Probabilistic analysis of security attacks in cloud environment using hidden Markov models

Author First name, Last name, Institution

Jamal N. Al-Karaki, Hashemite University
Amjad Gawanmeh, University of Dubai
Islam T. Almalkawi, Hashemite University
Omar Alfandi, Zayed University

ORCID Identifiers

0000-0002-3897-0681

Document Type

Article

Source of Publication

Transactions on Emerging Telecommunications Technologies

Publication Date

1-1-2020

Abstract

© 2020 John Wiley & Sons, Ltd. The rapidly growing cloud computing paradigm provides a cost-effective platform for storing, sharing, and delivering data and computation through internet connectivity. However, one of the biggest barriers for massive cloud adoption is the growing cybersecurity threats/risks that influence its confidence and feasibility. Existing threat models for clouds may not be able to capture complex attacks. For example, an attacker may combine multiple security vulnerabilities into an intelligent, persistent, and sequence of attack behaviors that will continuously act to compromise the target on clouds. Hence, new models for detection of complex and diversified network attacks are needed. In this article, we introduce an effective threat modeling approach that has the ability to predict and detect the probability of occurrence of various security threats and attacks within the cloud environment using hidden Markov models (HMMs). The HMM is a powerful statistical analysis technique and is used to create a probability matrix based on the sensitivity of the data and possible system components that can be attacked. In addition, the HMM is used to provide supplemental information to discover a trend attack pattern from the implicit (or hidden) raw data. The proposed model is trained to identify anomalous sequences or threats so that accurate and up-to-date information on risk exposure of cloud-hosted services are properly detected. The proposed model would act as an underlying framework and a guiding tool for cloud systems security experts and administrators to secure processes and services over the cloud. The performance evaluation shows the effectiveness of the proposed approach to find attack probability and the number of correctly detected attacks in the presence of multiple attack scenarios.

DOI Link

10.1002/ett.3915

ISSN

2161-3915

Publisher

Wiley Blackwell

First Page

e3915

Disciplines

Computer Sciences

Scopus ID

85081953547

Recommended Citation

Al-Karaki, Jamal N.; Gawanmeh, Amjad; Almalkawi, Islam T.; and Alfandi, Omar, "Probabilistic analysis of security attacks in cloud environment using hidden Markov models" (2020). All Works. 2804.
https://zuscholars.zu.ac.ae/works/2804

Indexed in Scopus

yes

Open Access

no