Cyber Threats to the Private Academic Cloud

Authors

  • Valerii Lakhno National University of Life and Environmental Sciences of Ukraine
  • Bakhytzhan Akhmetov Abai Kazakh National Pedagogical University
  • Olena Kryvoruchko State University of Trade and Economics
  • Vitalyi Chubaievskyi State University of Trade and Economics
  • Alona Desyatko State University of Trade and Economics http://orcid.org/0000-0002-2284-3418
  • Madina Bereke Abai Kazakh National Pedagogical University
  • Maria Shalabaeva Kazakh University Ways of Communications

Abstract

The potential breach of access to confidential content hosted in a university's Private Academic Cloud (PAC) underscores the need for developing new protection methods. This paper introduces a Threat Analyzer Software (TAS) and a predictive algorithm rooted in both an operational model and discrete threat recognition procedures (DTRPs). These tools aid in identifying the functional layers that attackers could exploit to embed malware in guest operating systems (OS) and the PAC hypervisor. The solutions proposed herein play a crucial role in ensuring countermeasures against malware introduction into the PAC. Various hypervisor components are viewed as potential threat sources to the PAC's information security (IS). Such threats may manifest through the distribution of malware or the initiation of processes that compromise the PAC's security. The demonstrated counter-threat method, which is founded on the operational model and discrete threat recognition procedures, facilitates the use of mechanisms within the HIPV to quickly identify cyber attacks on the PAC, especially those employing "rootkit" technologies. This prompt identification empowers defenders to take swift and appropriate actions to safeguard the PAC.

References

REFERENCES

Kiv, A. E., Shyshkina, M. P., Semerikov, S., Striuk, A. M., Striuk, M. I., & Shalatska, H. M. (2020, July). CTE 2019–When cloud technologies ruled the education. In Ceur workshop proceedings (Vol. 2643, pp. 1-59).

Paxton, N. C. (2016, November). Cloud security: a review of current issues and proposed solutions. In 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC) (pp. 452-455). IEEE.

Wang, Y., Deng, S., Lin, W. M., Zhang, T., & Yu, Y. (2010, October). Research of electric power information security protection on cloud security. In 2010 International Conference on Power System Technology (pp. 1-6). IEEE.

Lewis, K. (2017). Virtual private cloud security. In Computer and Information Security Handbook (pp. 937-942). Morgan Kaufmann.

Butt, U. A., Amin, R., Mehmood, M., Aldabbas, H., Alharbi, M. T., & Albaqami, N. (2023). Cloud security threats and solutions: A survey. Wireless Personal Communications, 128(1), 387-413.

©

The Author(s). This is an open-access article distributed under the terms of the Creative Commons Attribution License (CC BY https://creativecommons.org/licenses/by/4.0/), which permits use, distribution, and reproduction in any medium, provided that the Article is properly cited.

0, V. LAKHNO, B. AKHMETOV, O. KRYVORUCHKO, V. CHUBAIEVSKYI, A. DESIATKO, M. BEREKE AND M. SHALABAEVA

Chavan, P., Patil, P., Kulkarni, G., Sutar, R., & Belsare, S. (2013, December). IaaS cloud security. In 2013 International Conference on Machine Intelligence and Research Advancement (pp. 549-553). IEEE.

Vaquero, L. M., Rodero-Merino, L., & Morán, D. (2011). Locking the sky:

a survey on IaaS cloud security. Computing, 91, 93-118.

Velev, D., & Zlateva, P. (2011). Cloud infrastructure security. In Open Research Problems in Network Security: IFIP WG 11.4 International Workshop, iNetSec 2010, Sofia, Bulgaria, March 5-6, 2010, Revised Selected Papers (pp. 140-148). Springer Berlin Heidelberg.

Kankhare, D. D., & Manjrekar, A. A. (2016, December). A cloud based system to sense security vulnerabilities of web application in open-source private cloud IAAS. In 2016 International Conference on Electrical, Electronics, Communication, Computer and Optimization Techniques (ICEECCOT) (pp. 252-255). IEEE.

Rajesh, M. (2017). A systematic review of cloud security challenges in higher education. The Online Journal of Distance Education and eLearning, 5(1).

Alimboyong, C. R., & Bucjan, M. E. (2021). Cloud Computing Adoption among State Universities and Colleges in the Philippines: Issues and Challenges. International Journal of Evaluation and Research in Education, 10(4), 1455-1461.

Chatterjee, P., Mukherjee, S., Bose, R., & Roy, S. (2021). A Review on Information Security in Cloud Based System during Covid-19 pandemic. Brainwave, Brainware University, 2(1), 60-69.

Najm, Y. A., Alsamaraee, S., & Jalal, A. A. (2022). Cloud computing security for e-learning during COVID-19 pandemic. Indonesian Journal of Electrical Engineering and Computer Science, 27(3), 1610-1618.

Hui, S. C., Kwok, M. Y., Kong, E. W., & Chiu, D. K. (2023). Information security and technical issues of cloud storage services: a qualitative study on university students in Hong Kong. Library Hi Tech.

Mulyar, I. V., Miroshnichenko, O. V., Krasnik, A. V., & Solodeeva, L. V. (2018). Protection against hidden threats in the cloud computing environment. Collection of scientific works of the Military Institute of Taras Shevchenko Kyiv National University, (59), 115-126.

Molyakov, A. S., Zaborovsky, V. S., & Lukashin, A. A. (2015). Model of hidden IT security threats in the cloud computing environment. Automatic Control and Computer Sciences, 49, 741-744.

Molyakov, A. S. (2014). Means of countering hidden threats to information security in the cloud computing environment (Doctoral dissertation, St. Petersburg State Polytechnic University).

