Every cloud platform has a large number of software components, making it difficult to manage the security of the entire system. This paper discusses the requirement for an intelligent cloud security auditing solution, and an expert system architecture is presented. The solution can identify data confidentiality threats in the OpenStack cloud platform, as well as propose solutions to remove vulnerabilities before an attack occurs. Data confidentiality threats cover a wide range of security risks where attackers usually try to steal/corrupt personal data and are a major concern of users. For this reason, cloud infrastructures need frequent security auditing. The key features of the proposed expert system architecture include: acquisition of information detailing the latest cloud security threats and solutions, the conversion of acquired raw data into usable format, the application of a forward chaining inference algorithm, and the ability for the user to add/modify knowledge, which is then utilised to provide feasible solutions in ranked order. These components provide an automated mechanism to generate human-readable audit reports, improving the overall security status without the need for expert knowledge.
|Title of host publication||Proceedings of the AAAI-17 Workshop on Artificial Intelligence for Cyber Security (AICS)|
|Publisher||Association for the Advancement of Artiﬁcial Intelligence|
|Number of pages||8|
|Publication status||Published - 21 Mar 2017|
|Event||Artificial Intelligence for Cyber Security - San Francisco, United States|
Duration: 4 Feb 2017 → 4 Feb 2017
http://www-personal.umich.edu/~arunesh/AICS2017/index.html (Link to Workshop Details )
|Workshop||Artificial Intelligence for Cyber Security|
|Abbreviated title||AAAI-17 AICS|
|Period||4/02/17 → 4/02/17|
Khan, S., & Parkinson, S. (2017). Towards A Multi-tiered Knowledge-based System for Autonomous Cloud Security Auditing. In Proceedings of the AAAI-17 Workshop on Artificial Intelligence for Cyber Security (AICS) Association for the Advancement of Artiﬁcial Intelligence.