Internati
o
nal
Journal of Ele
c
trical
and Computer
Engineering
(IJE
CE)
V
o
l.
5, N
o
. 1
,
Febr
u
a
r
y
201
5,
pp
. 13
6
~
14
1
I
S
SN
: 208
8-8
7
0
8
1
36
Jo
urn
a
l
h
o
me
pa
ge
: h
ttp
://iaesjo
u
r
na
l.com/
o
n
lin
e/ind
e
x.ph
p
/
IJECE
Mitigation of Insider Attacks through Multi-Cloud
T. Gun
a
se
kh
ar, K.
Thirup
athi Rao,
V Kri
s
hna
Re
dd
y,
P
.
S
a
i kiran, B
.
Thirumala Rao
Dept of CSE, K
L University
. Andhra Pradesh
,
In
dia
Email: tgunasek
h
ar@kluniversity
.in
1
, kthirupath
irao@kluniversity
.in
2
Article Info
A
B
STRAC
T
Article histo
r
y:
Received Sep 16, 2014
Rev
i
sed
No
v 7, 201
4
Accepte
d Dec 5, 2014
The malicious
insider can be an
emplo
y
ees, user and/or
third
party
business
partner
.
In clou
d environm
ent,
cli
e
nts m
a
y
stor
e sensitive data about their
organization in cloud
data
centers. The cloud service prov
ider s
hould ensure
integrity
, secur
i
ty
, access c
ontrol and confidentiality
a
bout th
e stored data at
cloud dat
a
cen
ters. The m
a
liciou
s
insi
ders can perform
stealing
on sensitive
data at cloud sto
r
age
and
at org
a
nizati
ons. Most
of the organizations ignoring
the insid
e
r a
tta
c
k
becaus
e
it
is h
a
rder
to
det
e
c
t
a
nd m
itigat
e.
Thi
s
is a m
a
jor
emerging problem at th
e
cloud
data cent
ers as well as
in
organ
i
zations.
I
n
this paper
,
we
proposed a method that
ensures security
, integ
r
ity
,
access
control and
con
f
identi
al
it
y
on sensitive d
a
t
a
of cloud cl
ients b
y
em
plo
y
in
g
m
u
lti cloud serv
ice provid
e
rs. T
h
e organization
should encr
y
p
t t
h
e sensitive
data with
their s
ecurity
policy
an
d pro
cedur
es
an
d s
t
ore
the
enc
r
ypted d
a
ta
in
trusted cloud. The key
s
which are used during encr
y
p
tion pro
ces
s are again
encr
y
p
ted and s
t
ored in
anoth
e
r
cloud
ar
ea. So that org
a
nization contains
only
key
s
for key
s
of encr
y
p
ted data.
The Administrator of organization also
does not know what data kept
in cloud ar
ea and
if he accesses th
e data, easily
caught during
th
e auditing. Hen
c
e, th
e
only
auth
orized used can
access the
data
and use it
and we can mitigate
in
sider
attacks b
y
prov
idin
g restricted
privileg
e
s.
Keyword:
Attacks
Co
nfid
en
tial
Insi
der
In
tellectu
a
l Prop
erty
sabotage
Copyright ©
201
5 Institut
e
o
f
Ad
vanced
Engin
eer
ing and S
c
i
e
nce.
All rights re
se
rve
d
.
Co
rresp
ond
i
ng
Autho
r
:
T. Gu
nase
kha
r,
Research Sc
holar,
Depa
rt
m
e
nt
of
C
o
m
put
er Sci
e
nce a
n
d
E
ngi
neeri
n
g
,
K L Un
iv
ersity,
Gree
nfi
e
l
d
s,
V
a
dde
swa
r
am
, Gu
nt
u
r
Di
st
ri
ct
, A
n
dh
ra P
r
a
d
e
s
h
52
2
5
0
2
, India
Em
ail: tgunase
kha
r@gm
ail.com
1.
INTRODUCTION
Accord
ing
to
t
h
e CERT
d
e
fi
n
itio
n
o
f
i
n
sider th
reat “A malicio
u
s
in
si
d
e
r th
reat to
an
o
r
g
a
n
i
zation
is
a current or form
er e
m
ployee
, cont
r
actor, or other
business
partne
r who has or
had a
u
thorize
d
access to a
n
orga
nization'
s network,
syste
m
, or data and intentionally exceede
d
or m
i
sused t
h
at acc
ess in a m
a
nner that
n
e
g
a
tiv
ely affected
th
e confid
en
tiality, in
teg
r
ity, or
availab
ility o
f
th
e
o
r
g
a
n
i
zatio
n
'
s in
fo
rm
atio
n
o
r
i
n
f
o
rm
at
i
on sy
st
em
s” [1]
.
