{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,15]],"date-time":"2026-06-15T15:03:18Z","timestamp":1781535798208,"version":"3.54.5"},"reference-count":105,"publisher":"MDPI AG","issue":"1","license":[{"start":{"date-parts":[[2014,2,3]],"date-time":"2014-02-03T00:00:00Z","timestamp":1391385600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/3.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Computers"],"abstract":"<jats:p>Cloud computing is an emerging technology paradigm that migrates current technological and computing concepts into utility-like solutions similar to electricity and water systems. Clouds bring out a wide range of benefits including configurable computing resources, economic savings, and service flexibility. However, security and privacy concerns are shown to be the primary obstacles to a wide adoption of clouds. The new concepts that clouds introduce, such as multi-tenancy, resource sharing and outsourcing, create new challenges to the security community. Addressing these challenges requires, in addition to the ability to cultivate and tune the security measures developed for traditional computing systems, proposing new security policies, models, and protocols to address the unique cloud security challenges. In this work, we provide a comprehensive study of cloud computing security and privacy concerns. We identify cloud vulnerabilities, classify known security threats and attacks, and present the state-of-the-art practices to control the vulnerabilities, neutralize the threats, and calibrate the attacks. Additionally, we investigate and identify the limitations of the current solutions and provide insights of the future security perspectives. Finally, we provide a cloud security framework in which we present the various lines of defense and identify the dependency levels among them. We identify 28 cloud security threats which we classify into five categories. We also present nine general cloud attacks along with various attack incidents, and provide effectiveness analysis of the proposed countermeasures.<\/jats:p>","DOI":"10.3390\/computers3010001","type":"journal-article","created":{"date-parts":[[2014,2,3]],"date-time":"2014-02-03T11:17:25Z","timestamp":1391426245000},"page":"1-35","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":210,"title":["Cloud Computing Security: A Survey"],"prefix":"10.3390","volume":"3","author":[{"given":"Issa","family":"Khalil","sequence":"first","affiliation":[{"name":"Qatar Computing Research Institute (QCRI), Qatar Foundation, Doha, Qatar"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Abdallah","family":"Khreishah","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, Newark College of Engineering, New Jersey Institute of Technology, University Heights, Newark, NJ 07102, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Muhammad","family":"Azeem","sequence":"additional","affiliation":[{"name":"College of Information Technology, United Arab Emirates University, PO Box 15551, Al Ain, United Arab Emirates"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2014,2,3]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Tripathi, A., and Mishra, A. (2011, January 14\u201316). Cloud computing security considerations. Proceedings of the 2011 IEEE International Conference on Signal Processing, Communications and Computing (ICSPCC), Xi\u2019an, China.","DOI":"10.1109\/ICSPCC.2011.6061557"},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Wang, J.-J., and Mu, S. (2011, January 15\u201318). Security issues and countermeasures in cloud computing. Proceedings of the 2011 IEEE International Conference on Grey Systems and Intelligent Services (GSIS), Nanjing, China.","DOI":"10.1109\/GSIS.2011.6043978"},{"key":"ref_3","unstructured":"Final Version of NIST Cloud Computing Definition Published. Available online:http:\/\/www.nist.gov\/itl\/csd\/cloud-102511.cfm."},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Lv, H., and Hu, Y. (2011, January 20\u201321). Analysis and research about cloud computing security protect policy. Proceedings of the 2011 International Conference on Intelligence Science and Information Engineering (ISIE), Wuhan, China.","DOI":"10.1109\/ISIE.2011.16"},{"key":"ref_5","unstructured":"Mell, P., and Grance, T. USA."