The cloud computing paradigm has become really popular, and its adoption is constantly increasing. Hence, also network activities and security alerts related to cloud services are increasing and are likely to become even more relevant in the upcoming years. In this paper, we propose the first characterization of real security alerts related to cloud activities and generated by a network sensor at the edge of a large network environment over several months. Results show that the characteristics of cloud security alerts differ from those that are not related to cloud activities. Moreover, alerts related to different cloud providers exhibit peculiar and different behaviors that can be identified through temporal analyses. The methods and results proposed in this paper are useful as a basis for the design of novel algorithms for the automatic analysis of cloud security alerts, that can be aimed at forecasting, prioritization, anomaly and state-change detection.
The network perspective of cloud security / Pierazzi, Fabio; Balboni, Andrea; Guido, Alessandro; Marchetti, Mirco. - (2015), pp. 75-82. (Intervento presentato al convegno 4th IEEE Symposium on Network Cloud Computing and Applications, NCCA 2015 tenutosi a Munich, Germany nel 11-12 June 2015) [10.1109/NCCA.2015.21].
The network perspective of cloud security
PIERAZZI, FABIO;BALBONI, ANDREA;GUIDO, ALESSANDRO;MARCHETTI, Mirco
2015
Abstract
The cloud computing paradigm has become really popular, and its adoption is constantly increasing. Hence, also network activities and security alerts related to cloud services are increasing and are likely to become even more relevant in the upcoming years. In this paper, we propose the first characterization of real security alerts related to cloud activities and generated by a network sensor at the edge of a large network environment over several months. Results show that the characteristics of cloud security alerts differ from those that are not related to cloud activities. Moreover, alerts related to different cloud providers exhibit peculiar and different behaviors that can be identified through temporal analyses. The methods and results proposed in this paper are useful as a basis for the design of novel algorithms for the automatic analysis of cloud security alerts, that can be aimed at forecasting, prioritization, anomaly and state-change detection.File | Dimensione | Formato | |
---|---|---|---|
pierazzi_ncca2015.pdf
Accesso riservato
Descrizione: Articolo principale
Tipologia:
Versione pubblicata dall'editore
Dimensione
303.91 kB
Formato
Adobe PDF
|
303.91 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I metadati presenti in IRIS UNIMORE sono rilasciati con licenza Creative Commons CC0 1.0 Universal, mentre i file delle pubblicazioni sono rilasciati con licenza Attribuzione 4.0 Internazionale (CC BY 4.0), salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris