GSTF Journal on Computing (JoC)

In the past few years, cloud computing has become
a new paradigm for hosting and delivering services over the
Internet. Customers can directly access the resources (hardware
and software) of cloud computing services over the Internet
without the need to have specific knowledge about the resources.
This flexibility has also made cloud services more vulnerable to
potential attack. A key issue is that the cloud services rely upon a
simple authentication login and remain accessible to users
afterward for significant periods of time. This makes cloud
computing services vulnerable to misuse. Well-known service
providers including Dropbox (2012) and Apple (2014) have
suffered from attacks, leading to sensitive information of their
customers being exposed. As a result, there is a growing need for
increasing the trust among end-users and cloud service providers
and to be able to continuously monitor users to identify potential
misuse. User behavior profiling is one technology that has been
applied with various technologies/services to provide continuous
re-authentication of a user transparently in order to monitor and
improve the security of a system. This paper investigates the
current state of the art in this approach and examines its
applicability within cloud services. A preliminary experiment is
undertaken using Dropbox log data to explore the feasibility of
the approach within this type cloud service. The initial analysis of
the proposed approach is very encouraging and provides the
basis for proposing a novel multi-level behavioural profiling
architecture.