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Jain, P., Rane, D., and Patidar, S. (2011, January 11\u201314). A survey and analysis of cloud model-based security for computing secure cloud bursting and aggregation in renal environment. Proceedings of the 2011 World Congress on Information and Communication Technologies (WICT), Mumbai, India.","DOI":"10.1109\/WICT.2011.6141288"},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Gowrigolla, B., Sivaji, S., and Masillamani, M.R. (2010, January 17\u201319). Design and auditing of cloud computing security. Proceedings of the 2010 5th International Conference on Information and Automation for Sustainability (ICIAFs), Colombo, Sri Lanka.","DOI":"10.1109\/ICIAFS.2010.5715676"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Houmansadr, A., Zonouz, S.A., and Berthier, R. (2011, January 27\u201330). A cloud-based intrusion detection and response system for mobile phones. Proceedings of the 2011 IEEE\/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W), Hong Kong, China.","DOI":"10.1109\/DSNW.2011.5958860"},{"key":"ref_9","unstructured":"Gu, C.-D., Li, J.-X., Wu, J.-P., Fu, Y.-L., Lu, K., and Si, M.-X. (December, January 30). Wireless broadband application technology investigation of IPv6 optical network cloud computing. Proceedings of the 2010 6th International Conference on Advanced Information Management and Service (IMS), Seoul, Korea."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Sabahi, F. (2011, January 27\u201329). Virtualization-level security in cloud computing. Proceedings of the 2011 IEEE 3rd International Conference on Communication Software and Networks (ICCSN), Xi\u2019an, China.","DOI":"10.1109\/ICCSN.2011.6014716"},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"220","DOI":"10.1109\/TSC.2011.24","article-title":"Towards secure and dependable storage services in cloud computing","volume":"5","author":"Wang","year":"2012","journal-title":"IEEE Trans. Serv. Comput."},{"key":"ref_12","unstructured":"Lingfeng, C., and Hoang, D.B. (2011, January 16\u201318). Towards scalable, fine-grained, intrusion-tolerant data protection models for healthcare cloud. Proceedings of the 2011 IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Changsha, China."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Morin, J., Aubert, J., and Gateau, B. (2012, January 4\u20137). Towards cloud computing SLA risk management: Issues and challenges. Proceedings of the 2012 45th Hawaii International Conference on System Science (HICSS), Maui, HI, USA.","DOI":"10.1109\/HICSS.2012.602"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"523","DOI":"10.1109\/TDSC.2010.74","article-title":"ELMO: Energy aware local monitoring in sensor networks","volume":"8","author":"Khalil","year":"2011","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Khalil, I., and Bagchi, S. (2008, January 22\u201325). MISPAR: Mitigating stealthy packet dropping in locally-monitored multi-hop wireless Ad Hoc networks. Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks (SecureComm \u201908), Istanbul, Turkey. article 28.","DOI":"10.1145\/1460877.1460913"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Khalil, I. (2010, January 6\u201310). MCC: Mitigating colluding collision attacks in wireless sensor networks. Proceedings of the 2010 IEEE Global Telecommunications Conference (GLOBECOM 2010), Miami, FL, USA.","DOI":"10.1109\/GLOCOM.2010.5683731"},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Hayajneh, M., Khalil, I., and Gadallah, Y. (\u2013, January June). An OFDMA-based MAC protocol for under water acoustic wireless sensor network. Proceedings of the 2009 ACM International Conference on Wireless Communications and Mobile Computing (IWCMC\u201909), Leipzig, Germany.","DOI":"10.1145\/1582379.1582556"},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Khalil, I., Hayajneh, M., and Awad, M. (2009, January 5\u20138). SVNM: Secure verification of neighborhood membership in static multi-hop wireless networks. Proceedings of the IEEE Symposium on Computers and Communications, 2009, ISCC 2009, Sousse.","DOI":"10.1109\/ISCC.2009.5202232"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Sengupta, S., Kaulgud, V., and