A
n
i
n
si
de
r at
t
ack can
be de
fi
ned as a
n
i
n
t
e
nt
i
onal
m
i
suse of c
o
m
put
er sy
st
em
whi
c
h
has
pot
ent
i
a
l
dat
a
ab
out
a
n
or
ga
ni
zat
i
on.
Acc
o
r
d
i
ng t
o
t
h
i
s
de
fi
ni
t
i
on
at
t
ack
er can
be
em
pl
oy
ee,
cont
ract
or a
n
d
/
or t
h
i
r
d
part
y
busi
n
ess
part
ners
. The
dam
a
ges o
f
i
n
si
de
r t
h
reat
are:
I
T
sab
o
t
a
ges
,
t
h
eft
o
f
confide
n
tial inform
ation, t
r
ade secret
s and
In
tellectu
a
l p
r
op
erty (IP).
85%
o
f
rep
o
rte
d
fra
ud
is c
o
m
m
i
tted by
peo
p
l
e
wi
t
h
i
n
t
h
e or
ga
ni
zat
i
o
n [
1
]
.
A t
y
pi
ca
l
orga
ni
zat
i
o
n l
o
ses ap
pr
o
x
i
m
at
ely
5% of
i
t
s
annual
re
ve
nue t
o
i
n
si
der
fra
u
d
a
nd
3
30 case
s
o
f
i
n
si
de
r f
r
au
d
i
d
ent
i
f
i
e
d
d
u
ri
ng
2
0
1
0
.
S
uc
h t
h
at
eve
r
y
or
ga
ni
zat
i
on
need
s
secure
man
a
g
e
m
e
n
t
o
f
sensitiv
e d
a
t
a
an
d
In
tellect
u
a
l prop
erty.
In
clou
d
env
i
ron
m
en
t
m
o
st o
f
in
sid
e
r t
h
reat
can
b
e
do
ne
by
cl
o
ud
i
n
si
der
s
suc
h
t
h
at
t
h
ey
sh
o
u
l
d
pr
o
v
i
d
e r
o
bu
st
securi
t
y
al
g
o
ri
t
h
m
on cl
i
e
nt
d
a
t
a
[2]
.
I
n
t
h
i
s
pape
r
we
pr
o
v
i
d
e a
p
r
ot
ot
y
p
e f
o
r se
curi
ng
dat
a
at
dat
a
cent
e
rs as
wel
l
as at
or
ga
ni
zat
i
onal
dat
a
bases.
Evaluation Warning : The document was created with Spire.PDF for Python.
I
J
ECE
I
S
SN
:
208
8-8
7
0
8
Mitig
a
tio
n o
f
In
sid
e
r Atta
cks
th
roug
h Mu
lti-Clo
u
d
(T. G
una
sekh
a
r
)
13
7
2.
THE INS
I
DE
R TH
REAT
The o
r
ga
ni
zat
i
ons
or cl
o
u
d
p
r
o
v
i
d
e
r
s can r
e
crui
t
part
i
c
i
p
a
n
t
s
by
wor
d
o
f
m
out
h and a
d
v
e
rt
i
s
em
ent
s
,
th
en
p
a
rticip
ants were can
b
e
assign
ed
with term
s
an
d
cond
itio
n
s
. Each
co
nd
itio
n
d
e
scri
b
e
s t
h
e scen
ari
o
o
f
th
e sam
e
task
to
b
e
co
m
p
lete b
u
t
t
h
ey pro
v
i
de ro
le th
at m
a
n
i
p
u
l
ate th
eir “in
t
en
t”
[3
].
TYPE
S
OF IN
SIDER
THREA
T
Based
on the le
vels
of acce
ss
pri
v
ileges, t
h
e
insider th
reat
c
a
n be broa
dly
categor
ized i
n
t
o
four types:
Pu
re in
sid
e
r
Insi
der ass
o
ciate
In
si
d
e
r affiliate
Ou
tsi
d
e affiliate
Each
has its
own level
of acc
ess cre
d
en
tials an
d with d
i
fferen
t
m
o
tiv
es.
Pure In
sider
(Employee
)
An em
ployee
has all access
rights and typi
cally they
can have
ba
dge or
keys to thei
r orga
nization
data centers. In fact the em
p
l
oyees
m
i
ght well about l
ogi
cal and physical structure
of
sensitive data
because
they have e
v
e
r
y right to acc
ess data and c
o
m
p
any
cannot restrict the em
ploy
ees duri
ng
w
o
r
k
h
o
u
rs
. So
,
em
pl
oy
ees are
m
o
st
dange
r a
b
o
u
t
t
o
i
n
si
d
e
r
t
h
reat
s a
n
d
the inside
r threat
s are
possibly
by em
ployees of t
h
at
co
m
p
an
y o
n
l
y. Th
e elev
ated
in
sid
e
r is an
i
n
sid
e
r who
as
au
x
iliary priv
il
eg
es fro
m
n
o
r
mal e
m
p
l
o
y
ees
. Th
e
sy
st
em
ad
m
i
nist
rat
o
rs
o
r
ro
ot
adm
i
ni
st
rat
o
rs
, w
h
o
have
f
u
l
l
po
we
r
on
cen
t
r
al
dat
a
, t
h
ese
ki
n
d
s
o
f
em
pl
oy
ees
may have additional access to do their
job
but in som
e
ca
ses they will get
m
o
re acces
s than they re
quired.
