SaaS Security Solutions Through Soft Computing Techniques

Abstract

The Cloud prototype is growing extremely fast owing to its on-demand services. newlineSoftware-as-a Service (SaaS) is surrounded by the excellent and best ever rising field newlinein the epoch of Cloud computing. Companies are considering SaaS solutions which newlineprovide various advantages predominantly with decrease in cost and time. The major newlinefactor in the achievement of SaaS is based upon client s fulfilment. Security is found newlineas the major critical issue for SaaS in Cloud computing. SaaS in Cloud computing newlineprovides following benefits: efficient use of software licenses, modest tools, centralized newlinemanagement of data, multi-tenant solutions, minimal maintenance, easy upgrades and newlinescalability. newlineThe existing works on security in Cloud focuses on multi factor authentication, newlineverifying the access control, monitoring the data access, verifying the data deletion, newlinecontrolling the consumer access devices, security check events etc. However, these newlineservices are delayed and sometimes totally disrupted because of the Internet s newlineunavailability that provides opportunities for a lot of attacks. The range of intimidation newlinethat possibly attacks a network is considered as a hazardous. Worms, DoS or botnet newlineattacks are the subsets of threats that frequently occur in the networks. Further, there is newlinea need to implement a holistic solution for the model that allows malware prevention, newlinerisk assessment, malicious behaviour identification, data loss prevention and data newlineclassification. newlineImportant reasons for this gap could be due to the misconfigurations of Cloud services, newlinenot having an exit strategy; difficult to maintain noisy, voluminous and high newlinedimensionality data, increase in false positive percentage, lower attack detection rate, newlinepoor testing and training accuracy, less throughput which incurs in high delay. newlineInsufficient research exists; however, this research work is envisioned to fully newlineunderstand how attack detection, mitigation and risk assessment can be combined with newlinehybridised and enhanced soft computing techniques. newlineThis thesis has four contributio