Sharma, V.S. (2011, January 4\u20139). Cloud computing security\u2014Trends and research directions. Proceedings of the 2011 IEEE World Congress on Services (SERVICES), Washington, DC, USA.","DOI":"10.1109\/SERVICES.2011.20"},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Chow, R., Golle, P., Jakobsson, M., Shi, E., Staddon, J., Masuoka, R., and Molina, J. (2009, January 13). Controlling data in the cloud: Outsourcing computation without outsourcing control. Proceedings of the 2009 ACM Workshop on Cloud Computing Security, Chicago, IL, USA.","DOI":"10.1145\/1655008.1655020"},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Samarati, P., and di Vimercati, S.D.C. (2010, January 4\u20138). Data protection in outsourcing scenarios: Issues and directions. Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (ASIACCS \u201910), Chicago, IL, USA.","DOI":"10.1145\/1755688.1755690"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Popovic, O., Jovanovic, Z., Jovanovic, N., and Popovic, R. (2011, January 5\u20138). A comparison and security analysis of the cloud computing software platforms. Proceedings of the 2011 10th International Conference on Telecommunication in Modern Satellite Cable and Broadcasting Services (TELSIKS), Nis, Serbia.","DOI":"10.1109\/TELSKS.2011.6143192"},{"key":"ref_23","unstructured":"Gul, I., ur Rehman, A., and Islam, M.H. (2011, January 21\u201323). Cloud computing security auditing. Proceedings of the 2011 The 2nd International Conference on Next Generation Information Technology (ICNIT), Gyeongju, Korea."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Kandukuri, B.R., Paturi, V.R., and Rakshit, A. (2009, January 21\u201325). Cloud security issues. Proceedings of the IEEE International Conference on Services Computing, 2009 (SCC \u201909), Bangalore, India.","DOI":"10.1109\/SCC.2009.84"},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Chen, Z., and Yoon, J. (2010, January 5\u201310). IT auditing to assure a secure cloud computing. Proceedings of the 2010 6th World Congress on Services (SERVICES-1), Miami, FL, USA.","DOI":"10.1109\/SERVICES.2010.118"},{"key":"ref_26","unstructured":"Ryan, G.W., and Bernard, H.R. Data Management and Analysis Methods. Available online:http:\/\/www.rand.org\/pubs\/external_publications\/EP20000033.html."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"345","DOI":"10.1177\/1468794103033004","article-title":"The status of method: Flexibility, consistency and coherence","volume":"3","author":"Holloway","year":"2003","journal-title":"Qual. Res."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1186\/1869-0238-4-5","article-title":"An analysis of security issues for cloud computing","volume":"4","author":"Hashizume","year":"2013","journal-title":"J. Internet Serv. Appl."},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"583","DOI":"10.1016\/j.future.2010.12.006","article-title":"Addressing cloud computing security issues","volume":"28","author":"Zissis","year":"2012","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Md Whaiduzzaman, M., Sookhak, M., Gani, A., and Buyya, R. (2013). A survey on vehicular cloud computing. J. Netw. Comput. Appl.","DOI":"10.1016\/j.jnca.2013.08.004"},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"77","DOI":"10.1191\/1478088706qp063oa","article-title":"Using thematic analysis in psychology","volume":"3","author":"Braun","year":"2006","journal-title":"Qual. Res. Psychol."},{"key":"ref_32","unstructured":"A Survey on Cloud Computing Security, Challenges and Threats|Whitepapers|TechRepublic. Available online:http:\/\/www.techrepublic.com\/whitepapers\/a-survey-on-cloud-computing-security-challenges-and-threats\/3483757."