New Age Cyber Threat Mitigation for Cloud Computing Networks

What if someone stopped you from accessing your files or using your computer? What if they demanded an amount to get access back to you? Most financial and social interactions revolve around three critical aspects – firstly, the use of digital data and files; secondly, computer systems; and last, the insecure internet. This is where Ransomware using Bitcoin has become a major cause of concern in the form of a new-age digital extortion threat to home and corporate users. This chapter discusses Ransomware and the methods adopted by cybercriminals for holding ransom innocent users' digital data and systems and proposes a malware detection system. Crypto and Locker ransomware is reviewed for their propagation, attack techniques, and new emerging threat vectors, such as file Encryption Ransomware, Screen Lock Ransomware, Windows & Browser Lock, Pop Advertisements, and URL Redirection. The author proposed a Cloud-based malware detection system, performing comparison evaluation with and without the proposed anti-malware solution in the form of sandboxes, so even if the environment got compromised, it could be easily decommissioned and rebuilt from a fresh, clean virtual snapshot. Malware Behavioral environments were set up for analyzing malware before and after receiving malware payload files and logs from infected user devices. Malware Code Analysis gathered assembly code and memory dumps from memory and performed analysis on malware payload instructions. Reporting environment analyzed Web URLs proactively for malicious sites hosting malware code or payloads and checked the user system and devices for before and after analysis logs. 

The information security policy development lifecycle tends to lack focus on the use of standard terms and semantics. This results in blurred outlines for monitoring, evaluation, and enforcement of the security policy for the employees confusing adhering to and implementing it, which leads to a lack of a process of publishing from the security policy, end-user awareness, translation of high-level policy to lowest level component configuration plans and actions to take in time of crisis. This leads to the critical need to design an empirically tested, comprehensive security policy. This chapter proposes bridging the gap between the high-level information security policy descriptions and low-level network infrastructure security implementation. With new and innovative technologies, such as Cloud, Remote Computing, Enterprise Mobility, and e-commerce on the rise, network security has remained an ever-increasing challenge. This chapter presents a security framework to bridge the gap between highlevel specification requirements and the low-level implementation phase for network infrastructure security using the network architecture model with the security policies associated with the network components required to be enforced. An architectural model and a set of design-level security policies are considered to achieve the framework design. Also discussed are the advantages and desired characteristics of the model, relating to existing processes worked in the design area, and future research directions are pointed.

With growing awareness and concerns regarding Cloud Computing and Information Security, there is growing awareness and usage of Security Algorithms in data systems and processes. This chapter presents a brief overview and comparison of Cryptographic algorithms, with an emphasis on Symmetric algorithms should be used for Cloud-based applications and services that require data and link encryption. In this chapter, we review Symmetric and Asymmetric algorithms with an emphasis on Symmetric Algorithms for security consideration on which one should be used for Cloud-based applications and services that require data and link encryption.

The internet has become the key driver for virtually every organization’s growth, brand awareness, and operational efficiency. Unfortunately, cyber terrorists and organized criminals know this fact too. Using a Distributed Denial of Service attack, they can deny corporates and end-users internet access, make the website go slow, and deny access to corporate networks and data, making them unable to service legitimate users. It is not just these that are vulnerable; DDoS attacks are diversions. Due to the increased attack volume, collateral damage is becoming a major cause of concern – packet loss, delays, and high latency for internet traffic of those whose network traffic traverses the WAN saturated by a DDOS attack. DDOS attacks disrupt services and distract security resources, while other attacks, like fraudulent transactions, are attempted. Adaptive DDOS attacks are prevalent – attackers attack traffic on the fly to avoid identification and confuse mitigation plans. Reflective and Amplification attacks are most common – leveraging misconfigured DNS, NTP, and other network resources by spoofing source IP addresses. The bitter reality is that for cloud computing to be useful, it has to be exposed to insecure WANs and the public internet. With Cloud services presence being advertised and the interfaces defined, unauthorized attacks would always look to target the services.

With the rise of cyber-attacks on cloud systems globally, Cloud Service Providers, Data carriers, and hosting providers are forced to consider the novel challenges posed and requirements for attacks and, more specifically, DDoS protection in large hosting environment setups. This chapter proposes using a multi-tiered network design based on a Hybrid cloud solution comprising an On-premise solution and a public cloud infrastructure capable of handling hurricane-sized DDoS storms. 