In
m
o
st o
f
ten
to
red
u
ce t
h
e in
sider th
reat
s, t
h
e
com
p
ani
e
s nee
d
t
o
st
ri
ct
t
h
e
peo
p
l
e
by
p
r
ov
i
d
i
ng t
h
e l
i
m
i
ted an
d
accurate acces
s to inform
ation syste
m
s. The pure insiders
can be restric
t
ed to insi
der
attacks via three key
aspects. One that with limited
access pr
i
v
ileges that should
eff
ect on their
gene
ral duties. By doing so we can
p
r
ev
en
t an
d
easily d
e
tect th
e
in
sid
e
r
who
mad
e
m
a
l
i
cio
u
s
activ
ities o
v
e
r
sen
s
itiv
e in
formatio
n
.
Here, th
e k
e
y
is cont
rolling
and li
m
ited access. Sec
o
nd
key is fall und
er t
h
e
beha
vi
or
of insi
ders. In ge
neral someone
co
mmitted
to
i
n
sid
e
r attack
s, th
eir b
e
h
a
v
i
or p
a
ttern
m
i
g
h
t
b
e
d
i
fferen
t
fro
m
as u
s
u
a
l. Su
ch
p
e
rson
s
op
en
l
y
spea
k ba
dl
y
abo
u
t
com
p
any
and/
or
res
o
u
r
ces t
hose
are
assi
gne
d t
o
t
h
em
. They
us
u
a
l
l
y
very
an
gr
y
abo
u
t
or
ga
ni
zat
i
on a
n
d
u
n
h
ap
py
a
b
out
w
o
r
k
l
o
a
d
s
and
,
t
h
ey
are
ready to leave t
h
e c
o
m
p
any.
T
h
e thi
r
d fact
or
of the
pu
re i
n
si
der
s
i
s
m
oney
.
The
gene
ral
em
pl
oy
ees coul
d
not
com
m
i
t
t
o
i
n
si
der at
t
ack
s, i
f
t
h
e
w
o
r
k
l
o
a
d
a
n
d
fi
na
nci
a
l
pr
o
b
l
e
m
s
get
t
i
ng as
i
ssue t
h
ey
m
i
ght
be t
e
m
p
t
e
d t
o
do
at
t
ack
s. I
f
som
e
one
of
fers l
u
m
p
su
m
t
o
e
m
ployees to
make all the
problem
s away from
them
, th
ey
mig
h
t
co
mm
it
to
p
e
rform
in
si
d
e
r attack
s.
Insider As
soci
ate
Insi
der ass
o
cia
t
es are not employees but they have
s
o
m
e
sort
of access i
n
term
s of physical instead
of
net
w
o
r
k
of
com
p
any
.
The inside
r a
ssociate
m
i
ght ha
ve lim
ited
acc
ess to physica
l
ele
m
ents inst
ead
of
com
p
any
net
w
or
k. Sec
u
ri
t
y
gua
r
d
s, cl
eane
r
s an
d co
nt
ra
ct
or an
d/
o
r
b
u
si
ness
part
ne
rs are fi
t
u
n
d
e
r t
h
i
s
categ
ory of em
p
l
o
y
ees. Aft
e
r wo
rk
ing
hou
rs
so
m
e
o
f
the e
m
p
l
o
y
ees may leav
e th
eir sensitiv
e d
a
t
a
o
n
t
h
eir
des
k
, t
h
e i
n
si
d
e
r ass
o
ci
at
e
m
a
y
copy
t
h
at
dat
a
and m
a
de so
m
e
m
a
l
i
c
i
ous act
i
v
i
t
y
on dat
a
.
Here
, t
h
e
pr
ob
l
e
m
i
s
that a
m
a
in key was
m
a
intain
ed at cen
tral location that can be used by
anyone to gai
n
access to office
place.
So
m
e
o
f
th
e in
sid
e
r affiliates
so
ph
isticated
ab
ou
t co
m
p
u
t
er
resources and
th
ey
m
a
d
e
co
p
y
o
f
sen
s
itiv
e
d
a
ta. It
i
s
som
e
ki
nd o
f
i
n
si
de
r at
t
ack
. To
pre
v
e
n
t
su
ch t
y
pe o
f
at
t
acks, t
h
e ge
nera
l
em
pl
oy
ees co
ul
d
be awa
r
e
o
f
t
h
es
e
types of attacks. The em
ployees shoul
d understand that
the people have
auxiliary
access pri
v
ileges and they
sh
ou
l
d
lo
ck
sy
ste
m
s an
d
secure sen
s
itiv
e
d
a
ta b
e
fore th
ey l
eav
e th
e co
m
p
an
y.