},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Thalmann, S., Bachlechner, D., Demetz, L., and Maier, R. (2012, January 4\u20137). Challenges in cross-organizational security management. Proceedings of the 2012 45th Hawaii International Conference on System Science (HICSS), Maui, HI, USA.","DOI":"10.1109\/HICSS.2012.148"},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Riquet, D., Grimaud, G., and Hauspie, M. (2012, January 4\u20136). Large-scale coordinated attacks: Impact on the cloud security. Proceedings of the 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), Palermo, Italy.","DOI":"10.1109\/IMIS.2012.76"},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Gonzalez, N., Miers, C., Redigolo, F., Carvalho, T., Simplicio, M., Naslund, M., and Pourzandi, M. (December, January 29). A quantitative analysis of current security concerns and solutions for cloud computing. Proceedings of the 2011 IEEE Third International Conference on Cloud Computing Technology and Science (CloudCom), Athens, Greece.","DOI":"10.1109\/CloudCom.2011.39"},{"key":"ref_36","unstructured":"Rachel Suresh, N., and Mathew, S.V. (2011, January 11\u201314). Security concerns for cloud computing in aircraft data networks. Proceedings of the 2011 International Conference for Internet Technology and Secured Transactions (ICITST), Abu Dhabi, United Arab Emirates."},{"key":"ref_37","unstructured":"Fangfei, Z., Goel, M., Desnoyers, P., and Sundaram, R. (2011, January 25\u201327). Scheduler vulnerabilities and coordinated attacks in cloud computing. Proceedings of the 2011 10th IEEE International Symposium on Network Computing and Applications (NCA), Cambridge, MA, USA."},{"key":"ref_38","unstructured":"Who Can You Trust in the Cloud? A Review of Security Issues within Cloud Computing. Available online:http:\/\/www.drjeffdaniels.com\/1\/post\/2011\/10\/who-can-you-trust-in-the-cloud-a-review-of-security-issues-within-cloud-computing.html."},{"key":"ref_39","unstructured":"Mollet, N.G. (2011). Cloud Computing Security. [Bachelor of Engineering Degree Information Technology Thesis, Helsinki Metropolia University of Applied Sciences]."},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Behl, A. (2011, January 11\u201314). Emerging security challenges in cloud computing: An insight to cloud security challenges and their mitigation. Proceedings of the 2011 World Congress on Information and Communication Technologies (WICT), Mumbai, India.","DOI":"10.1109\/WICT.2011.6141247"},{"key":"ref_41","doi-asserted-by":"crossref","unstructured":"Mathisen, E. (June, January 31). Security challenges and solutions in cloud computing. Proceedings of the 2011 5th IEEE International Conference on Digital Ecosystems and Technologies Conference (DEST), Daejeon, Korea.","DOI":"10.1109\/DEST.2011.5936627"},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Bhardwaj, A., and Kumar, V. (2011, January 22\u201324). Cloud security assessment and identity management. Proceedings of the 2011 14th International Conference on Computer and Information Technology (ICCIT), Dhaka, Bangladesh.","DOI":"10.1109\/ICCITechn.2011.6164819"},{"key":"ref_43","doi-asserted-by":"crossref","unstructured":"Mahmood, Z. (2011, January 7\u20139). Data location and security issues in cloud computing. Proceedings of the 2011 International Conference on Emerging Intelligent Data and Web Technologies (EIDWT), Tirana, Albania.","DOI":"10.1109\/EIDWT.2011.16"},{"key":"ref_44","doi-asserted-by":"crossref","unstructured":"Gruschka, N., and Jensen, M. (2010, January 5\u201310). Attack surfaces: A taxonomy for attacks on cloud services. Proceedings of the 2010 IEEE 3rd International Conference on Cloud Computing (CLOUD), Miami, FL, USA.","DOI":"10.1109\/CLOUD.2010.23"},{"key":"ref_45","doi-asserted-by":"crossref","first-page":"42","DOI":"10.1145\/1330555.1330556","article-title":"Comparison of the three CPU schedulers in Xen","volume":"35","author":"Cherkasova","year":"2007","journal-title":"ACM SIGMETERICS Perform. Eval. Rev."},{"key":"ref_46","unstructured":"Fu, W., and Li, X. (2011, January 9\u201311). The study on data security in cloud computing based on virtualization. Proceedings of the 2011 International Symposium on IT in Medicine and Education (ITME), Cuangzhou, China."},{"key":"ref_47","doi-asserted-by":"crossref","unstructured":"Kim, H., Lim, H., Jeong, J., Jo, H., and Lee, J. (2009, January March). Task-aware virtual machine scheduling for I\/O Performance. Proceedings of the 2009 ACM SIGPLAN\/SIGOPS International Conference on Virtual Execution Environments, Washington, DC.","DOI":"10.1145\/1508293.1508308"},{"key":"ref_48","unstructured":"Cherkasova, L., Gupta, D., and Vahdat, A. (2007). When virtual is harder than real: Resource allocation challenges in virtual machine based IT environments, Technical Report HPL-2007-25."