A System for Detecting Malicious Insider Data Theft in IaaS Cloud Environments

Authors

Jason Nikolai, Dakota State University
Yong Wang, Dakota State University

Document Type

Conference Proceeding

Publication Date

12-2016

Abstract

The Cloud Security Alliance lists data theft and insider attacks as critical threats to cloud security. Our work puts forth an approach using a train, monitor, detect pattern which leverages a stateful rule based k-nearest neighbors anomaly detection technique and system state data to detect inside attacker data theft on Infrastructure as a Service (IaaS) nodes. We posit, instantiate, and demonstrate our approach using the Eucalyptus cloud computing infrastructure where we observe a 100 percent detection rate for abnormal login events and data copies to outside systems.

Recommended Citation

Nikolai, Jason and Wang, Yong, "A System for Detecting Malicious Insider Data Theft in IaaS Cloud Environments" (2016). Faculty Research & Publications. 3.
https://scholar.dsu.edu/ccspapers/3