Abstract

Cloud concepts such as resource sharing, outsourcing, and multi-tenancy create significant challenges to the security community. Also, trusted third party and web technologies based cloud service provisioning arises new security threats in the cloud environment. Cloud security has become a vital research area with new security models, protocols, and policies in recent years. Despite the fact, the existing cloud security research still faces the shortcomings in improving the detection accuracy and detecting the new or unknown attacks in the cloud. To address the constraints above, many security researchers have focused on developing cloud security models with the assistance of the machine learning methods. Machine learning techniques play a significant role in automatically discovering the potential difference between legitimate and malicious data with high accuracy. The deep learning is a branch of machine learning that provides remarkable performance in cloud security issues. This survey provides a comprehensive study of cloud security concerns, traditional security measures, and machine learning-based security solutions in the cloud environment. Initially, it identifies cloud vulnerabilities and presents state-of-the-art methods to control security threats, weaknesses, and attacks. This work also reviews the security solutions developed by machine learning and deep learning techniques for the cloud environment.

References

• Varghese, B. and Buyya, R., “Next generation cloud computing: New trends and research directions”, Future Generation Computer Systems, Vol.79, pp.849-861, 2018
• Almorsy, M., Grundy, J. and Müller, I., “An analysis of the cloud computing security problem”, arXiv preprint arXiv:1609.01107, 2016
• Singh, S., Jeong, Y.S. and Park, J.H., “A survey on cloud computing security: Issues, threats, and solutions”, Journal of Network and Computer Applications, Vol.75, pp.200-222, 2016
• Mishra, P., Pilli, E.S., Varadharajan, V. and Tupakula, U., “Intrusion detection techniques in cloud environment: A survey”, Journal of Network and Computer Applications, Vol.77, pp.18-47, 2017
• Liu, H. and Lang, B., “Machine Learning and Deep Learning Methods for Intrusion Detection Systems: A Survey”, Applied Sciences, Vol.9, No.20, p.4396, 2019
• Kumar, R.S.S., Wicker, A. and Swann, M., “Practical machine learning for cloud intrusion detection: challenges and the way forward”, In Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security, pp.81-90, 2017
• Zekri, M., El Kafhali, S., Aboutabit, N. and Saadi, Y., “DDoS attack detection using machine learning techniques in cloud computing environments”, IEEE 3rd International Conference of Cloud Computing Technologies and Applications (CloudTech), pp.1-7, 2017
• Xin, Y., Kong, L., Liu, Z., Chen, Y., Li, Y., Zhu, H., Gao, M., Hou, H. and Wang, C., “Machine learning and deep learning methods for cybersecurity”, IEEE Access, Vol.6, pp.35365-35381, 2018
• Khorshed, M.T., Ali, A.S. and Wasimi, S.A., “A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing”, Future Generation computer systems, Vol.28, No.6, pp.833-851, 2012
• Wani, A.R., Rana, Q.P., Saxena, U. and Pandey, N., “Analysis and Detection of DDoS Attacks on Cloud Computing Environment using Machine Learning Techniques”, IEEE Amity International Conference on Artificial Intelligence (AICAI), pp.870-875, 2019
• Pitropakis, N., Panaousis, E., Giannetsos, T., Anastasiadis, E. and Loukas, G., “A taxonomy and survey of attacks against machine learning”, Computer Science Review, Vol.34, p.100199, 2019
• Papernot, N., McDaniel, P., Sinha, A. and Wellman, M., “Towards the science of security and privacy in machine learning”, arXiv preprint arXiv:1611.03814, 2016
• Khan, M.A., “A survey of security issues for cloud computing”, Journal of network and computer applications, Vol.71, pp.11-29, 2016
• Dahbur, K., Mohammad, B. and Tarakji, A.B., “A survey of risks, threats and vulnerabilities in cloud computing”, In Proceedings of the 2011 International conference on intelligent semantic Web-services and applications, pp.1-6, 2011