},{"key":"ref_49","doi-asserted-by":"crossref","unstructured":"Karnwal, T., Sivakumar, T., and Aghila, G. (2012, January 1\u20132). A comber approach to protect cloud computing against XML DDoS and HTTP DDoS attack. Proceedings of the 2012 IEEE Students\u2019 Conference on Electrical, Electronics and Computer Science (SCEECS), Bhopal, India.","DOI":"10.1109\/SCEECS.2012.6184829"},{"key":"ref_50","doi-asserted-by":"crossref","unstructured":"Liu, S.-T., and Chen, Y.-M. (2010, January 10\u201312). Retrospective detection of malware attacks by cloud computing. Proceedings of the 2010 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), Huangshan, China.","DOI":"10.1109\/CyberC.2010.99"},{"key":"ref_51","unstructured":"Oberheide, J., Cooke, E., and Jahanian, F. CloudAV: N-version antivirus in the network cloud. Proceedings of the 17th Conference on Security Symposium (SS \u201908)."},{"key":"ref_52","unstructured":"Martignoni, L., Paleari, R., and Bruschi, D. (2009, January 14\u201318). A framework for behavior-based malware analysis in the cloud. Proceedings of the 5th International Conference on Information Systems Security (ICISS \u201909), Kolkata, India."},{"key":"ref_53","doi-asserted-by":"crossref","first-page":"833","DOI":"10.1016\/j.future.2012.01.006","article-title":"A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing","volume":"28","author":"Khorshed","year":"2012","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_54","doi-asserted-by":"crossref","unstructured":"Aviram, A., Hu, S., Ford, B., and Gummadi, R. Determinating timing channels in compute clouds. Proceedings of the 2010 ACM Workshop on Cloud Computing Security Workshop (CCSW \u201910).","DOI":"10.1145\/1866835.1866854"},{"key":"ref_55","doi-asserted-by":"crossref","unstructured":"Hlavacs, H., Treutner, T., Gelas, J., Lefevre, L., and Orgerie, A. (2011, January 12\u201314). Energy consumption side-channel attack at virtual machines in a cloud. Proceedings of the 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing (DASC), Sydney, NSW, Australia.","DOI":"10.1109\/DASC.2011.110"},{"key":"ref_56","doi-asserted-by":"crossref","unstructured":"Rocha, F., and Correia, M. (2011, January 27\u201330). Lucy in the sky without diamonds: Stealing confidential data in the cloud. Proceedings of the 2011 IEEE\/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSNW \u201911), Hong Kong, China.","DOI":"10.1109\/DSNW.2011.5958798"},{"key":"ref_57","doi-asserted-by":"crossref","unstructured":"Ristenpart, T., Tromer, E., Shacham, H., and Savage, S. (2009, January 9\u201313). Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds. Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS \u201909), Chicago, IL, USA.","DOI":"10.1145\/1653662.1653687"},{"key":"ref_58","unstructured":"(Top Threats to Cloud Computing V1.0, 2010). Top Threats to Cloud Computing V1.0."},{"key":"ref_59","doi-asserted-by":"crossref","first-page":"17","DOI":"10.1109\/MSP.2010.173","article-title":"Cloud computing roundtable","volume":"8","author":"Grosse","year":"2010","journal-title":"IEEE Secur. Priv."},{"key":"ref_60","doi-asserted-by":"crossref","unstructured":"Lin, W., and Lee, D. (2012, January 18\u201321). Traceback attacks in cloud\u2014Pebbletrace botnet. Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops (ICDCSW), Macau, China.","DOI":"10.1109\/ICDCSW.2012.61"},{"key":"ref_61","unstructured":"Kourai, K., Azumi, T., and Chiba, S. A self-protection mechanism against stepping-stone attacks for IaaS clouds. Proceedings of the UIC\/ATC."