Abstract
Cloud computing is an emerging technology paradigm, enabling and facilitating the dynamic and versatile provision of computational resources and services. Even though the advantages offered by cloud computing are several, there still exist second thoughts on the security and privacy of the cloud services. Use of cloud services affects the security posture of organizations and critical infrastructures, therefore it is necessary that new threats and risks introduced by this new paradigm are clearly understood and mitigated. In this paper we focus on the insider threat in cloud computing, a topic which has not received research focus, as of now. We address the problem in a holistic way, differentiating between the two possible scenarios: a) defending against a malicious insider working for the cloud provider, and b) defending against an insider working for an organization which chooses to outsource parts or the whole IT infrastructure into the cloud. We identify the potential problems for each scenario and propose the appropriate countermeasures, in an effort to mitigate the problem.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Theoharidou, M., Kokolakis, S., Karyda, M., Kiountouzis, E.: The insider threat to Information Systems and the effectiveness of ISO 17799. Computers & Security 24(6), 472–484 (2005)
Bishop, M., Gates, C.: Defining the Insider Threat. In: Proc. of the 4th Annual Workshop on Cyber Security and Information Intelligence Research, Tennessee, vol. 288 (2008)
Shaw, E., Ruby, K., Post, J.: The insider threat to information systems: The psychology of the dangerous insider. Security Awareness Bulletin 2, 1–10 (1988)
Armbrust, M., Fox, A., Griffith, R., Joseph, A., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., Zaharia, M.: Above the Clouds: A Berkeley View of Cloud Computing. UCB/EECS-2009-28. Univ. of California at Berkley, USA (2009)
Kandias, M., Mylonas, A., Theoharidou, M., Gritzalis, D.: Exploitation of auctions for outsourcing security-critical projects. In: Proc. of the 16th IEEE Symposium on Computers and Communications (ISCC 2011), Greece (2011)
Anderson, J.: Computer security threat monitoring and surveillance. Technical Report, J. Anderson Company, Pennsylvania (1980)
Schultz, E.: A framework for understanding and predicting insider attacks. Computers & Security 21(6), 526–531 (2002)
Thompson, P.: Weak models for insider threat detection. In: Proc. of the Defense and Security Symposium, Florida (2004)
Bradford, P., Hu, N.: A layered approach to insider threat detection and proactive forensics. In: Proc. of the 21st Annual Computer Security Applications Conference (2005)
Eberle, W., Holder, L.: Insider threat detection using graph-based approaches. In: Proc. of the Cybersecurity Applications and Technology Conference for Homeland Security, pp. 237–241. IEEE Computer Society (2009)
Spitzner, L.: Honeypots: Catching the insider threat. In: Proc. of the 19th Annual Computer Security Applications Conference, USA, (2003)
Debar, H., Dacier, M., Wespi, A.: A Revised Taxonomy for Intrusion Detection Systems. Annales des Teecommunications 55(7-8), 361–378 (2000)
Nguyen, N.T., Reiher, P.L., Kuenning, G.: Detecting Insider Threats by Monitoring System Call Activity. In: Proc. of the IEEE Workshop on Information Assurance, pp. 45–52 (2003)
Salem, M., Hershkop, S., Stolfo, S.J.: A Survey of Insider Attack Detection Research. In: Insider Attack and Cyber Security, vol. 39, pp. 69–90 (2008)
Magklaras, G., Furnell, S.: Insider Threat Prediction Tool: Evaluating the probability of IT misuse. Computers & Security 21(1), 62–73 (2002)
Magklaras, G., Furnell, S.: A preliminary model of end user sophistication for insider threat prediction in it systems. Computers and Security 24, 371–380 (2005)
Magklaras, G., Furnell, S.: Towards an insider threat prediction specification language. Information Management & Computer Security 14(4), 361–381 (2006)
Althebyan, Q., Panda, B.: A knowledge-base model for insider threat prediction. In: Proc. of the IEEE Workshop on Information Assurance and Security, USA, pp. 239–246 (2007)
Wang, H., Liu, S., Zhang, X.: A prediction model of insider threat based on multi-agent. In: Proc. of the 1st International Symposium on Pervasive Computing and Applications (2006)
Yaseen, Q., Panda, B.: Knowledge Acquisition and Insider Threat Prediction in Relational Database Systems. In: Proc. of the International Workshop on Software Security Processes, Canada, pp. 450–455 (2009)
Mun, H., Han, K., Yeun, C., Kim, K.: Yet another intrusion detection system against insider attacks. In: Proc. of the SCIS 2008 (2008)
Kandias, M., Mylonas, A., Virvilis, N., Theoharidou, M., Gritzalis, D.: An Insider Threat Prediction Model. In: Katsikas, S., Lopez, J., Soriano, M. (eds.) TrustBus 2010. LNCS, vol. 6264, pp. 26–37. Springer, Heidelberg (2010)
Parrilli, D.: Legal Issues in Grid and Cloud Computing. In: Stanoevska-Slabeva, K., Wozniak, T., Ristol, R. (eds.) Grid and Cloud Computing: A Business Perspective on Technology and Applications, pp. 97–118. Springer, Berlin (2010)
Claessens, J., Preneel, B., Vandewalle, J. (How) can mobile agents do secure electronic transactions on untrusted hosts? A survey of the security issues and the current solutions. ACM Transactions on Internet Technology 3(1), 28–48 (2003)
Johnson, C.: CyberSafety: On the Interactions between Cyber Security and the Software Engineering of Safety-Critical Systems
Mather, T., Kumaraswamy, S., Latif, S.: Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance (Theory in Practice). O’Reilly Media, USA (2009)
Gritzalis, D., Theoharidou, M., Kalimeri, E.: Towards an interdisciplinary information security education model. In: Proc. of the 4th World Conference on Information Security Education (WISE-4), Moscow (May 2005)
Iliadis, J., Gritzalis, D., Spinellis, D., Preneel, B., Katsikas, S.: Evaluating certificate status information mechanisms. In: Proc. of the 7th ACM Computer and Communications Security Conference (CCS 2000), pp. 1–9. ACM Press (October 2000)
Mylonas, A., Dritsas, S., Tsoumas, V., Gritzalis, D.: Smartphone Security Evaluation - The Malware Attack Case. In: Proc. of the 8th International Conference on Security and Cryptography (SECRYPT 2011), Spain, pp. 25–36 (July 2011)
Lekkas, D., Gritzalis, D.: Long-term verifiability of healthcare records authenticity. International Journal of Medical Informatics 76(5-6), 442–448 (2006)
Theoharidou, M., Kotzanikolaou, P., Gritzalis, D.: Risk-Based Criticality Analysis. In: Palmer, C., Shenoi, S. (eds.) Critical Infrastructure Protection III. IFIP AICT, vol. 311, pp. 35–49. Springer, Heidelberg (2009)
Lambrinoudakis, C., Gritzalis, D., Tsoumas, V., Karyda, M., Ikonomopoulos, S.: Secure electronic voting: The current landscape. In: Gritzalis, D. (ed.) Secure Electronic Voting, pp. 110–122. Kluwer, USA (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kandias, M., Virvilis, N., Gritzalis, D. (2013). The Insider Threat in Cloud Computing. In: Bologna, S., Hämmerli, B., Gritzalis, D., Wolthusen, S. (eds) Critical Information Infrastructure Security. CRITIS 2011. Lecture Notes in Computer Science, vol 6983. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41476-3_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-41476-3_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41475-6
Online ISBN: 978-3-642-41476-3
eBook Packages: Computer ScienceComputer Science (R0)