Insid
e
r A
ffilia
t
e
Th
e in
sid
e
r affiliates are n
o
t
em
p
l
o
y
ees l
i
k
e
p
u
re in
sid
e
rs an
d
insid
e
rs. The p
u
re in
sid
e
rs an
d
insid
e
r
affiliates has reason to access com
p
any
resources
but insi
der a
ffiliates do not.
The insi
der a
ffiliate is
friend,
spouse
, and/or third
party clie
nt of
that orga
nization.
In s
o
me occasions,
the
friends of e
m
ployees
m
a
y
visits
to them; they
can get access
using
the employee cre
d
ent
i
als through th
e rem
o
te acc
ess.
When the
y
get
en
g
a
g
e
d
with
so
m
e
wo
rk
, t
h
e in
sid
e
r affiliates
m
i
g
h
t
th
eft sen
s
itiv
e i
n
fo
rm
atio
n
fro
m
th
e em
p
l
o
y
ee d
e
sk
.
Thi
s
i
s
a si
m
p
l
e
pr
obl
em
but
i
t
m
a
y
l
eads to i
n
si
d
e
r at
t
acks.
If s
u
pp
ose,
t
h
e sp
ou
se w
a
nt
t
o
use l
a
pt
op
o
f
e
m
p
l
o
y
ee; th
e e
m
p
l
o
y
ee
m
i
g
h
t
g
i
v
e
creden
tial to
in
sider affiliate. Sh
e can
m
o
d
i
fy, d
e
lete o
r
co
p
y
th
e
sen
s
itiv
e d
a
ta
fro
m
lap
t
o
p
and
it lead
s to
insid
e
r
d
a
ta lo
ss
o
r
threat.
It see
m
s to
b
e
v
e
ry si
m
p
le p
r
ob
lem b
u
t
resu
lt of it sh
ows how d
a
n
g
er it is. In
ord
e
r to
p
r
ev
en
t in
sid
e
r attack
fr
om insider affili
ates, the em
ployees
sh
ou
l
d
ed
u
cate with
po
licies
and procedure
s
of com
p
any.
Outsid
e Affiliate
Outsi
d
e affiliates are
not a
part
of c
o
m
p
any and they
don’t
ha
ve
le
gitimate access to com
p
anies’
resources.
Unprotected
wire
less network is a
best e
x
ample. T
h
e
outside attack
e
r
m
a
y access the
network
Evaluation Warning : The document was created with Spire.PDF for Python.
I
S
SN
:
2
088
-87
08
I
J
ECE Vo
l. 5
,
N
o
. 1
,
Febru
a
ry
2
015
:
13
6
–
14
1
13
8
without any access pri
v
ileges
.
So,
outside
rs
are free to
use and
he can do
wh
ate
v
er
he want. It is an obvious
problem in com
p
anies and com
p
anies
should aware of such type of att
acks. T
h
e com
p
anies shoul
d upgra
d
e
security policies and
proce
d
ures. T
h
ese attac
k
s a
r
e easy t
o
i
d
entify
or dete
ct.
In s
o
m
e
scenari
o
pa
rt
i
c
i
p
an
t
s
m
a
y fal
l
e
n on
har
d
fi
na
nci
a
l
peri
o
d
a
m
ong t
h
em
, the m
a
li
ci
ous
e
m
ployees or
participa
n
ts ca
n acce
pt a
ne
w a
n
d hi
ghe
r
paying
job, which
is offe
red
by new com
p
any
or
co
m
p
etito
r but th
ey wan
t
bring
th
e in
si
de in
fo
rm
atio
n
of o
l
d
o
r
g
a
nizatio
n
.
A
ll th
e
p
a
rticip
an
ts after
com
p
leted form
alities and pre-st
udy questi
onnaires a
n
d then t
h
ey will receive necess
a
ry com
pone
nt
s with
th
eir resp
ective scen
ario
. The p
a
rticip
an
ts
p
l
ay th
eir
ro
le
o
n
wo
rk
ing
hou
rs ov
er sp
ecified
d
a
ys t
o
com
p
le
te
t
h
ei
r t
a
sks
.
Th
e reso
urc
e
s we
re co
nfi
g
u
r
e
d
t
o
m
oni
t
o
r b
o
t
h
net
w
or
k an
d
h
o
st
base
d
beha
vi
o
r
at
al
l
t
h
e tim
es.
Wh
en
th
e
p
a
rti
c
ip
an
ts co
m
p
leted
th
ey sho
u
l
d retu
rn
resou
r
ces to
th
e research
lead
s.