},{"key":"ref_62","doi-asserted-by":"crossref","unstructured":"Liu, B., Xu, E., Wang, J., Wei, Z., Xu, L., Zhao, B., and Su, J. (2011, January 12\u201314). Thwarting audio steganography attacks in cloud storage systems. Proceedings of the 2011 International Conference on Cloud and Service Computing (CSC), Hong Kong, China.","DOI":"10.1109\/CSC.2011.6138530"},{"key":"ref_63","doi-asserted-by":"crossref","unstructured":"Mazurczyk, W., and Szczypiorski, K. (2011, January 4\u20136). Is cloud computing steganography-proof?. Proceedings of the 2011 Third International Conference on Multimedia Information Networking and Security (MINES \u201911), Shanghai, China.","DOI":"10.1109\/MINES.2011.95"},{"key":"ref_64","doi-asserted-by":"crossref","first-page":"66","DOI":"10.1109\/MC.2011.259","article-title":"Defending against web application vulnerabilities","volume":"45","author":"Antunes","year":"2012","journal-title":"Computer"},{"key":"ref_65","doi-asserted-by":"crossref","unstructured":"Parno, B., Lorch, J.R., Douceur, J.R., Mickens, J., and McCune, J.M. (2011, January 22\u201325). Memoir: Practical state continuity for protected modules. Proceedings of the 2011 IEEE Symposium on Security and Privacy (SP \u201911), Oakland, CA, USA.","DOI":"10.1109\/SP.2011.38"},{"key":"ref_66","unstructured":"Zeus Bot Found Using Amazon\u2019s EC2 as C&C Server. Available online:http:\/\/www.theregister.co.uk\/2009\/12\/09\/amazon ec2 bot control channel\/."},{"key":"ref_67","unstructured":"Google Cloud Platform Used for Botnet Control. Available online:http:\/\/www.infosecurity-magazine.com\/view\/5115\/google-cloud-platform-used-for-botnet-control\/."},{"key":"ref_68","unstructured":"Raytheon UK Targeted in Cloud-Based Attack. Available online:http:\/\/www.zdnet.co.uk\/news\/security-threats\/2011\/10\/12\/raytheon-uk-targeted-in-cloud-based-attack-40094173\/."},{"key":"ref_69","unstructured":"Srivastava, A., and Giffin, J. (2008, January 15\u201317). Tamper-resistant, application-aware blocking of malicious network connections. Proceedings of the 11th International Symposium, RAID 2008, Cambridge, MA, USA."},{"key":"ref_70","doi-asserted-by":"crossref","unstructured":"Tupakula, U., Varadharajan, V., and Akku, N. (2011, January 12\u201314). Intrusion detection techniques for infrastructure as a service cloud. Proceedings of the 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing (DASC), Sydney, Australia.","DOI":"10.1109\/DASC.2011.128"},{"key":"ref_71","doi-asserted-by":"crossref","first-page":"437","DOI":"10.1145\/2189750.2151022","article-title":"Architectural support for hypervisor-secure virtualization","volume":"40","author":"Szefer","year":"2012","journal-title":"SIGARCH Comput. Arch. News"},{"key":"ref_72","doi-asserted-by":"crossref","unstructured":"Lo, C.-C., Huang, C.-C., and Ku, J. (2010, January 13\u201316). A cooperative intrusion detection system framework for cloud computing networks. Proceedings of the 2010 39th International Conference on Parallel Processing Workshops (ICPPW), San Diego, CA, USA.","DOI":"10.1109\/ICPPW.2010.46"},{"key":"ref_73","doi-asserted-by":"crossref","first-page":"38","DOI":"10.1109\/MITP.2009.89","article-title":"Intrusion detection for grid and cloud computing","volume":"12","author":"Vieira","year":"2010","journal-title":"IT Prof."},{"key":"ref_74","doi-asserted-by":"crossref","unstructured":"Wang, D., and Zhou, Z. (2010, January 22\u201323). Application of cloud model in intrusion detection. Proceedings of the 2010 2nd International Conference on e-Business and Information System Security (EBISS), Wuhan, China.","DOI":"10.1109\/EBISS.2010.5473507"},{"key":"ref_75","doi-asserted-by":"crossref","unstructured":"Van athi, R., and Gunasekaran, S. (2012, January 10\u201312). Comparison of network intrusion detection systems in cloud computing environment. Proceedings of the 2012 International Conference on Computer Communication and Informatics (ICCCI), Coimbatore, India.","DOI":"10.1109\/ICCCI.2012.6158820"},{"key":"ref_76","doi-asserted-by":"crossref","unstructured":"Roschke, S., Cheng, F., and Meinel, C. (2009, January 12\u201314). Intrusion detection in the cloud. Proceedings of the Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing, 2009 (DASC \u201909), Chengdu, China.","DOI":"10.1109\/DASC.2009.94"},{"key":"ref_77","unstructured":"Zargar, S.T., Takabi, H., and Joshi, J.B.D. (2011, January 15\u201318). DCDIDP: A distributed, collaborative, and data-driven intrusion detection and prevention framework for cloud computing environments. Proceedings of the 2011 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), Orlando, FL, USA."