Citation :

Chaitanya Vootkuri, 2023. "AI-Powered Cloud Security: A Unified Approach to Threat Modeling and Vulnerability Management" ESP International Journal of Advancements in Computational Technology (ESP-IJACT)  Volume 1, Issue 1: 150-159.

Abstract :

Cloud computing has become one of the most important tools that have transformed business by providing solutions at the right price. Huge global popularity has led to the seemingly countless number of cloud services, and thus, security has become a critical issue. The technology known as Artificial Intelligence (AI) has turned out to become a useful weapon to fight against these challenges since threat detection, management of vulnerabilities, limiting threat proneness and formation of counterattacks can be availed through AI solutions. This paper introduces a single model of AI application in cloud security that addresses threat modeling and vulnerability assessment and management. This approach thus improves the dynamism and responsiveness of CS systems by using AI techniques like machine learning, natural language processing and anomaly detection. This paper also analyses how AI is integrated with traditional cloud platforms or architectures, as well as the advantages and disadvantages of doing so. Specific contributions made include a thorough analysis of how AI can be applied to cloud security, an analysis of its effectiveness, and an examination of the development trajectories of AI in clouds. The conclusions presented in the paper clearly demonstrate the ability of AI to radically change the protection of cloud structures from modern cyber threats.

References :

[1] Walkowski, M., Oko, J., & Sujecki, S. (2021). Vulnerability management models using a common vulnerability scoring system. Applied Sciences, 11(18), 8735.

[2] Behl, A. (2011, December). Emerging security challenges in cloud computing: An insight into cloud security challenges and their mitigation. In 2011 World Congress on Information and Communication Technologies (pp. 217-222). IEEE.

[3] Stallings, W. (2015). Foundations of modern networking: SDN, NFV, QoE, IoT, and Cloud. Addison-Wesley Professional.

[4] Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of network and computer applications, 34(1), 1-11.

[5] Modi, C., Patel, D., Borisaniya, B., Patel, H., Patel, A., & Rajarajan, M. (2013). A survey of intrusion detection techniques in the cloud. Journal of network and computer applications, 36(1), 42-57.

[6] Buczak, A. L., & Guven, E. (2015). A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications surveys & tutorials, 18(2), 1153-1176.

[7] Sommer, R., & Paxson, V. (2010, May). Outside the closed world: On using machine learning for network intrusion detection. In 2010 IEEE symposium on security and privacy (pp. 305-316). IEEE.

[8] Chandola, V., Banerjee, A., & Kumar, V. (2009). Anomaly detection: A survey. ACM computing surveys (CSUR), 41(3), 1-58.

[9] Li, Y., Ma, R., & Jiao, R. (2015). A hybrid malicious code detection method based on deep learning. International journal of security and its applications, 9(5), 205-216.

[10] Papernot, N., McDaniel, P., Sinha, A., & Wellman, M. (2016). Towards the science of security and privacy in machine learning. arXiv preprint arXiv:1611.03814.

[11] Goodfellow, I. J., Shlens, J., & Szegedy, C. (2014). Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572.

[12] Ribeiro, M. T., Singh, S., & Guestrin, C. (2016, August). " Why should I trust you?" Explaining the predictions of any classifier. In Proceedings of the 22nd ACM SIGKDD international conference on knowledge discovery and data mining (pp. 1135-1144).

[13] Verma, D. C., Verma, A., & Mangla, U. (2021, December). Addressing the Limitations of AI/ML in Creating Cognitive Solutions. In 2021, IEEE third international conference on cognitive machine intelligence (CogMI) (pp. 189-196). IEEE.

[14] Bolanle, O., & Bamigboye, K. (2019). AI-Powered Cloud Security: Leveraging Advanced Threat Detection for Maximum Protection. International Journal of Trend in Scientific Research and Development, 3(2), 1407-1412.

[15] Bloch, D. A. (2023). Machine learning: Models and algorithms. Available at SSRN 4493977.

[16] García, S., Ramírez-Gallego, S., Luengo, J., Benítez, J. M., & Herrera, F. (2016). Big data preprocessing: methods and prospects. Big data analytics, 1, 1-22.

[17] Silva, V. S., Freitas, A., & Handschuh, S. (2019). On the semantic interpretability of artificial intelligence models. arXiv preprint arXiv:1907.04105.

[18] Li, X., He, K., Feng, Z., & Xu, G. (2014). Unified threat model for analysing and evaluating software threats. Security and Communication Networks, 7(10), 1454-1466.

[19] Farooqui, M. N. I., Arshad, J., & Khan, M. M. (2022). A layered approach to threat modelling for 5G-based systems. Electronics, 11(12), 1819.

[20] Chirra, D. R. (2020). AI-Based Real-Time Security Monitoring for Cloud-Native Applications in Hybrid Cloud Environments. Revista de Inteligencia Artificial en Medicina, 11(1), 382-402.

Keywords :

Cloud Computing, Threat Modeling, Vulnerability Management, Machine Learning, Cybersecurity, Anomaly Detection.