User-Behavior Trust Modeling in Cloud Security
Abstract
With the cloud computing increasing in popularity by providing a massive number of services such as recourses and data center, the number of attacks is increasing. Security is a basic concern in cloud computing, and threats can occur both internally and externally. Users can access the cloud infrastructure for software, operating systems, and network infrastructure provided by the cloud service providers (CSPs). Evaluating users’ behavior in the cloud-computing infrastructure is becoming more important for both cloud users (CSs) and the CSPs that must ensure safety for users accessing the cloud. Because user authentication alone is not enough to ensure the users’ safety and due to the rise of insider threats, the users’ behavior must be monitored. User-behavior trust plays a critical role in ensuring the users’ authenticity as well as safety.
To address the research problem, we proposed two models to monitor the users’ behavior in the cloud and then to calculate the users’ trust value. The proposed models improve the current trust models. Our proposed models address the issue of trust fraud with the concept of “slow increase.” The proposed models deal with malicious conduct by constantly aggravating the penalty approach (principle of “fast decline”). The proposed models reflect the users’ latest credibility through excluding the expired trust policy in the trust calculation. The proposed models evaluate users based on a large amount of evidence which ensures that the users’ trust value is stable. We generate a dataset to simulate audit logs containing the designed user-behavior patterns. Thus, we use the dataset to evaluate our proposed models.