Detection of Information leakage in cloud
This addresses security vulnerabilities in cloud computing for organizations using shared infrastructure, though it appears incremental as it builds on existing methods for covert channel detection.
The paper tackles the problem of detecting covert channels used for information leakage in cloud environments by proposing a framework that extracts features to classify regular from covert traffic and uses SVM for detection. The results show high accuracy and robustness with low cost, even when tested with added noise.
Recent research shows that colluded malware in different VMs sharing a single physical host may use a resource as a channel to leak critical information. Covert channels employ time or storage characteristics to transmit confidential information to attackers leaving no trail.These channels were not meant for communication and hence control mechanisms do not exist. This means these remain undetected by traditional security measures employed in firewalls etc in a network. The comprehensive survey to address the issue highlights that accurate methods for fast detection in cloud are very expensive in terms of storage and processing. The proposed framework builds signature by extracting features which accurately classify the regular from covert traffic in cloud and estimates difference in distribution of data under analysis by means of scores. It then adds context to the signature and finally using machine learning (Support Vector Machines),a model is built and trained for deploying in cloud. The results show that the framework proposed is high in accuracy while being low cost and robust as it is tested after adding noise which is likely to exist in public cloud environments.