Multi-Cloud Integration Security Framework Using Honeypots

Abstract

This rapidly changing digital world is always sensitive to improving security and resilience to protect the inhabitants of this ecosystem in terms of data, processes, repositories, communication, and functions. The transformation of this digital ecosystem is heavily dependent on cloud computing, as it is becoming the global platform for individuals, corporates, and even governments. Therefore, the concerns related to security are now linked closely with cloud computing. In this paper, a multi-cloud security framework takes a view on the development of security mechanisms to provide a diversion to the attacker. The purpose is to gain more time to analyze the attack and mitigate the intrusion without compromises. This mechanism is designed using the honeypot technology that has been around for some time but has not been used in cloud computing and other technologies. The proposed framework provides modules related to managing the multi-cloud platform, the intrusion detection and prevention system, and honeypots. The results show significant improvement in the accuracy of detecting attacks. These results are generated in a two-phase scenario, and the first phase has been analyzed without the engagement of the honeypot module presented in the framework. The second phase has been executed with same parameters and conditions by engaging the honeypot module. It includes a comparison taxonomy of both results and an in-depth study of existing honeypots, as well as critical design elements for current honeypot research and outstanding concerns for future honeypots in IoT, multi-cloud contexts.