},{"key":"ref_78","doi-asserted-by":"crossref","unstructured":"Dastjerdi, A.V., Bakar, K.A., and Tabatabaei, S.G.H. (2009, January 11\u201316). Distributed intrusion detection in clouds using mobile agents. Proceedings of the Third International Conference on Advanced Engineering Computing and Applications in Sciences, 2009 (ADVCOMP \u201909), Sliema, Malta.","DOI":"10.1109\/ADVCOMP.2009.34"},{"key":"ref_79","doi-asserted-by":"crossref","unstructured":"Ye, D., Bai, Q., Zhang, M., and Ye, Z. (2008, January 14\u201316). P2P distributed intrusion detections by using mobile agents. Proceedings of the Seventh IEEE\/ACIS International Conference on Computer and Information Science, 2008 (ICIS 08), Portland, OR, USA.","DOI":"10.1109\/ICIS.2008.21"},{"key":"ref_80","unstructured":"Kannadiga, P., and Zulkernine, M. (2005, January 23\u201325). DIDMA: A distributed intrusion detection system using mobile agents. Proceedings of the Sixth International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel\/Distributed Computing, and First ACIS International Workshop on Self-Assembling Wireless Networks."},{"key":"ref_81","doi-asserted-by":"crossref","unstructured":"Erdil, D.C. (2011, January 16\u201320). Dependable autonomic cloud computing with information proxies. Proceedings of the 2011 IEEE International Symposium on Parallel and Distributed Processing Workshops and Phd Forum (IPDPSW), Shanghai, China.","DOI":"10.1109\/IPDPS.2011.305"},{"key":"ref_82","doi-asserted-by":"crossref","unstructured":"Doelitzscher, F., Reich, C., Knahl, M., and Clarke, N. (December, January 29). An autonomous agent based incident detection system for cloud environments. Proceedings of the 2011 IEEE Third International Conference on Cloud Computing Technology and Science (CloudCom), Athens, Greece.","DOI":"10.1109\/CloudCom.2011.35"},{"key":"ref_83","unstructured":"Balen, D., Westphall, C., and Westphall, C. (2011, January January). Experimental assessment of routing for grid and cloud. Proceedings of the Tenth International Conference on Networks (ICN 2011), St. Maarten, The Netherlands Antilles."},{"key":"ref_84","doi-asserted-by":"crossref","unstructured":"Sodhi, B., and Prabhakar, T.V. (2011, January 12\u201315). A cloud architecture using smart nodes. Proceedings of the 2011 IEEE Asia-Pacific Services Computing Conference (APSCC), Jeju Island, Korea.","DOI":"10.1109\/APSCC.2011.51"},{"key":"ref_85","doi-asserted-by":"crossref","unstructured":"Yazir, Y.O., Matthews, C., Farahbod, R., Neville, S., Guitouni, A., Ganti, S., and Coady, Y. (2010, January 5\u201310). Dynamic resource allocation in computing clouds using distributed multiple criteria decision analysis. Proceedings of the 2010 IEEE 3rd International Conference on Cloud Computing (CLOUD), Miami, FL, USA.","DOI":"10.1109\/CLOUD.2010.66"},{"key":"ref_86","unstructured":"Mareschal, B. (1987). Aide a la Decision Multicritere: Developpements Recents des Methodes PROMETHEE, Cahiers du Centre d\u2019Etudes en Recherche Operationelle."},{"key":"ref_87","doi-asserted-by":"crossref","unstructured":"Uchida, N., Takahata, K., and Shibata, Y. (2011, January 26\u201328). Proposal of overlay cloud computing system by virtual autonomous network configuration. Proceedings of the 2011 International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), Barcelona, Spain.","DOI":"10.1109\/3PGCIC.2011.56"},{"key":"ref_88","unstructured":"Bishop, M. (2002). Computer Security: Art and Science, Addison-Wesley Professional."},{"key":"ref_89","unstructured":"Leandro, M.A.P., Nascimento, T.J., dos Santos, D.R., Westphall, C.M., and Westphall, C.B. Multi-tenancy authorization system with federated identity for cloud-based environments using shibboleth. Proceedings of the Eleventh International Conference on Networks."},{"key":"ref_90","doi-asserted-by":"crossref","first-page":"95","DOI":"10.1109\/TCE.2012.6170060","article-title":"Enhancing privacy and dynamic federation in IdM for consumer cloud computing","volume":"58","author":"Sanchez","year":"2012","journal-title":"IEEE Trans. Consum. Electron."},{"key":"ref_91","unstructured":"Revealed: Why Android Beats iPhone for Organized Crime. Available online:http:\/\/blogs.computerworld.com\/16392\/security_android_beats_iphone_for_crime."},{"key":"ref_92","unstructured":"(1989). Oxford English Dictionary, In Shibboleth."