Defending Against Anomalies in Cloud Services and Live Migration

Abstract

The advent of the cloud is changing how we deploy software, use the Internet, and manage networks. Virtualisation in the cloud provides numerous benefits such as efficient fault tolerance, load balancing, resource optimisation, and proactive server maintenance. However, these advantages are offset by a change in the overall security posture and the introduction of new security issues. Such vulnerabilities can be used to perform a malicious activity in cloud environments, particularly when data is migrated across multi-cloud data centres. This thesis aims to reduce the impact of cloud-based attacks such as insider and outsider threats by developing novel, incrementally and independently deployable cloud-based security solutions using both proactive prevention and reactive detection techniques. The ability to locate and isolate malicious cloud attacks is critical for conducting necessary mitigation, at an early stage, to minimise the impact of the attack and restore cloud services quickly. This research provides three original contributions to the body of knowledge in the area of cyber-attacks against intrusion detection solutions. The first key contribution is the development of a new Transit Node Identification method for effectively detecting IP hijacking attacks and their malicious transit nodes. This method would allow countermeasures, such as automatic de-peering, to be proactively implemented in a timely manner. It also serves as an intelligent system for assessing and detecting early malicious activities for securing cloud operations. The second major contribution is the development of a new collaborative anomaly detection system for discovering insider and outsider attacks from cloud centres and their live migration process. The proposed system has been evaluated using different datasets and its performance compared with several anomaly detection methods to determine its effectiveness while deploying it at cloud data servers. The final key contribution is the development of a blockchain-based secure distributed mechanism for enabling privacy preservation immutable migration of virtual machines between multi-cloud service providers. We also proposed a new deep learning collaborative anomaly detection framework for detecting blockchain-based attacks and fraudulent transactions.