Article Preview
TopIntroduction
The recent boom in the development of Cloud Computing (CC) technology has caused a similar boom in hacker attack methods which is being constantly updated. Industries as well as government, now face more serious threats to information security (Vines, Krutz, (2010)). The threat to information from advanced persistent threat (APT) is much greater than that from independent hackers and poses an enormous challenge to network information security systems. Among the important characteristics of APT is that it is advanced and intrusion is at a very high level. It also has a strong shielding ability and the attack path is often indiscernible and this makes it more difficult for traditional methods to detect and put up a defense (Sabahi, (2011)). It is also persistent, the attack is continuous and of long duration, this also makes it difficult for single, point-based detection techniques to handle. Although APT’s carrier exists in big data, it brings a series of difficulties to APT detection and protection, but it can also use big data to test and respond to APT (Che, Duan, et al., (2011)). If there is comprehensive information data at all levels and stages, and any interactive behavior is detected, different data can be used to find different stages for APT analysis.
APT is a major attack model that goes on for a long time, involves a large amount of data traffic, and is multi-faceted (Shaikh, Haider, (2011)). This mode of attack presents major hurdles to which traditional single-point feature matching detection can hardly put up serious and effective resistance. In the traditional data storage model, the enterprise needs to build and manage a server, storage modules, communication devices, and human resources. On the contrary, multi-cloud storage provides customers with more flexibility, scalability, and convenience in low-speed data storage, based on memory requirements, rather than on how to create and maintain storage. It is, therefore, necessary to develop an efficient method for secure data sharing in multi-cloud storage (Bisong, Rahman, (2011)).
One of the best solutions to reduce data risks in multi-cloud storage is the parallel use of many clouds. Several researchers have developed several models using multi-cloud storage services. They differ in file cutting and distribution and cryptographic techniques used. On the other hand, the TPA might be dishonest and turn into an adversary (Heiser, Nicolett, (2008)). As a result, the malicious position of the TPA may cause significant harm by sharing the sensitive and private data of the CC with unauthorized parties and altering the privacy of the CC in order to obtain financial gains and other benefits (Paquette, Jaeger, et al., (2010)). Therefore, to preserve the privacy of the CC, we need to be able to detect whether the TPA plays a dishonest role while conducting the audit of confidential information and private data of the CC. Several existing guidelines are available in the literature to keep the TPA's potential malicious activities reviewed and controlled (Agarwal, Agarwal, (2011)). Similarly, an analytical model-based approach for quality evaluation of infrastructure-as-a-service cloud is presented in (Xia, Yunni, et al., (2013)). In those existing protocols, however, computational and communication overheads are not addressed in full, leaving room for possible malicious activities from the TPA. Therefore, a lightweight protocol is required to protect the privacy of the CC and to detect the malicious activities of the TPA, if any (Chou, (2013)).