Adaptive Behavioral Profiling for Identity Verification in Cloud Computing: A Model and Preliminary Analysis

In the past few years, cloud computing has become a new paradigm for hosting and delivering services over the Internet. Customers can directly access the resources (hardware and software) of cloud computing services over the Internet without the need to have specific knowledge about the resources. This flexibility has also made cloud services more vulnerable to potential attack. A key issue is that the cloud services rely upon a simple authentication login and remain accessible to users afterward for significant periods of time. This makes cloud computing services vulnerable to misuse. Well-known service providers including Dropbox (2012) and Apple (2014) have suffered from attacks, leading to sensitive information of their customers being exposed. As a result, there is a growing need for increasing the trust among end-users and cloud service providers and to be able to continuously monitor users to identify potential misuse. User behavior profiling is one technology that has been applied with various technologies/services to provide continuous re-authentication of a user transparently in order to monitor and improve the security of a system. This paper investigates the current state of the art in this approach and examines its applicability within cloud services. A preliminary experiment is undertaken using Dropbox log data to explore the feasibility of the approach within this type cloud service. The initial analysis of the proposed approach is very encouraging and provides the basis for proposing a novel multi-level behavioural profiling architecture.