Towards A Multi-tiered Knowledge-based System for Autonomous Cloud Security Auditing

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Every cloud platform has a large number of software components, making it difficult to manage the security of the entire system. This paper discusses the requirement for an intelligent cloud security auditing solution, and an expert system architecture is presented. The solution can identify data confidentiality threats in the OpenStack cloud platform, as well as propose solutions to remove vulnerabilities before an attack occurs. Data confidentiality threats cover a wide range of security risks where attackers usually try to steal/corrupt personal data and are a major concern of users. For this reason, cloud infrastructures need frequent security auditing. The key features of the proposed expert system architecture include: acquisition of information detailing the latest cloud security threats and solutions, the conversion of acquired raw data into usable format, the application of a forward chaining inference algorithm, and the ability for the user to add/modify knowledge, which is then utilised to provide feasible solutions in ranked order. These components provide an automated mechanism to generate human-readable audit reports, improving the overall security status without the need for expert knowledge.
Original languageEnglish
Title of host publicationProceedings of the AAAI-17 Workshop on Artificial Intelligence for Cyber Security (AICS)
PublisherAssociation for the Advancement of Artificial Intelligence
Number of pages8
Publication statusPublished - 21 Mar 2017
EventArtificial Intelligence for Cyber Security - San Francisco, United States
Duration: 4 Feb 20174 Feb 2017
http://www-personal.umich.edu/~arunesh/AICS2017/index.html (Link to Workshop Details )

Workshop

WorkshopArtificial Intelligence for Cyber Security
Abbreviated titleAAAI-17 AICS
CountryUnited States
CitySan Francisco
Period4/02/174/02/17
Internet address

    Fingerprint

Cite this

Khan, S., & Parkinson, S. (2017). Towards A Multi-tiered Knowledge-based System for Autonomous Cloud Security Auditing. In Proceedings of the AAAI-17 Workshop on Artificial Intelligence for Cyber Security (AICS) Association for the Advancement of Artificial Intelligence.