Method for Cyber Threats Detection and Identification in Modern Cloud Services

Abstract

AbstractToday cloud technologies and their applications are implementing in various ICT infrastructures. It has led to increased attention to the problems of cyber threats, the growth of which is inseparably linked with the growth of ICT. In this paper the analysis of the existing models, systems and methods for cyber threats detection was carried out for their disadvantages defining. A model of cloud service has been developed; it allows to ensure the security of cloud service based on cloud computing and conduct appropriate simulations. Improved method for cyber threats detection has been developed, it allows to detect cyber threats in cloud services and classify them. The developed method was experimentally investigated using NSL-KDD data base as well as simulation tools RStudio and CloudSim. It was proved the correctness of its work and the possibility of application in cloud services as well as increase efficiency of cloud system security by 48.02%. In addition, a cloud service model has been developed that can be used to build cloud services based on the various cloud computing architecture. In the future, based on the proposed method and model, appropriate tools for detecting and classifying cyber threats in cloud services can be developed. It is significant because it can be autonomous functional unit of SIEM as well as other instrumental tools of CSIRT/SOC.KeywordsInformation technologyCloud ServiceInformation securityCyber threatDetectionIdentificationNSL-KDD