Characterization and Risk Assessment of Cyber Security Threats in Cloud Computing: A Comparative Evaluation of Mitigation Techniques
Journal Title: Acadlore Transactions on AI and Machine Learning - Year 2024, Vol 3, Issue 2
Abstract
Advancements in information technology have significantly enhanced productivity and efficiency through the adoption of cloud computing, yet this adoption has also introduced a spectrum of security threats. Effective cybersecurity mitigation strategies are imperative to minimize the impact on cloud infrastructure and ensure reliability. This study seeks to categorize and assess the risk levels of cybersecurity threats in cloud computing environments, providing a comprehensive characterization based on eleven major causes, including natural disasters, loss of encryption keys, unauthorized login access, and others. Using fuzzy set theory to analyze uncertainties and model threats, threats were identified, prioritized, and categorized according to their impact on cloud infrastructure. A high level of data loss was revealed in five key features, such as encryption key compromise and unauthorized login access, while a lower impact was observed in unknown cloud storage and exposure to sensitive data. Seven threat features, including encryption key loss and operating system failure, were found to significantly contribute to data breaches. In contrast, others like virtual machine sharing and impersonation, exhibited lower risk levels. A comparative analysis of threat mitigation techniques determined Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service and Elevation of Privilege (STRIDE) as the most effective methodology with a score of 59, followed by Quality Threat Modeling Methodology (QTMM) (57), Common Vulnerability Scoring System (CVSS) (51), Process for Attack Simulation and Threat Analysis (PASTA) (50), and Persona non-Grata (PnG) (47). Attack Tree and Hierarchical Threat Modeling Methodology (HTMM) each achieved 46, while Linkability, Identifiablility, Nonrepudiation, Detectability, Disclosure of Information, Unawareness and Noncompliance (LINDDUN) scored 45. These findings underscore the value of fuzzy set theory in tandem with threat modeling to categorize and assess cybersecurity risks in cloud computing. STRIDE is recommended as an effective modeling technique for cloud environments. This comprehensive analysis provides critical insights for organizations and security experts, empowering them to proactively address recurring threats and minimize disruptions to daily operations.
Authors and Affiliations
Oludele Awodele,Chibueze Ogbonna,Emmanuel O. Ogu,Johnson O. Hinmikaiye,Jide E. T. Akinsola
Keywords
Related Articles
- EP ID EP740742
- DOI -
- Views 64
- Downloads 0
Diagnosis of Chronic Kidney Disease Based on CNN and LSTM
Kidney plays an extremely important role in human health, and one of its important tasks is to purify the blood from toxic substances. Chronic Kidney Disease (CKD) means that kidney begins to lose its function gradually...
Innovative Hybrid Deep Learning Models for Financial Sentiment Analysis
This study explores hybrid deep learning architectures for the classification of financial sentiment, focusing on the integration of the Convolutional Neural Network (CNN) with the Support Vector Machine (SVM) and the Ra...
Comparative Analysis of Machine Learning Algorithms for Sentiment Analysis in Film Reviews
Sentiment analysis, a crucial component of natural language processing (NLP), involves the classification of subjective information by extracting emotional content from textual data. This technique plays a significant ro...
Advanced Hybrid Segmentation Model Leveraging AlexNet Architecture for Enhanced Liver Cancer Detection
Liver cancer, one of the rapidly escalating forms of cancer, remains a principal cause of mortality globally. Its death rates can be attenuated through vigilant monitoring and early detection. This study aims to develop...
Automated Identification of Insect Pests: A Deep Transfer Learning Approach Using ResNet
In the realm of agriculture, crop yields of fundamental cereals such as rice, wheat, maize, soybeans, and sugarcane are adversely impacted by insect pest invasions, leading to significant reductions in agricultural outpu...