Advances, Systems and Applications
Potential Attacks | Storage Issues | Threats | Mitigation Solution with references | Applied Methods |
---|---|---|---|---|
DoS | No prediction format to formulate required time/storage to store/process data into cloud storage, data threat | Vulnerable service takes place instead of original service | Proposed authentication & authorization protocol [45, 46] Proposed signature-based scheme [47] Proposed intrusion detection/prevention scheme [48,49,50] | Kerberos protocol Attribute-Based Proxy Signature Improved Dynamic Immune Algorithm(IDIA) |
Phishing | Lack of storage monitoring, Unaccredited access to physical cloud storage | Data confidentiality disclose | Propose phishing detection technique [51] | a hybrid classifier approach and hyper-parameter classifier tuning |
Brute Force Attack /online dictionary Attack | Unaccredited access to physical cloud storage | Data confidentiality disclose, Violation of Data Authenticity | Propose data obfuscation scheme [52] | Least Significant Bit(LSB) substitution method |
MITC Attack | Improper security against internal and external malicious attacks | Abnormality in service availability | Propose string authentication technique [53] | Chaotic maps and fuzzy extractors |
Port Scanning | Improper security internal and external malicious attack | Abnormality in service availability | firewall policies [54] | Distributed firewalls/Controllers |
Identity Theft | Unaccredited access to physical cloud storage, Untrusty cloud storage, data threat | SLA violation, security policies violation | Password based authentication scheme [55,56,57], privacy beach prevention [58] | key-based semantic secure Bloom filter (KSSBF), compact password-authenticated key exchange protocol (CompactPAKE), OTP,Evolutionary System Model based Privacy Preserving-(EMPPC) |
Risk Spoofing | Incapability of CSP’s monitoring, Untrusty cloud storage, data lock-in | Lack of internal security, logging violation | Monitoring secure data policies [59] | Symmetric Searchable Encryption (SSE) or Attribute-Based Encryption (ABE) |
Data Loss/Leakage | Incapability of CSP, continuous storage monitoring, lack of scalability | Malicious Insider, Malicious Cloud Storage Provider | Data encryption method, Public data auditing technique | |
Shared Technology issue | Unfair resource allocation strategy, no standard data storing format, Shared Technology Issue | VMs are become vulnerable due to loose control of a hypervisor | Virtual Machine Monitoring Scheme [65] | Xen, KVM |