Cloud Computing Security Frameworks: Mitigating Phishing Attacks in Virtual Environments

By: Soo Nee Kee^1,2

¹Universiti Malaya, Kuala Lumpur, Malaysia.

²International Center for AI and Cyber Security Research and Innovations, Asia University, Taiwan Email: nee.kee2001.nks@gmail.com

Abstract

Cloud computing is widely used by many organizations and corporates in recent year due to its scalability, flexibility and cost-effectiveness. Cloud computing offers a range of services, including storage, servers and software, enabling organizations to use the resources on demand. It allows businesses to scale their IT infrastructure horizontally and vertically without the significant need of hardware investment. It brings a lot of convenient to human life by offering ease to use solutions. However, the security issues still the main concern of cloud computing, especially phishing attacks since the traditional security measurement is difficult to prevent phishing. Thus, a decentralized phishing blacklist approach is proposed to mitigate phishing attacks in cloud computing.

Keywords: Blockchain, Smart Contracts, Cloud Computing, Phishing

Introduction

Phishing is one of the common cybersecurity attacks, in which attackers persuade victims to open a fake URLs found in emails, messages or websites. The fake URLs can be worn to victims, as attacks can steal privacy information for unauthorized use, which lead to sensitive data leakage or financial loss. Thus, blockchain is implemented in the virtual environment to prevent phishing in cloud computing. Blockchain is a decentralized ledger that stores transaction records in a distributed manner, which means data is distributed across each node within a network. Therefore, stored data is difficult to modify, edit or delete, providing temper-resistant to the system and ensuring transparency and traceability. [1]

Proposed Framework

In this paper, a decentralized phishing blacklist approach is proposed by using blockchain, eliminating centralized storage and preventing single point failure. Blockchain is used to store all potential phishing URLs. Its temper-proof nature enhances the security since nobody can modify or delete the stored records on blockchain. In the cloud environment, there are several nodes spread across the network to perform analysis in order to detect phishing URLs. Once URLs are classified malicious, smart contracts will be triggered, logging the phishing URLs and its domain information on blockchain. The stored information consists phishing URL’s metadata such as timestamp, domain and URL. Those metadata will be stored in block and each block connects previous blocks via cryptographic chain, making it impossible to edit and any malicious changes on blockchain can be traced. [2] When new phishing URL is added, the system will propagate across the network to give alerts to all nodes, protecting them from phishing vulnerabilities. This phishing blacklist approach integrates with cloud to detect and prevent phishing attacks effectively, providing a safe place for all cloud users.

A diagram of a cloud computing system

Description automatically generated — Figure 1: Overview of Decentralized Phishing Blacklist System

Conclusion

In conclusion, building a decentralized phishing blacklist using blockchain can effectively prevent phishing attacks and enhance the security of cloud environment. All cloud users are able to view the entire blacklist in the blockchain, receiving real-time alerts about the phishing contents. The use of smart contracts helps automate the process of storing phishing contents on blockchain, providing a seamless and efficient way for updating and distributing the blacklist across the network. Furthermore, the tamper-resistant characteristic of blockchain not only strengthen the security of cloud computing, but also enhances the transparency and accountability of the cloud environment.

Reference

“Exploring the integration of edge computing and blockchain IoT: Principles, architectures, security, and applications – ScienceDirect.” Accessed: Oct. 04, 2024. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S1084804524000614
R. Karthika, C. Valliyammai, and M. Naveena, “Phish Block: A Blockchain Framework for Phish Detection in Cloud,” Jun. 2022, doi: 10.32604/csse.2023.024086.
Vajrobol, V., Gupta, B. B., & Gaurav, A. (2024). Mutual information based logistic regression for phishing URL detection. Cyber Security and Applications, 2, 100044.
Gupta, B. B., Gaurav, A., Panigrahi, P. K., & Arya, V. (2023). Analysis of cutting-edge technologies for enterprise information system and management. Enterprise Information Systems, 17(11), 2197406.
Gupta, B. B., Gaurav, A., & Panigrahi, P. K. (2023). Analysis of retail sector research evolution and trends during COVID-19. Technological Forecasting and Social Change, 194, 122671.

Cite As

Kee S.N. (2024) Cloud Computing Security Frameworks: Mitigating Phishing Attacks in Virtual Environments, Insights2Techinfo, pp.1

794300cookie-checkCloud Computing Security Frameworks: Mitigating Phishing Attacks in Virtual Environments

Post Views: 38

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cloud Computing Security Frameworks: Mitigating Phishing Attacks in Virtual Environments

Conclusion

Reference

Cite As

Leave a Reply Cancel reply

Detecting and Preventing Phishing Attacks in IoT-Based Smart Healthcare Systems

Data-Driven Insights into Rare Disease Diagnosis and Treatment with AI

Genetic Algorithms and Data Analytics for Cybersecurity in Phishing and Blockchain Systems

Machine Learning in Biometric Security Systems

The Role of AI and Machine Learning in Cloud Storage

How AI is Revolutionizing Cyber Forensics

Blockchain-Enabled Security: Revolutionizing Data Protection

Deep Learning in Cybersecurity: From Prediction to Prevention

Harnessing Machine Learning for Advanced Cyber Threat Detection

AI-Driven Security: Revolutionizing Cyber Protection in a Hyper-Connected World

From Data to Defense: Machine Learning’s Role in Modern Cybersecurity