Utilizing Cloud Computing Log Events for Security Automation

Date
2019-01-01
Authors
Farrag, Khalid
Journal Title
Journal ISSN
Volume Title
Publisher
Altmetrics
Authors
Research Projects
Organizational Units
Journal Issue
Series
Abstract

The rising use of cloud computing and deploying and managing applications and services on a large-scale demand researcher to utilize cloud-logs to achieve greater continuous of security and compliance. Cloud security auto-remediation not only essential for preventing a potential breach, but also essential to prevent system frailer or accidents, and for complying with compliance requirements or legal actions. However, now most of cloud hosting services provide cloud trails or logs to identify and track security incidents. But that isn’t enough without acting at the event time.

In this research, I present a novel approach for automatic security remediation that can be built from a noisy and unstructured cloud logs. The approach utilizing cloud trails logs. Examining the records syntax will provide the complete picture of actions taken by a user, role, captured API calls for systems events.

Also, it is necessary to understand how log events can be constructed to build a strong remediation policy. In some parts, cloud providers have had little incentive to provide broad administrative access to the set of information, and that often do not provide the adequate log that can be used for security auditing or compliance. However, the ultimate goal of this research is to connect the dots of deferent events to build a strong cloud security auto-remediation policy.

Description
Keywords
security, cloud computing, log
Citation
DOI
Source