Saad, Khan and Simon, Parkinson (2017) Towards A Multi-tiered Knowledge-based System for Autonomous Cloud Security Auditing. In: Proceedings of the AAAI-17 Workshop on Artificial Intelligence for Cyber Security (AICS). AAAI.

Every cloud platform has a large number of software compo-nents, making it difficult to manage the security of the entire system. This paper discusses the requirement for an intelli-gent cloud security auditing solution, and an expert system architecture is presented. The solution can identify data confi-dentiality threats in the OpenStack cloud platform, as well as propose solutions to remove vulnerabilities before an attack occurs. Data confidentiality threats cover a wide range of se-curity risks where attackers usually try to steal/corrupt per-sonal data and are a major concern of users. For this reason, cloud infrastructures need frequent security auditing. The key features of the proposed expert system architecture include: acquisition of information detailing the latest cloud security threats and solutions, the conversion of acquired raw data into usable format, the application of a forward chaining inference algorithm, and the ability for the user to add/modify knowledge, which is then utilised to provide feasible solu-tions in ranked order. These components provide an automat-ed mechanism to generate human-readable audit reports, im-proving the overall security status without the need for expert knowledge

Khan and Parkinson.pdf - Accepted Version
Restricted to Repository staff only

Download (728kB)