A Model for Detecting Information Technology Infrastructure Policy Violations in a Cloud Environment

No Thumbnail Available

Date

2019-09

Journal Title

Journal ISSN

Volume Title

Publisher

The International Journal Of Science And Technoledge

Abstract

The pervasiveness of the internet and available connectivity solutions brought about by cloud computing has led to unprecedented increase in technologies built based on information technology infrastructures. Most organizations consider the deployment of different types of protection systems to curb the various malicious activities. Organizations offer sophisticated monitoring and reporting capabilities to identify attacks against cloud environment, while stopping multiple classes of attacks before they successful interfere with network activities. Users with ill intentions have increasingly used the cloud as an attack vector due to its ubiquity, scalability and open nature despite the existence of policy violation detection systems necessitating the need to strengthen access policies from time to time. Policy violation detection plays a major role in information security by providing a systematic way of detection and interpreting attacks. Some of the known weaknesses of most detection tools are the generation of false positives or false alerts and inability to perform analysis if traffic is encrypted as well as failure to detect and prevent attacks. This research paper was concerned with the investigation of weaknesses of firewall and Intrusion Detection system (IDS) which are supported by the cloud. The research design for the paper was based on the mixed methods. Experimental results revealed weakness in existing systems specifically IDS and firewall. Unlike the existing systems, new model designed to overcome the shortfall was able to detect both known and unknown attacks and signatures. Moreover, the model was capable of preventing the occurrence of false positives, and terminates suspicious nodes in real time without human intervention. Based on the tests carried out, it was recommended that Policy violation detection model be implemented to guarantee protection. An additional area of application such as migration from one cloud to another is not achievable, at this moment because of the heterogeneous nature of the cloud. This is a potential area for investigation in future.

Description

Keywords

POVIDE model, policy violation, develop, cloud, detection, weaknesses, attacks

Citation

Oginga, R., Musau, F., & Maghanga, C. (2019). A Model for Detecting Information Technology Infrastructure Policy Violations in a Cloud Environment. The International Journal of Science & Technoledge, 7(9). https://doi.org/10.24940/theijst/2019/v7/i9/st1909-009