• Singh, A. and Chatterjee, K., “Cloud security issues and challenges: A survey”, Journal of Network and Computer Applications, Vol.79, pp.88-115, 2017
• Zeadally, S., Yu, B., Jeong, D.H. and Liang, L., “Detecting insider threats: Solutions and trends” Information security journal: A global perspective, Vol.21, No.4, pp.183-192, 2012
• Hong, J.B., Nhlabatsi, A., Kim, D.S., Hussein, A., Fetais, N. and Khan, K.M., “Systematic identification of threats in the cloud: A survey”, Computer Networks, Vol.150, pp.46-69, 2019
• Kumar, R. and Goyal, R., “On cloud security requirements, threats, vulnerabilities and countermeasures: A survey”, Computer Science Review, Vol.33, pp.1-48, 2019
• Juliadotter, N.V. and Choo, K.K.R., “Cloud attack and risk assessment taxonomy”, IEEE Cloud Computing, Vol.2, No.1, pp.14-20, 2015
• Alarqan, M.A., Zaaba, Z.F. and Almomani, A., “Detection Mechanisms of DDoS Attack in Cloud Computing Environment: A Survey”, In International Conference on Advances in Cyber Security, Springer, pp.138-152, 2019
• Lin, W.C., Ke, S.W. and Tsai, C.F., “CANN: An intrusion detection system based on combining cluster centers and nearest neighbors”, Knowledge-based systems, Vol.78, pp.13-21, 2015
• Elhag, S., Fernández, A., Bawakid, A., Alshomrani, S. and Herrera, F., “On the combination of genetic fuzzy systems and pairwise learning for improving detection rates on intrusion detection systems”, Expert Systems with Applications, Vol.42, No.1, pp.193-202, 2015
• Buczak, A.L. and Guven, E., “A survey of data mining and machine learning methods for cyber security intrusion detection”, IEEE Communications surveys & tutorials, Vol.18, No.2, pp.1153-1176, 2016
• Kwon, D., Kim, H., Kim, J., Suh, S.C., Kim, I. and Kim, K.J., “A survey of deep learning-based network anomaly detection”, Cluster Computing, pp.1-13, 2017
• Hochenbaum, J., Vallis, O.S. and Kejariwal, A., “Automatic anomaly detection in the cloud via statistical learning”, arXiv preprint arXiv:1704.07706, 2017
• Gulenko, A., Wallschläger, M., Schmidt, F., Kao, O. and Liu, F., “Evaluating machine learning algorithms for anomaly detection in clouds”, IEEE International Conference on Big Data (Big Data), pp.2716-2721, 2016
• Habeeb, R.A.A., Nasaruddin, F., Gani, A., Hashem, I.A.T., Ahmed, E. and Imran, M., “Real-time big data processing for anomaly detection: A Survey. International Journal of Information Management, Vol.45, pp.289-307, 2019
• Jia, W., Shukla, R.M. and Sengupta, S., “Anomaly Detection using Supervised Learning and Multiple Statistical Methods”, 18th IEEE International Conference On Machine Learning And Applications (ICMLA), pp.1291-1297, 2019
• Salman, T., Bhamare, D., Erbad, A., Jain, R. and Samaka, M., “Machine learning for anomaly detection and categorization in multi-cloud environments”, IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud), pp.97-103, 2017
• Wang, G., Yang, J. and Li, R., “Imbalanced SVM‐Based Anomaly Detection Algorithm for Imbalanced Training Datasets”, Etri Journal, Vol.39, No.5, pp.621-631, 2017
• Alguliyev, R.M., Aliguliyev, R.M. and Abdullayeva, F.J., “Hybridisation of classifiers for anomaly detection in big data”, International Journal of Big Data Intelligence, Vol.6, No.1, pp.11-19, 2019
• Watson, M.R., Marnerides, A.K., Mauthe, A. and Hutchison, D., “Malware detection in cloud computing infrastructures”, IEEE Transactions on Dependable and Secure Computing, Vol.13, No.2, pp.192-205, 2015
• Wang, G., Yang, J. and Li, R., “An anomaly detection framework based on ICA and Bayesian classification for IaaS platforms”, KSII Transactions on Internet and Information Systems (TIIS), Vol.10, No.8, pp.3865-3883, 2016
• Hosseini, S. and Azizi, M., “The hybrid technique for DDoS detection with supervised learning algorithms”, Computer Networks, Vol.158, pp.35-45, 2019