In
add
itio
n
to
th
is
no
rm
a
l
b
e
h
a
v
i
or, th
e
malicio
u
s
p
a
rticip
an
ts m
o
re l
i
k
e
ly to
reliev
e
th
eir j
o
b
s
in
t
o
d
a
ta g
a
th
eri
n
g
p
e
riod
s i.e.,
m
o
re
logoffs a
n
d more l
o
gons a
n
d indirect
data access. Malicious
pa
rticipants also a
v
oided
by searc
h
i
n
g for
detailed
data by accessing project
sites an
d
releva
nt sha
r
e
d
data
directorie
s.
Fi
gu
re
1.
St
at
es o
f
I
n
si
ders
Figure
1 shows this relationship, a
n
d
gives
a summ
ary
of exam
ple attacks and/or
vulne
r
abilities each level of
adm
i
ni
st
rat
o
r c
oul
d e
xpl
oi
t
.
Insider
Thre
at
s in CSP
The inside
rs in this scenari
o
ar
e:
cl
ou
d p
r
o
v
i
d
e
r
an
d cl
ou
d cl
i
e
nt
s, t
h
e
m
a
li
ci
ous adm
i
ni
st
rat
o
r
wo
rki
n
g fo
r t
h
e cl
ou
d p
r
o
v
i
d
er an
d cl
o
ud cl
i
e
nt
s
m
a
y
m
i
ss use t
h
ei
r p
r
i
v
i
l
eges t
o
dest
ro
y
t
h
e cl
oud
dat
a
[3]
.
Th
e m
a
l
i
cio
u
s
in
sid
e
rs m
a
y th
eft in
tellectu
a
l
p
r
op
erty o
f
ot
h
e
r em
pl
oy
ees and
use t
h
ose credentials to de
stroy
o
r
steal th
e in
fo
rm
atio
n
system
s
in
clo
u
d
d
a
ta cen
ters.
Th
e resu
lt
o
f
t
h
ese attack
s in
clou
d
d
a
ta cen
t
ers will
vary from
data breac
hes to
data steal of t
h
e infected
sy
st
em
s and dat
a
cent
e
rs.
Det
ect
i
ng s
u
ch a
n
i
ndi
rect
access is challengi
ng tas
k
. All co
m
m
on cloud se
rvices like
PaaS, SaaS
and, IaaS a
r
e equally likely
inside
r
attacks as long
as the i
n
side
r
has privileges
to access
da
tacenters and /
o
r cloud m
a
nagem
e
nt syste
m
s [2] [4].
Hen
c
e, clo
u
d
co
m
p
u
tin
g
p
a
rad
i
g
m
co
u
l
d
be u
tilized
in
o
r
d
e
r to
ou
tsource v
a
st p
a
rts o
f
th
e infrastru
cture
i
n
st
ead
of
s
p
eci
fi
c ser
v
i
ces
, s
u
ch
as
we
b
ho
st
i
n
g
o
r
appl
i
cat
i
o
n
ho
st
i
ng.
The
f
o
l
l
owi
n
g
sect
i
o
n
wi
l
l
dem
onst
r
at
e t
h
e ge
neri
c m
ode
l
vi
ew
o
f
a
n
i
n
si
der at
t
a
c
k
s i
n
cl
ou
d e
r
a.
3.
GENERI
C M
O
DEL
Th
e g
e
neric
mo
d
e
l o
f
clou
d en
v
i
ron
m
en
t
prov
id
es
facilities fo
r clien
t
s t
o
store t
h
eir sen
s
itiv
e data,
soft
ware as
se
rvice
(so
f
twa
r
e
is pr
o
v
ide
d
a
s
ser
v
ice
fr
om
cl
ou
d
pr
ovi
de
r),
pl
at
f
o
rm
as servi
ce
(pl
a
t
f
orm
i
s
p
r
ov
id
ed
as ser
v
ice)
[
6
] [7
] an
d
inf
r
a
stru
ctu
r
e as serv
ice. I
n
g
e
n
e
r
a
l th
e o
r
g
a
n
i
zations w
a
n
t
to
use cloud
services
in a se
cure
m
a
nner i
n
stead
of purchase product
s [1
0]
. Due
t
o
t
h
e securi
t
y
c
once
r
ns
t
h
e or
ga
ni
zat
i
o
n
s
want
t
o
kee
p
t
h
ei
r dat
a
i
n
secure m
a
nner s
u
ch t
h
at
dat
a
can be enc
r
y
p
t
e
d by
usi
n
g cry
p
t
o
gra
p
hy
al
go
ri
t
h
m
s
and st
ore i
t
i
n
cl
ou
d dat
a
cent
e
rs. T
h
e encry
p
t
i
on m
echani
s
m
needs key
m
a
nagem
e
nt
t
o
pr
ocess i
n
fo
rm
at
i
on;
th
is is triv
ial
t
a
sk
of clien
t
s. Th
e figu
re 2
d
e
p
i
ct
s ge
neri
c versi
o
n o
f
cl
ou
d base
d o
r
gani
zat
i
o
n. He
re, t
h
e
adm
i
nistrators
of organization a
nd cl
oud service
provi
d
ers
have
val
i
d pri
v
ileges
to access the
cloud
i
n
f
o
rm
at
i
on, w
h
i
c
h i
s
st
o
r
ed
a
t
cl
ou
d
dat
a
ce
nt
ers
[
5
]
.
