Cloud security modeling: using TCP deltas with data analytics and machine learning techniques

Cloud security modeling: using TCP deltas with data analytics and machine learning techniques

연구 분야: Safety

학회: Cluster Computing

The 21st-century surge in computing infrastructure across mobile, centralized, and decentralized realms in the cloud has ushered in a new era of diverse applications, along with its Nemesis the Cybercrime. However, this progress comes hand in hand with amplified security risks, such as Ransomware Attacks by a honeypot user and delays in user response while the governing applications and back end are exposed to constant static/dynamic security scans. Security measures such as Multi-Factor Authentication, Strong Passwords, Network Segmentation, Endpoint Security, Robust Firewall and Intrusion Detection systems, and user awareness are on the Rise. Still, these efforts fall short when endpoint security fails to name a few.In this paper, a study is conducted that delves into the use of Data Analytics/ Machine Learning (ML) techniques using the TCP/IP 3-way handshake data (viz TCP.Delta Times). The methodology works on various network-related objectives. The proposed methodology is void of any neural net training, or deep packet introspection which cannot be achieved in a real-time. The proposed methodology is implemented on two network/security issues, (1) Flagging suspicious activities by a honeypot user or ransomware user and alerting the network administrator as part of their CI/CD process, and (2) Measuring user lag in accessing back-end resources when the application is under a continuous static/dynamic scan. The proposed methodology was successfully used as a pilot run in two enterprises with great results.