Fog Computing: Mitigating Insider Data Theft Attacks in the Cloud

Author

Stolfo, Salvatore J. ; Salem, M.B. ; Keromytis, Angelos D.

Author_Institution

Comput. Sci. Dept., Columbia Univ., New York, NY, USA

fYear

2012

fDate

24-25 May 2012

Firstpage

125

Lastpage

128

Abstract

Cloud computing promises to significantly change the way we use computers and access and store our personal and business information. With these new computing and communications paradigms arise new data security challenges. Existing data protection mechanisms such as encryption have failed in preventing data theft attacks, especially those perpetrated by an insider to the cloud provider. We propose a different approach for securing data in the cloud using offensive decoy technology. We monitor data access in the cloud and detect abnormal data access patterns. When unauthorized access is suspected and then verified using challenge questions, we launch a disinformation attack by returning large amounts of decoy information to the attacker. This protects against the misuse of the user´s real data. Experiments conducted in a local file setting provide evidence that this approach may provide unprecedented levels of user data security in a Cloud environment.

Keywords

cloud computing; security of data; business information; cloud computing; cloud provider; communications paradigms; data access patterns; data protection mechanisms; disinformation attack; encryption; fog computing; insider data theft attacks mitigation; local file setting; offensive decoy technology; personal information; user data security; Accuracy; Cloud computing; Detectors; Encryption; Monitoring; Twitter; Decoys; Fog Computing; Insider Threat; User Behavior Profiling;

fLanguage

English

Publisher

ieee

Conference_Titel

Security and Privacy Workshops (SPW), 2012 IEEE Symposium on

Conference_Location

San Francisco, CA

Print_ISBN

978-1-4673-2157-0

Type

conf

DOI

10.1109/SPW.2012.19

Filename

6227695