The cloud computing paradigm has become really popular, and its adoption is constantly increasing. Hence, also network activities and security alerts related to cloud services are increasing and are likely to become even more relevant in the upcoming years. In this paper, we propose the first characterization of real security alerts related to cloud activities and generated by a network sensor at the edge of a large network environment over several months. Results show that the characteristics of cloud security alerts differ from those that are not related to cloud activities. Moreover, alerts related to different cloud providers exhibit peculiar and different behaviors that can be identified through temporal analyses. The methods and results proposed in this paper are useful as a basis for the design of novel algorithms for the automatic analysis of cloud security alerts, that can be aimed at forecasting, prioritization, anomaly and state-change detection.
|Data di pubblicazione:||2015|
|Titolo:||The network perspective of cloud security|
|Autori:||Pierazzi, Fabio; Balboni, Andrea; Guido, Alessandro; Marchetti, Mirco|
|Digital Object Identifier (DOI):||10.1109/NCCA.2015.21|
|Data del convegno:||11-12 June 2015|
|Nome del convegno:||4th IEEE Symposium on Network Cloud Computing and Applications, NCCA 2015|
|Luogo del convegno:||Munich, Germany|
|Titolo del libro:||Proceedings - IEEE 4th Symposium on Network Cloud Computing and Applications, NCCA 2015|
|Appare nelle tipologie:||Relazione in Atti di Convegno|
I documenti presenti in Iris Unimore sono rilasciati con licenza Creative Commons Attribuzione - Non commerciale - Non opere derivate 3.0 Italia, salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris