178, Sept. 2018.
  12. Zhanjiang Tan, Zhuo Tang, Renfa Li, Ahmed Sallam, and Liu Yang, "Research of Workflow Access Control Strategy based on Trust," in 11th Web Information System and Application Conference, Sept. 2014.
  13. X. Li, H. Ma, F. Zhou, and W. Yao, "T-Broker: A Trust-Aware Service Brokering Scheme for Multiple Cloud Collaborative Services," IEEE Transactions on Information Forensics and Security, vol. 10, no. 7, pp. 1402-1415, 2015.
  14. Mali Varsha, Prof. Pramod Patil, "A Survey on Authentication and Access Control for Cloud Computing using RBDAC Mechanism," International Journal of Innovative Research in Computer and Communication Engineering , 2015, 12125-12129.
  15. X. Li, H. Ma, F. Zhou, and X. Gui, "Service Operator-Aware Trust Scheme for Resource Matchmaking across Multiple Clouds," IEEE Transactions on Parallel and Distributed Systems, vol. 26, no. 5, pp. 1419-1429, May. 2014.
  16. T. Bhattasali, R. Chaki, N. Chaki, and K. Saeed, "An Adaptation of Context and Trust Aware Workflow Oriented Access Control for Remote Healthcare," International Journal of Software Engineering and Knowledge Engineering, vol. 28, no. 6, pp. 781-810, 2018.
  17. 3Talal H. Noor, Quan Z. Sheng, and Abdullah Alfazi, "Detecting occasional reputation attacks on cloud services," in International Conference on Web Engineering, 2013, pp. 416-423.
  18. 4Nabila Labraoui, Mourad Gueroui, and Larbi Sekhri, "On-off attacks mitigation against trust systems in wireless sensor networks," in IFIP International Conference on Computer Science and its Applications, 2015, pp. 406-415.
  19. 5Talal H. Noor, Quan Z. Sheng, and Athman Bouguettaya, Trust management in cloud services, Springer, Cham, 2014.
  20. 6Tong Wei-ming, Liang Jian-quan, LU Lei, and JIN Xian-ji, "Intrusion detection scheme based node trust value in WSNs," in Systems Engineering and Electronics, 2015, pp. 1644-1649.
  21. 7Mahdi Ghafoorian, DariushAbbasinezhad-Mood, and Hassan Shakeri, "A Thorough Trust and Reputation Based RBAC Model for Secure Data Storage in the Cloud," IEEE Transactions on Parallel and Distributed Systems, Vol: 30, Issue: 4, Apr. 2019.
  22. 8Francis N. Nwebonyi, Rolando Martins, and Manuel E. Correia, "Reputation based approach for improved fairness and robustness in P2P protocols," in Peer-to-Peer Networking and Applications, 2019, pp. 951-968.
  23. Wenyang Deng, and Zhouyi Zhou, "A Flexible RBAC Model Based on Trust in Open System," in Third Global Congress on Intelligent Systems, 2012.
  24. Huang Lanying, XiongZenggang, and Wangguangwei, "A Trust-role Access Control Model Facing Cloud Computing," in Proceedings of the 35th Chinese Control Conference, 2016.
  25. Lan Zhou, Vijay Varadharajan, and Michael Hitchens, "Integrating Trust with Cryptographic Role-based Access Control for Secure Cloud Data Storage," in 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 2013.
  26. Wei Chang, Feng Xu, and Jianping Dou, "A Trust and Unauthorized Operation Based RBAC (TUORBAC) Model," in International Conference on Control Engineering and Communication Technology, 2012.
  27. D. Marudhadevi, V.Neelaya Dhatchayani, and V.S. Shankar Sriram, "A Trust Evaluation Model for Cloud Computing Using Service Level Agreement," The Computer Journal, Vol.58, pp.2225-2232, Nov. 2014.
  28. W.T.Tsai, Peide Zhong, Xiaoying Bai, and Jay Elston, "Role-Based Trust Model for Community of Interest," in IEEE International Conference on Service-Oriented Computing and Applications (SOCA), 2009.
  29. Fan Yue-qin, and Zhang Yong-sheng, "Trusted Access Control Model Based on Role and Task in Cloud Computing," in 7th International Conference on Information Technology in Medicine and Education, 2012.
  30. Bhatt, Smriti, Ravi Sandhu, and Farhan Patwa, "An Access Control Framework for Cloud-Enabled Wearable Internet of Things," in IEEE 3rd International Conference on Collaboration and Internet Computing (CIC), pp. 213-233, Oct. 2017.