Cloud Security

(logo)

Overview

With all their economical advantages, the shared, large-scale cloud infrastructure introduces new security threats, and also amplifies well-known security risks. This project is focused on designing techniques to protecting cloud users against emerging threats experienced by public clouds. Currently, we are building a monitoring infrastructure for the Massachusetts Open Cloud (MOC) in collaboration with researchers from Boston University. We instrument all cloud layers including physical, virtual, cloud management and network and design a flexible architecture that carefully calibrates the tension between transparency and privacy risks imposed on cloud users. We plan to apply machine learning techniques to profile legitimate activities and detect a wide range of attacks against the cloud such as data leakage, account compromise and abuse of cloud services.

Publications

    Conferences

    MOSAIC: A Platform for Monitoring and Anomaly Detection in Cloud Computing Alina Oprea, Ata Turk, Cristina Nita-Rotaru and Orran Krieger. The First IEEE Cybersecurity Development Conference (SecDev). Short paper. [PDF]
    New Approaches to Security and Availability for Cloud Data Ari Juels and Alina Oprea In Communications of the ACM (CACM) volume 56, issue 2, 2013 [PDF]
    Iris: A Scalable Cloud File System with Efficient Integrity Checks Emil Stefanov, Marten van Dijk, Alina Oprea, and Ari Juels In Proceedings of Annual Computer Security Applications Conference (ACSAC), 2013 PDF]
    Hourglass Schemes: How to Prove that Cloud Files Are Encrypted Marten van Dijk, Ari Juels, Alina Oprea, Ronald L. Rivest, Emil Stefanov, and Nikos Triandopoulos In Proceedings of ACM Conference on Computer and Communications Security (CCS), 2012 PDF]
    How to Tell if Your Cloud Files Are Vulnerable to Drive Crashes Kevin D. Bowers, Marten van Dijk, Ari Juels, Alina Oprea, and Ronald L. Rivest In Proceedings of ACM Conference on Computer and Communications Security (CCS), 2011 PDF]
    HomeAlone: Co-Residency Detection in the Cloud via Side-Channel Analysis Yinqian Zhang, Ari Juels, Alina Oprea, and Michael K. Reiter In Proceedings of IEEE Symposium on Security and Privacy (Oakland), 2011 PDF]
    HAIL: A High-Availability and Integrity Layer for Cloud Storage Kevin D. Bowers, Ari Juels, and Alina Oprea In Proceedings of ACM Conference on Computer and Communications Security (CCS), 2009 PDF]
    Proofs of Retrievability: Theory and Implementation Kevin D. Bowers, Ari Juels, and Alina Oprea In Proceedings of ACM Cloud Computing Security Workshop (CCSW), 2009 PDF]

    Presentations

    Analytics-Based Security Service for the MOC
    Massachusetts Open Cloud Annual Workshop, Boston University, November 2015
    Protecting Cloud Infrastructures against Modern Attacks
    Secure Cloud Computing and Storage Workshop, Boston University, May 2015
    GREPSEC workshop for women in computer security research, May 2015
    New Approaches for Securing Cloud Data
    Zurich Information Security Center (ZISC) Workshop, ETH Zurich, June 2012
    CDSP research workshop at Northeastern University, April 2012
    MIT security seminar, April 2012
    HomeAlone: Co-residency Detection in the Cloud via Side-Channel Analysis
    MIT security seminar, March 2011
    HAIL: A High Availability and Integrity Layer for Cloud Storage
    Guest lecture at cloud computing course at MIT, March 2011
    Microsoft Research Redmond Cryptography Colloquium, December 2009
    Crypto in the Clouds Workshop, MIT, August 2009

Students

  • Gen Ohta, undergraduate student, Northeastern University

Collaborators

  • Orran Krieger, Boston University
  • Ata Turk, Boston University

Funding

TBD