Evaluation Warning : The document was created with Spire.PDF for Python.
I
J
ECE
I
S
SN
:
208
8-8
7
0
8
Mitig
a
tio
n o
f
In
sid
e
r Atta
cks
th
roug
h Mu
lti-Clo
u
d
(T. G
una
sekh
a
r
)
13
9
Fi
gu
re
2.
Ge
ne
ri
c m
odel
B
u
t
t
h
e i
n
si
de
r
m
a
y
have
m
a
l
i
c
i
ous i
n
t
e
nt
abo
u
t
t
h
e st
or
ed dat
a
an
d t
h
ey
m
i
ght
per
f
o
rm
unus
ual
ope
rations on
sensitive data. In such a
n
envi
ronm
en
t cl
oud provi
der
has access pri
v
ileges to cloud
data
cen
ter, th
e i
n
sid
e
rs of cloud
may p
e
rfo
r
m
h
a
rm
fu
l activ
ities o
n
clien
t
s
b
y
u
s
i
n
g th
e cryp
tog
r
aph
i
c keys
of
rel
e
va
nt
dat
a
[
10]
. T
h
e o
r
gan
i
zat
i
ons su
ffe
r
fr
om
generi
c m
odel
whene
v
er t
h
ey
l
o
st
i
n
t
e
l
l
ect
ual
pro
p
e
r
t
i
e
s an
d
p
r
i
v
ileg
e
s.
Hence th
e
g
e
neric
m
o
d
e
l is weak
p
o
t
en
tiality to
secu
re clien
t
s i
n
fo
rm
atio
n
syste
m
.
4.
PROP
OSE
D
MO
DEL
Ou
r p
r
op
ose
d
secure cl
ou
d
m
odel
i
n
cl
udes
t
h
e sam
e
co
m
p
o
n
e
n
t
s
as t
h
e
gene
ri
c m
odel
di
scuss
e
d i
n
th
e earlier sectio
n
,
with
add
itio
n
a
l security
featu
r
es su
ch
as firewalls and
alg
o
rith
m
.
T
h
e op
eration
of th
is
alg
o
rith
m
d
e
scrib
e
d
in m
o
re in
d
e
tail in
b
e
low.
Fi
gu
re
3.
Pr
o
p
o
se
d M
o
del
Ano
t
h
e
r im
p
o
r
tan
t
asp
ect
h
e
re is th
at m
u
ltip
le clo
u
d
s
are
u
t
ilized
to
k
eep t
h
eir
d
a
ta as secu
re. In on
e
of t
h
e cl
o
u
d
da
t
a
cent
e
r t
h
e e
n
cry
p
t
e
d i
n
f
o
r
m
at
i
on st
ore
d
and
an
ot
he
r cl
ou
d ca
n
be
use
d
t
o
st
or
e t
h
e
key
s
o
f
t
h
e cry
p
t
o
gra
p
hy
al
go
ri
t
h
m
.
I
n
or
de
r t
o
encr
y
p
t
t
h
e i
n
fo
rm
at
i
on we nee
d
st
ro
ng c
r
y
p
t
o
g
r
ap
hy
al
go
ri
t
h
m
such
t
h
at
i
t
m
i
ght
b
e
have
key
s
i
.
e., p
u
b
l
i
c
key
and/
or
pri
v
at
e key
.
I
n
t
h
e
ge
neri
c m
odel
cl
ou
d
pr
ovi
der
h
a
ve an
authorize
d
access to cloud
da
ta centers by this they can
pe
rform
m
a
licious tasks on
stored data. The
generic
m
odel is not s
ecure
because
encry
p
ted inform
ation and
keys are stored
in sam
e
cloud data centers.
If one
cloud inside
rs
gaine
d
access; they can
perform
nontra
ditional tasks on enti
re
data system
as a legitim
a
te
user.
The pr
o
p
o
s
ed
m
odel
van
qui
s
h
es
t
h
ese
issu
e
s
by
usi
n
g het
e
ro
ge
neo
u
s
cl
ou
ds.
Th
e
fo
llowing
will elab
orate
ab
ou
t th
e pro
c
ess of m
e
th
o
dolo
g
y
,
Evaluation Warning : The document was created with Spire.PDF for Python.