},{"key":"ref_93","doi-asserted-by":"crossref","unstructured":"Albeshri, A., and Caelli, W. (2010, January 1\u20133). Mutual protection in a cloud computing environment. Proceedings of the 2010 12th IEEE International Conference on the High Performance Computing and Communications (HPCC), Melbourne, VIC, Australia.","DOI":"10.1109\/HPCC.2010.87"},{"key":"ref_94","doi-asserted-by":"crossref","unstructured":"Angin, P., Bhargava, B., Ranchal, R., Singh, N., Linderman, M., Othmane, L.B., and Lilien, L. (November, January 31). An entity-centric approach for privacy and identity management in cloud computing. Proceedings of the 2010 29th IEEE Symposium on Reliable Distributed Systems, New Delhi, India.","DOI":"10.1109\/SRDS.2010.28"},{"key":"ref_95","doi-asserted-by":"crossref","unstructured":"Ates, M., Ravet, S., Ahmat, A.M., and Fayolle, J. (2011, January 22\u201326). An identity-centric internet: Identity in the cloud, identity as a service and other delights. Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security (ARES), Vienna, Austria.","DOI":"10.1109\/ARES.2011.85"},{"key":"ref_96","unstructured":"Kaspersky Security Bulletin. Statistics 2011. Available online:http:\/\/www.securelist.com\/en\/analysis\/204792216\/Kaspersky_Security_Bulletin_Statistics_2011."},{"key":"ref_97","doi-asserted-by":"crossref","unstructured":"You, P., Peng, Y., Liu, W., and Xue, S. (2012, January 18\u201321). Security issues and solutions in cloud computing. Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops (ICDCSW), Macau, China.","DOI":"10.1109\/ICDCSW.2012.20"},{"key":"ref_98","unstructured":"Bhadauria, R., Chaki, R., Chaki, N., and Sanyal, S. A Survey on Security Issues in Cloud Computing. Available online:http:\/\/arxiv.org\/abs\/1109.5388."},{"key":"ref_99","doi-asserted-by":"crossref","unstructured":"Kanday, R. (2012, January 14\u201315). A survey on cloud computing security. Proceedings of the 2012 International Conference on Computing Sciences (ICCS), Phagwara, India.","DOI":"10.1109\/ICCS.2012.6"},{"key":"ref_100","doi-asserted-by":"crossref","unstructured":"Zhou, M., Zhang, R., Xie, W., Qian, W., and Zhou, A. (2010, January 1\u20133). Security and privacy in cloud computing: A survey. Proceedings of the 2010 Sixth International Conference on Semantics Knowledge and Grid (SKG), Beijing, China.","DOI":"10.1109\/SKG.2010.19"},{"key":"ref_101","doi-asserted-by":"crossref","unstructured":"Abraham, A., Mauri, J.L., Buford, J.F., Suzuki, J., and Thampi, S.M. (2011). Advances in Computing and Communications, Springer Berlin Heidelberg. Communications in Computer and Information Science.","DOI":"10.1007\/978-3-642-22714-1"},{"key":"ref_102","doi-asserted-by":"crossref","first-page":"69","DOI":"10.1109\/MIC.2012.14","article-title":"Security challenges for the public cloud","volume":"16","author":"Ren","year":"2012","journal-title":"IEEE Internet Comput."},{"key":"ref_103","doi-asserted-by":"crossref","first-page":"42","DOI":"10.1016\/j.adhoc.2007.11.015","article-title":"Efficient wireless reprogramming through reduced bandwidth usage and opportunistic sleeping","volume":"Volume 7","author":"Panta","year":"2009","journal-title":"Ad Hoc Networks (an Elsevier Journal)"},{"key":"ref_104","unstructured":"Khalil, I. (\u2013, January December). MCC: Mitigating colluding collision attacks in wireless sensor networks. Proceedings of the IEEE Global Communications Conference (IEEE GLOBECOM\u201910), Miami, Florida, USA."},{"key":"ref_105","unstructured":"105.\thttp:\/\/blog.scalar.ca\/Blog\/bid\/87248\/Mitigating-common-cloud-computing-risks."}],"container-title":["Computers"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2073-431X\/3\/1\/1\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T21:07:55Z","timestamp":1760216875000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2073-431X\/3\/1\/1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,2,3]]},"references-count":105,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2014,3]]}},"alternative-id":["computers3010001"],"URL":"https:\/\/doi.org\/10.3390\/computers3010001","relation":{},"ISSN":["2073-431X"],"issn-type":[{"value":"2073-431X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2014,2,3]]}}}