I have always been interested in the cloud and how it operates, but I also am intrigued by the security aspect of cloud-based services. With that, I mean exactly what is being done to detect malicious or suspicious activity and when detected what is being done? I think I could design and implement monitoring within the cloud that looks for suspicious activity and then once it becomes alerted I can have it change the access rules to block any exfiltration. My main goal of the project would make cloud servers more secure for people and less likely to have a data leak as that has become more of a popular thing.

Objectives:

• Lots and lots of research
• Creating a cloud service using AWS or Azure
• Creating a monitoring system that looks through logs and determines if anything is suspicious.
• Once it finds suspicious activity automatically change the access rules to block exfiltration for that particular connection.

Useful Links & Thoughts

• https://www.microsoft.com/en-us/research/publication/fighting-the-fog-of-war-automated-incident-detection-for-cloud-systems-2/
• https://www.ijert.org/cloud-based-malware-detection-system
• https://projectchampionz.com.ng/2018/05/04/management-system-cloud-computing/
• https://www.semanticscholar.org/paper/Automatic-Detection-Model-of-Malware-Signature-for-Wu-Zhang/df0e9f4eb4548199af1772d43d31bcff6cb91a68
• Google cloud IDS