Towards A Multi-tiered Knowledge-based System for Autonomous Cloud Security Auditing

Saad Khan, Simon Parkinson

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Every cloud platform has a large number of software components, making it difficult to manage the security of the entire system. This paper discusses the requirement for an intelligent cloud security auditing solution, and an expert system architecture is presented. The solution can identify data confidentiality threats in the OpenStack cloud platform, as well as propose solutions to remove vulnerabilities before an attack occurs. Data confidentiality threats cover a wide range of security risks where attackers usually try to steal/corrupt personal data and are a major concern of users. For this reason, cloud infrastructures need frequent security auditing. The key features of the proposed expert system architecture include: acquisition of information detailing the latest cloud security threats and solutions, the conversion of acquired raw data into usable format, the application of a forward chaining inference algorithm, and the ability for the user to add/modify knowledge, which is then utilised to provide feasible solutions in ranked order. These components provide an automated mechanism to generate human-readable audit reports, improving the overall security status without the need for expert knowledge.
LanguageEnglish
Title of host publicationProceedings of the AAAI-17 Workshop on Artificial Intelligence for Cyber Security (AICS)
PublisherAssociation for the Advancement of Artificial Intelligence
Number of pages8
Publication statusPublished - 21 Mar 2017
EventArtificial Intelligence for Cyber Security - San Francisco, United States
Duration: 4 Feb 20174 Feb 2017
http://www-personal.umich.edu/~arunesh/AICS2017/index.html (Link to Workshop Details )

Workshop

WorkshopArtificial Intelligence for Cyber Security
Abbreviated titleAAAI-17 AICS
CountryUnited States
CitySan Francisco
Period4/02/174/02/17
Internet address

Fingerprint

Knowledge based systems
Expert systems
Data privacy

Cite this

Khan, S., & Parkinson, S. (2017). Towards A Multi-tiered Knowledge-based System for Autonomous Cloud Security Auditing. In Proceedings of the AAAI-17 Workshop on Artificial Intelligence for Cyber Security (AICS) Association for the Advancement of Artificial Intelligence.
Khan, Saad ; Parkinson, Simon. / Towards A Multi-tiered Knowledge-based System for Autonomous Cloud Security Auditing. Proceedings of the AAAI-17 Workshop on Artificial Intelligence for Cyber Security (AICS). Association for the Advancement of Artificial Intelligence, 2017.
@inproceedings{f45da06390564bfb846f00f4f198b6ce,
title = "Towards A Multi-tiered Knowledge-based System for Autonomous Cloud Security Auditing",
abstract = "Every cloud platform has a large number of software components, making it difficult to manage the security of the entire system. This paper discusses the requirement for an intelligent cloud security auditing solution, and an expert system architecture is presented. The solution can identify data confidentiality threats in the OpenStack cloud platform, as well as propose solutions to remove vulnerabilities before an attack occurs. Data confidentiality threats cover a wide range of security risks where attackers usually try to steal/corrupt personal data and are a major concern of users. For this reason, cloud infrastructures need frequent security auditing. The key features of the proposed expert system architecture include: acquisition of information detailing the latest cloud security threats and solutions, the conversion of acquired raw data into usable format, the application of a forward chaining inference algorithm, and the ability for the user to add/modify knowledge, which is then utilised to provide feasible solutions in ranked order. These components provide an automated mechanism to generate human-readable audit reports, improving the overall security status without the need for expert knowledge.",
keywords = "Cloud Computing, cloud security, Information security, security auditing, autonomous security auditing",
author = "Saad Khan and Simon Parkinson",
year = "2017",
month = "3",
day = "21",
language = "English",
booktitle = "Proceedings of the AAAI-17 Workshop on Artificial Intelligence for Cyber Security (AICS)",
publisher = "Association for the Advancement of Artificial Intelligence",

}

Khan, S & Parkinson, S 2017, Towards A Multi-tiered Knowledge-based System for Autonomous Cloud Security Auditing. in Proceedings of the AAAI-17 Workshop on Artificial Intelligence for Cyber Security (AICS). Association for the Advancement of Artificial Intelligence, Artificial Intelligence for Cyber Security, San Francisco, United States, 4/02/17.

Towards A Multi-tiered Knowledge-based System for Autonomous Cloud Security Auditing. / Khan, Saad; Parkinson, Simon.

Proceedings of the AAAI-17 Workshop on Artificial Intelligence for Cyber Security (AICS). Association for the Advancement of Artificial Intelligence, 2017.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Towards A Multi-tiered Knowledge-based System for Autonomous Cloud Security Auditing

AU - Khan, Saad

AU - Parkinson, Simon

PY - 2017/3/21

Y1 - 2017/3/21

N2 - Every cloud platform has a large number of software components, making it difficult to manage the security of the entire system. This paper discusses the requirement for an intelligent cloud security auditing solution, and an expert system architecture is presented. The solution can identify data confidentiality threats in the OpenStack cloud platform, as well as propose solutions to remove vulnerabilities before an attack occurs. Data confidentiality threats cover a wide range of security risks where attackers usually try to steal/corrupt personal data and are a major concern of users. For this reason, cloud infrastructures need frequent security auditing. The key features of the proposed expert system architecture include: acquisition of information detailing the latest cloud security threats and solutions, the conversion of acquired raw data into usable format, the application of a forward chaining inference algorithm, and the ability for the user to add/modify knowledge, which is then utilised to provide feasible solutions in ranked order. These components provide an automated mechanism to generate human-readable audit reports, improving the overall security status without the need for expert knowledge.

AB - Every cloud platform has a large number of software components, making it difficult to manage the security of the entire system. This paper discusses the requirement for an intelligent cloud security auditing solution, and an expert system architecture is presented. The solution can identify data confidentiality threats in the OpenStack cloud platform, as well as propose solutions to remove vulnerabilities before an attack occurs. Data confidentiality threats cover a wide range of security risks where attackers usually try to steal/corrupt personal data and are a major concern of users. For this reason, cloud infrastructures need frequent security auditing. The key features of the proposed expert system architecture include: acquisition of information detailing the latest cloud security threats and solutions, the conversion of acquired raw data into usable format, the application of a forward chaining inference algorithm, and the ability for the user to add/modify knowledge, which is then utilised to provide feasible solutions in ranked order. These components provide an automated mechanism to generate human-readable audit reports, improving the overall security status without the need for expert knowledge.

KW - Cloud Computing

KW - cloud security

KW - Information security

KW - security auditing

KW - autonomous security auditing

UR - http://www-personal.umich.edu/~arunesh/AICS2017/index.html

M3 - Conference contribution

BT - Proceedings of the AAAI-17 Workshop on Artificial Intelligence for Cyber Security (AICS)

PB - Association for the Advancement of Artificial Intelligence

ER -

Khan S, Parkinson S. Towards A Multi-tiered Knowledge-based System for Autonomous Cloud Security Auditing. In Proceedings of the AAAI-17 Workshop on Artificial Intelligence for Cyber Security (AICS). Association for the Advancement of Artificial Intelligence. 2017