Cloud computing security: a taxonomy, threat detection and mitigation techniques

Abstract

ABSTRACT Cloud Computing is a rapidly growing emerging technology in the IT environment. Internet-based computing provides services like sharing resources e.g. network, storage, applications and software through the Internet. Cloud customers can access these services according to their need and pay only for those services which they utilize. Almost every industrial sector like banking, retail, education, healthcare, manufacturing and businesses is adopting cloud techniques within their enterprise either privately or in sharing with other enterprises. However, many security issues must be resolved because they are a barrier in adopting this fast-growing technology. This paper reviews various threats on cloud computing like distributed denial of service attack, spoofing attacks (e.g. ARP Spoofing, IP Spoofing, DNS Spoofing), man-in-the middle attack, data loss, data breach, reused IP address attack, malicious insiders, insecure interfaces & APIs etc. These security issues prevent users from adopting cloud services. This study presents various detection and prevention methods to address cloud security concerns. The effectiveness of each strategy is then analyzed based on its attributes, benefits and drawbacks. Deep learning and machine learning algorithms produce more precise findings for both known and unidentified attack patterns.