With more and more organizations working on the cloud over unsecured internet, sharing files and emails and saving them on cloud storage is imperative. Securing the end-user sensitive data in transit has thus started to get maximum priority to protect it from Cloud company staff, hackers, and data thieves. In this study, an attempt is made to review the research on end-user data security. There is an urgent need for solutions for end-users data protection privacy during the times when migrating from one cloud service provider to another. This chapter reviews the challenges in Cloud computing services regarding end-user data, analyzes the issues face, and presents solutions to overcome them. The chapter identifies end-users data security issues when using cloud computing services. The focus is directed to critical issues related to unauthorized access to integrity during data in transit. This can be addressed using Public Key Cryptography or PKI. For Confidentiality and Data Integrity for end-user data over Cloud. Then for migrating from one cloud service provider to another, data security and privacy are addressed by Cloud-aware applications. Lastly, using Multi-Factor Authentication combined with network and application detection systems, Intrusion Detection Systems, and Network traffic routing in case of cyber-attacks can help achieve denial of service attack mitigation or prevent man-in-the-middle and network snooping in Cloud Computing.

Cloud computing has started to gain acceptance for adoption and implementation among organizations, however, this new technology area has already started to deal with security, performance, and availability challenges. Within Cloud Security issues being paramount for corporates, and private enterprises, the denial of service attacks are rated as the highest priority threat to the cloud environments. This chapter presents a review of the academic literature research work on the DDoS attack on the Cloud, introduces a new DDoS Classification taxonomy, and proposes parameters for determining an effective DDoS solution.

Cloud Computing has emerged as the prime IT computing model for ondemand access using a pool of shared resources with the least IT support. Cloud computing is starting to replace the legacy office IT infrastructure and helpdesk support system. Corporate and home users alike are hugely turning into cloud service consumers and moving their data and work to the cloud. Therefore, the Cloud Service Agreement (CSA) between cloud service consumers and cloud service providers has a critical significance that can guarantee the highest level of service quality and delivery. The current CSA parameters and CSA terms tend to fall short of the service delivery commitments with no common terminology or standard followed industry-wide by the cloud service providers. Comparing similar service offerings and agreements from multiple cloud service providers continues to be a complex issue. This chapter provides a pragmatic approach to Cloud Service Agreements, comparing the current process with the proposed parameters and the new framework for CSA to determine the role of various elements and terms in the decision-making process for cloud service agreements for SaaS, PaaS, IaaS, and STaaS. 

With the rise in cyber-attacks on cloud environments like Brute Force, Malware, or Distributed Denial of Service attacks, information security officers and data center administrators have a monumental task. Starting from the need to safeguard the client data, data center security, and ensuring cloud service availability, the team needs to ensure the highest priority to service delivery performance and functionality being offered to the service consumers. Organizations design data center and service delivery to cater to maximize device provisioning & availability, improve application performance, ensure better server virtualization and end up securing data centers using security solutions at the internet edge protection level. These security solutions prove to be largely inadequate in times of a DDoS cyber-attack. In this chapter, traditional data center design is compared to the proposed three-tier data center architecture design. The author performed DDoS attacks on both architectures to determine the resilience to withstand DDoS attacks by measuring the Real User Monitoring parameters and then validated the data using the Parametric T-Test. 

To stay connected and interact with global peers, friends, co-workers, and corporate employees, use email communication technology to perform business with customers and communicate with each other globally. Emails are the best and simplest way of cyber communication. Email is often the first thing we do when entering the office as well as the last thing we do when going to bed. With Cloud-based services providing email servers and infrastructure hosted over the Internet, Security assumes a significantly high level of priority in today’s cyber world. This chapter reviews the academic literature published on security challenges faced by Email Infrastructure over Cloud, discusses the limitations of Email protocols, and compares using cloud-based email infrastructures and on-premises email servers.

With mission-critical web applications and resources being hosted on cloud environments, and cloud services growing fast, the need for having a greater level of service assurance regarding fault tolerance for availability and reliability has increased. The high priority now is ensuring a fault-tolerant environment that can keep the systems up and running. To minimize the impact of downtime or accessibility failure due to systems, network devices, or hardware, the expectations are that such failures must be anticipated and handled proactively, quickly and intelligently. This chapter discusses the fault tolerance system for cloud computing environments and analyzes whether this is effective for Cloud environments.