I
S
SN
:
2
088
-87
08
I
J
ECE Vo
l. 5
,
N
o
. 1
,
Febru
a
ry
2
015
:
13
6
–
14
1
14
0
1
.
In
o
r
d
e
r to
m
a
in
tain
Sen
s
itiv
e d
a
ta in
secu
re
m
a
n
n
e
r, it sh
ou
ld
b
e
en
cryp
ted
with stro
ng
cryp
tog
r
aphy
alg
o
rith
m
.
2.
Store se
nsitive
encrypte
d da
ta in cloud
with s
ecure m
u
tual agreem
ent
am
ong cloud provide
r
and
com
p
any.
3.
Keys that are
use
d
while enc
r
ypting data are stor
e
d
on anothe
r cloud
by acco
unting se
curity policies of
cloud se
rvice
provide
r
.
4
.
Prov
i
d
e d
i
g
ital certificates to
th
e in
sid
e
rs
o
f
cloud
pr
o
v
i
d
er as wel
l
as i
n
si
ders o
f
o
r
ga
ni
zat
i
ons
t
o
authorize
t
h
e right pe
rsons
.
5
.
Estab
lish
n
e
two
r
k
m
o
n
ito
ri
n
g
and
au
d
ition
t
o
o
l
s to
d
e
tect un
in
tend
ed
b
e
h
a
v
i
or
o
f
i
n
sid
e
rs.
6.
Thr
o
ug
h t
h
i
s
m
odel
we can
pr
o
v
i
d
e at
m
o
st
securi
t
y
t
o
t
h
e st
ore
d
dat
a
.
By ex
p
l
o
itatio
n
o
f
th
is
fram
e
work th
e org
a
nizatio
n
s
can
con
s
erv
e
t
h
eir sen
s
itiv
e
d
a
ta from
th
e irru
p
t
access.
5.
CO
NCL
USI
O
N
We id
en
tified
two
typ
e
s
o
f
insid
e
r threat in
clo
u
d
co
m
p
u
tin
g. Th
e
first is th
e o
n
e
who
works fo
r t
h
e
cl
ou
d p
r
o
v
i
d
e
r
. They
co
ul
d c
a
use g
r
eat
deal
of i
n
fo
rm
at
i
o
n dam
a
ge i
n
b
o
t
h
t
h
e
pr
o
v
i
d
er an
d i
t
s
cust
om
ers.
Th
e seco
nd
is th
e on
e who w
o
r
k
s fo
r
the o
r
g
a
n
i
zation th
at d
ecid
e
s
to
ou
tsou
r
c
e.
W
e
d
e
scr
i
b
e
d an
d
doc
um
ent
e
d t
h
e di
f
f
ere
n
ces
b
e
t
w
een t
h
e t
r
a
d
i
t
i
onal
i
n
si
de
r
an
d t
h
e
m
a
li
cious
i
n
si
der i
n
cl
ou
d.
The
p
r
o
pos
e
d
m
o
d
e
l en
su
res
secu
rity on
k
e
y serv
er, sensitiv
e d
a
ta and
,
oth
e
r inform
atio
n
system
s
in
cl
o
u
d
d
a
ta cen
ters as
well as in org
a
n
i
zatio
n
s
.
According to t
h
e
Inte
rnet t
h
reat res
o
urce ce
nter, tw
en
ty fou
r
p
e
rcen
t of
data b
r
each
e
s that reported
fro
m
fin
a
n
c
ial in
stitu
tio
n
s
in
du
ri
n
g
2008 an
d
tw
en
ty p
e
rcen
t of go
vern
m
e
n
t
in
formatio
n
b
r
eaches an
d,
si
xt
een
perce
n
t
of
pri
v
at
e b
u
s
i
ness dat
a
br
ea
ches were
ca
used by
inside
r attacks
.
50
p
e
rcen
t of
gov
ernmen
t
web
s
ites vu
ln
erab
le,
tho
s
e h
a
v
e
n
o
secu
rity
mech
an
ism
s
.
Ev
en
th
oug
h
t
h
is fram
e
wo
rk p
r
ov
ides security o
n
store
d
data, there are
so
m
e
concerns about key
m
a
nagem
e
nt
and si
de c
h
an
ne
l
at
t
acks are po
ssi
bl
e. O
u
r res
earch c
ont
i
n
ue
s on si
de c
h
an
nel
at
t
acks i
n
o
r
de
r t
o
p
r
ev
en
t s
u
ch
a
t
ta
c
k
s
.
REFERE
NC
ES
[1]
www.
cert.com/insider-threat.
[2]
Miltiad
i
s Kandia
s
, Nikos Virvilis
, Dim
itris Grit
za
lis
.,
“
T
he insid
e
r
threa
t
in
cloud
com
puting”,
Information Security
&
Critical
Infrastructure
Prot
ec
ti
on Research
Lab
o
ratory,
2012
.
