Extrusion Detection of Illegal Files in Cloud-Based Systems

Hegarty, RC and Haggerty, J (2015) Extrusion Detection of Illegal Files in Cloud-Based Systems. International Journal of Space-Based and Situated Computing, 5 (3). pp. 150-158. ISSN 2044-4907

Preview

Available under License : See the attached licence file. Download (814kB) | Preview

Abstract

Cloud-based architectures have become the predominant paradigm for organisational infrastructure development due to the flexibility and scalability that these systems provide. However, issues around privacy and trust in such environments remain as has been demonstrated in recent attacks. There are two security challenges for cloud providers to resolve. First, they must ensure that only authorised downloads of potentially sensitive data can be made and they should have a means by which to detect any malicious activities. Second, any files that are uploaded to cloud providers must adhere to geographical legalities. Current security mechanisms employed in the cloud, such as firewalls and intrusion detection systems, find these issues problematic. This paper therefore presents a novel approach, XDet, for the extrusion detection of illegal files being maliciously uploaded to or downloaded from the cloud, which can be used in conjunction with other security countermeasures to ensure robust and secure cloud systems. This is achieved through the creation and detection of signatures from files of interest within the cloud network environment. The feasibility and performance study in this paper, whereby XDet has been applied to network traffic to detect files of interest, demonstrates the applicability of this approach.