Zaborovsky, V.S. and Lukashin, A.A., High performance protected cloud, Otkrytye Sist., SUBD, 2013, no. 6, pp. 10–13

Lakhno, V., Kazmirchuk, S., Kovalenko, Y., Myrutenko, L., Zhmurko, T. Design of adaptive system of detection of cyber-attacks, based on the model of logical procedures and the coverage matrices of features (2016) Eastern-European Journal of Enterprise Technologies, 3 (9), pp. 30-38.

Lakhno, V. et al. (2023). The Model of Server Virtualization System Protection in the Educational Institution Local Network. In: Shakya, S., Papakostas, G., Kamel, K.A. (eds) Mobile Computing and Sustainable Informatics. Lecture Notes on Data Engineering and Communications Technologies, vol 166. Springer, Singapore. https://doi.org/10.1007/978981-99-0835-6_33

Lakhno, V., Akhmetov, B., Mohylnyi, H., Blozva, A., Chubaievskyi, V., Kryvoruchko, O., & Desiatko, A. (2022). Multi-criterial optimization composition of cyber security circuits based on genetic algorithm. Journal of Theoretical and Applied Information Technology, 100(7), 1996-2006. ISSN 1992864

B.S. Akhmetov, V. Lakhno, B.B. Akhmetov, A. Zhilkishbayev, N. Izbasova, O. Kryvoruchko, A. Desiatko, Application of a Genetic Algorithm for the Selection of the Optimal Composition of Protection Tools of the Information and Educational System of the University, Procedia Computer Science, Volume 215, 2022, Pages 598-607, ISSN 1877-0509, https://doi.org/10.1016/j.procs.2022.12.062.

Valerii Lakhno, Zhuldyz Alimseitova, Yerbolat Kalaman, Olena Kryvoruchko, Alona Desiatko, and Serhii Kaminskyi. Development of an Information Security System Based on Modeling Distributed Computer Network Vulnerability Indicators of an Informatization Object. International Journal of Electronics and Telecommunications, 2023, VOL. 69, NO. 3, PP. 475-483 10.24425/ijet.2023.146495

Lakhno, V. et al. (2021). Information Security Audit Method Based on the Use of a Neuro-Fuzzy System. In: Silhavy, R., Silhavy, P., Prokopova, Z. (eds) Software Engineering Application in Informatics. CoMeSySo 2021. Lecture Notes in Networks and Systems, vol 232. Springer, Cham. https://doi.org/10.1007/978-3-030-90318-3_17

Additional Files

Published

2024-06-20

Issue

Vol. 70 No. 2 (2024)

Section

Cryptography and Cybersecurity

License

Copyright (c) 2024 International Journal of Electronics and Telecommunications

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

1. License

The non-commercial use of the article will be governed by the Creative Commons Attribution license as currently displayed on https://creativecommons.org/licenses/by/4.0/.

2. Author’s Warranties

The author warrants that the article is original, written by stated author/s, has not been published before, contains no unlawful statements, does not infringe the rights of others, is subject to copyright that is vested exclusively in the author and free of any third party rights, and that any necessary written permissions to quote from other sources have been obtained by the author/s. The undersigned also warrants that the manuscript (or its essential substance) has not been published other than as an abstract or doctorate thesis and has not been submitted for consideration elsewhere, for print, electronic or digital publication.

3. User Rights

Under the Creative Commons Attribution license, the author(s) and users are free to share (copy, distribute and transmit the contribution) under the following conditions: 1. they must attribute the contribution in the manner specified by the author or licensor, 2. they may alter, transform, or build upon this work, 3. they may use this contribution for commercial purposes.

4. Rights of Authors

Authors retain the following rights:

- copyright, and other proprietary rights relating to the article, such as patent rights,

- the right to use the substance of the article in own future works, including lectures and books,

- the right to reproduce the article for own purposes, provided the copies are not offered for sale,

- the right to self-archive the article

- the right to supervision over the integrity of the content of the work and its fair use.

5. Co-Authorship

If the article was prepared jointly with other authors, the signatory of this form warrants that he/she has been authorized by all co-authors to sign this agreement on their behalf, and agrees to inform his/her co-authors of the terms of this agreement.

6. Termination

This agreement can be terminated by the author or the Journal Owner upon two months’ notice where the other party has materially breached this agreement and failed to remedy such breach within a month of being given the terminating party’s notice requesting such breach to be remedied. No breach or violation of this agreement will cause this agreement or any license granted in it to terminate automatically or affect the definition of the Journal Owner. The author and the Journal Owner may agree to terminate this agreement at any time. This agreement or any license granted in it cannot be terminated otherwise than in accordance with this section 6. This License shall remain in effect throughout the term of copyright in the Work and may not be revoked without the express written consent of both parties.

7. Royalties

This agreement entitles the author to no royalties or other fees. To such extent as legally permissible, the author waives his or her right to collect royalties relative to the article in respect of any use of the article by the Journal Owner or its sublicensee.

8. Miscellaneous

The Journal Owner will publish the article (or have it published) in the Journal if the article’s editorial process is successfully completed and the Journal Owner or its sublicensee has become obligated to have the article published. Where such obligation depends on the payment of a fee, it shall not be deemed to exist until such time as that fee is paid. The Journal Owner may conform the article to a style of punctuation, spelling, capitalization and usage that it deems appropriate. The Journal Owner will be allowed to sublicense the rights that are licensed to it under this agreement. This agreement will be governed by the laws of Poland.

By signing this License, Author(s) warrant(s) that they have the full power to enter into this agreement. This License shall remain in effect throughout the term of copyright in the Work and may not be revoked without the express written consent of both parties.