[3]
Theohar
i
dou M., Kokolakis S.,
Kar
y
d
a
M
., Kio
untouzis E., "The insider thre
at to Information S
y
stems and the
effectiven
ess of
ISO 17799",
Co
mputers &
Security
, Vol. 24
,
No. 6, pp. 472-484,
2005.
[4]
Bishop M., G
a
tes C., “
Defining
the
Insider Threat
”, in
Proc. of
the 4
th
Annual
Workshop on Cy
ber
Secur
i
ty
an
d
Inform
ation Int
e
lligen
ce Research, T
e
nnessee, V
o
l. 288
, 2008
.
[5]
A
r
m
b
rus
t
M
., Fox A
., G
r
iffith R., J
o
s
e
ph A
., K
a
tz R., K
onw
i
n
s
k
i A
., Lee G
.
,
P
a
tters
on D
., Rabkin A
., S
t
oic
a
I.,
Zahar
i
a M
., “
Ab
ove the Clouds: A Berkeley View
of Cloud Comp
uting
”, UCB/EECS-2009-28, Un
iv. of California at
Berkley
,
USA, 2
009.
[6]
Ruby
K
.
, Sha
w
E,
Post J.,
“The insi
der
thre
at
t
o
inform
ation
system
s:
Th
e ps
ycholog
y
of
the
dangerous insid
e
r”,
Secur
i
t
y
Awar
en
es
s
Bull
etin
, Vol. 2
,
pp
. 1-10
, 19
88.
[7]
Kandias M., M
y
lonas A., Theo
h
a
ridou M., Gritzalis D., “
Explo
i
tation of au
ction
s
for
outsourcing security-
c
ritical
projects
”
,
In
: P
r
oc. O
f
the
16
th
I
EEE S
y
mposiu
m on Computers and Co
mmunications (ISCC ‘11
)
, Greece, 2011
.
[8]
Anderson J., “
Computer security threat monit
o
ring and surv
eillan
c
e
”, Tech
nical Report. A
nderson Compan
y
,
Penns
y
l
van
i
a, 1
980.
[9]
Schultz E., “A f
r
amework for un
dersta
nding and
predicting insider attacks”,
Computers &
Security
,
Vol.
21,
No.
6,
pp. 526-531
, 20
02.
[10]
Thompson P., “
Weak models for
insider threat d
e
te
ction
”, in Pro
c
. of the Def
e
nse and Security
S
y
mposium, Florid
a,
2004.
[11]
Bradford P
., H
u
N
., “
A layered approach to insider threat
detection and proactive forensics
”, in
Proc. of the 21
st
Annual Computer Secur
i
ty
App
l
ications Confer
ence, 2005.
Evaluation Warning : The document was created with Spire.PDF for Python.
I
J
ECE
I
S
SN
:
208
8-8
7
0
8
Mitig
a
tio
n o
f
In
sid
e
r Atta
cks
th
roug
h Mu
lti-Clo
u
d
(T. G
una
sekh
a
r
)
14
1
BIOGRAP
HI
ES OF
AUTH
ORS
T.
Gunase
kha
r
received his
Bachelor of
Techno
log
y
an
d Master of Technolog
y
from
Jawaharlal Nehru Tec
hnological University
Anantapur in 2011 and 2013 respectiv
ely
.
He is
purs
u
ing P
h
D in K L Univ
ers
i
t
y
in
com
puter
s
c
ienc
e and
eng
i
neer
ing s
t
re
am
.
His
are
a
of
res
earch
is
cloud
com
pu
ting, Co
mputer networks
and N
e
twork security
.
D
r
. K
.
Th
iru
p
a
th
i R
ao,
M
.
Te
ch
.,
Ph
.D
.
,
workin
g as Professor and Head of
th
e
Department
in
Computer Scien
ce and
Engin
eer
ing depar
t
ment
at
KL University
, Guntur Di
st.,
A.
P.
,
India.
His
research
in
terest includes Cloud
computing, Op
er
ating
s
y
stems and Computer Networks. He has
published larg
e number of technical papers in
National & In
ternational Conf
erences and in
Nationa
l & Inter
n
ation
a
l Journal
s
. At present he
is serving as Program
Comm
ittee
Mem
b
er (PC)
of various Inter
n
ation
a
l Confer
ences. He is
Ch
ief Technical A
dvisor
y
Board
Member, Chief
Editor
,
Editor
an
d Techni
cal R
e
v
i
ewer of m
a
n
y
I
n
ternational Journals. He obtain
e
d his doctoral
degree for the topic related to s
c
heduling in
the area of cloud computing. He is having good
number of publications in repu
te
d intern
ation
a
l
journals and gui
ding 8 research
scholars in th
e
area of
cloud
co
mputing.
Evaluation Warning : The document was created with Spire.PDF for Python.