• Gai, K., Qiu, M. and Elnagdy, S.A., “Security-aware information classifications using supervised learning for cloud-based cyber risk management in financial big data”, IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security (IDS), pp.197-202, 2016
• Ariyaluran Habeeb, R.A., Nasaruddin, F., Gani, A., Amanullah, M.A., Abaker Targio Hashem, I., Ahmed, E. and Imran, M., “Clustering‐based real‐time anomaly detection—A breakthrough in big data technologies”, Transactions on Emerging Telecommunications Technologies, p.e3647, 2019
• Elsner, D., Aleatrati Khosroshahi, P., MacCormack, A.D. and Lagerström, R., “Multivariate Unsupervised Machine Learning for Anomaly Detection in Enterprise Applications”, In Proceedings of the 52nd Hawaii International Conference on System Sciences, 2019
• Gander, M., Felderer, M., Katt, B., Tolbaru, A., Breu, R. and Moschitti, A., “Anomaly detection in the cloud: Detecting security incidents via machine learning”, InInternational Workshop on Eternal Systems, Springer, pp.103-116, 2012
• Abdelsalam, M., Krishnan, R. and Sandhu, R., “Clustering-based IaaS cloud monitoring”, IEEE 10th International Conference on Cloud Computing (CLOUD), pp.672-679, 2017
• Zhang, X., Meng, F. and Xu, J., “Perfinsight: A robust clustering-based abnormal behavior detection system for large-scale cloud”, IEEE 11th International Conference on Cloud Computing (CLOUD), pp.896-899, 2018
• Sauvanaud, C., Silvestre, G., Kaâniche, M. and Kanoun, K., “Data stream clustering for online anomaly detection in cloud applications”, IEEE 11th European Dependable Computing Conference (EDCC), pp.120-131, 2015
• Kim, H., Kim, J., Kim, Y., Kim, I. and Kim, K.J., “Design of network threat detection and classification based on machine learning on cloud computing”, Cluster Computing, Vol.22, No.1, pp.2341-2350, 2019
• Nedelkoski, S., Cardoso, J. and Kao, O., “Anomaly Detection and Classification using Distributed Tracing and Deep Learning”, 2018
• Garg, S., Kaur, K., Kumar, N., Kaddoum, G., Zomaya, A.Y. and Ranjan, R., “A hybrid deep learning-based model for anomaly detection in cloud datacenter networks”, IEEE Transactions on Network and Service Management, Vol.16, No.3, pp.924-935, 2019
• Garg, S., Kaur, K., Batra, S., Aujla, G.S., Morgan, G., Kumar, N., Zomaya, A.Y. and Ranjan, R., “En-ABC: An ensemble artificial bee colony based anomaly detection scheme for cloud environment”, Journal of Parallel and Distributed Computing, Vol.135, pp.219-233, 2020
• Alrawashdeh, K. and Purdy, C., “Toward an online anomaly intrusion detection system based on deep learning”, 15th IEEE International Conference on Machine Learning and Applications (ICMLA), pp.195-200, 2016
• Yang, Z.X., Qin, X.L., Li, W.R. and Yang, Y.J., “A DDoS detection approach based on CNN in cloud computing”, In Applied Mechanics and Materials, Vol.513, pp.579-584, 2014
• Wang, M., Lu, Y. and Qin, J., “A dynamic MLP-based DDoS attack detection method using feature selection and feedback”, Computers & Security, Vol.88, p.101645, 2020
• Wen, T. and Keyes, R., “Time Series Anomaly Detection Using Convolutional Neural Networks and Transfer Learning”, arXiv preprint arXiv:1905.13628, 2019
• Vercruyssen, V., Meert, W. and Davis, J., “Transfer learning for time series anomaly detection”, In CEUR Workshop Proceedings, Vol.1924, pp.27-37, 2017
• Zhao, J., Shetty, S. and Pan, J.W., “Feature-based transfer learning for network security”, In MILCOM 2017-2017 IEEE Military Communications Conference (MILCOM), pp.17-22, 2017
• Zhao, J., Shetty, S., Pan, J.W., Kamhoua, C. and Kwiat, K., “Transfer learning for detecting unknown network attacks”, EURASIP Journal on Information Security, Vol.2019, No.1, p.1, 2019
• Zhang, X., Kim, J., Lin, Q., Lim, K., Kanaujia, S.O., Xu, Y., Jamieson, K., Albarghouthi, A., Qin, S., Freedman, M.J. and Xiong, Y., “Cross-dataset time series anomaly detection for cloud systems”, In 2019 {USENIX} Annual Technical Conference ({USENIX}{ATC} 19), pp.1063-1076, 2019.
• Samreen, F., Blair, G.S. and Elkhatib, Y., “Transferable Knowledge for Low-cost Decision Making in Cloud Environments”, arXiv preprint arXiv:1905.02448, 2019