Continuous User Verification in Cloud Storage Services using Deep Learning

Authors

  • burhan albayati University of Diyala

DOI:

https://doi.org/10.24237/ASJ.03.01.950A

Abstract

Cloud storage services have become a new paradigm for storing data user over the Internet. Users can access these services using a simple authentication login. This has led to increased potential attacks and misusing vital customer information. The behavior profiling technique has been successfully investigated as an additional intelligent security measure for continuous verification users after the simple login. A credible accuracy has been achieved when applying the method in a variety of applications such as telecommunication, credit card, and cloud services to detect and monitor misuse. To increase the accuracy of making a reliable decision, this paper proposes to combine two private datasets which are real-life user interactions with the desktop computer and Dropbox Cloud storage. The best experimental result achieved an EER of 3.6% based on applying a deep learning algorithm (CNN). This result indicates and encourages the feasibility of using behavioral profiling to protect cloud users from misuse.

References

Statistics, Amazing Cloud Adoption. "Cloud migration, computing, and more

[Electronic resource]." Access mode: https://www. zippia. com/advice/cloudadoptionstatistics

Dropbox. (2024). Dropbox Statistics (2024). Available:

https://www.skillademia.com/statistics/dropbox-statistics

C. Alliance, The Treacherous Twelve-Cloud Computing Top Threats in 2016, ed,

(2016)

D. Chen, H. Zhao, Data security and privacy protection issues in cloud computing, In:

international conference on computer science and electronics engineering, 1,

-651(2012), IEEE,DOI(https://doi.org/10.1109/ICCSEE.2012.193)

B. Al-Bayati, N. Clarke, P. Dowland, F. Li, Continuous identity verification in cloud

storage services using behavioural profiling, In: 17th European Conference on Cyber

Warfare and Security, 1-10(2018), Academic Conferences and Publishing

International Limited.

Gupta, Udit, Survey on security issues in file management in cloud computing

environment, arXiv preprint arXiv:1505.00729, (2015),

DOI(https://doi.org/10.5120/21224-3948)

D. J. T. G. Yadron, Hacker collects 272 m email addresses and passwords, some from

Gmail| Technology| The Guardian, (2016)

G. A. Pimenta Rodrigues, Understanding Data Breach from a Global Perspective:

Incident Visualization and Data Protection Law Review, 9(2), 27(2024),

DOI(https://doi.org/10.3390/data9020027)

N. Lee, Cyberattacks, Prevention, and Countermeasures, In: Counterterrorism and

Cybersecurity: Total Information Awareness: Springer, 295-342(2024),

DOI(https://doi.org/10.1007/978-3-031-63126-9_10)

J. Hall, M. Barbeau, E. Kranakis, Anomaly-based intrusion detection using mobility

profiles of public transportation users, In: WiMob'2005), IEEE International

Conference on Wireless And Mobile Computing, Networking And Communications,

, 2, 17-24(2005),DOI(https://doi.org/10.1109/WIMOB.2005.1512845)

C. S. Hilas, S. A. Kazarlis, I. T. Rekanos, P. A. Mastorocostas, A genetic

programming approach to telecommunications fraud detection and classification, In:

Proc. 2014 Int. Conf. Circuits, Syst. Signal Process. `Commun. Comput, 77-83(2014)

F. J. J. o. S. Ogwueleka, Technology, Fraud detection in mobile communications

networks using user profiling and classification techniques, 29(3), (2009),

DOI(https://doi.org/10.4314/just.v29i3.50052)

S. QAYYUN, S. MANSOOR, A. KHALID, Fraudulent Call Detection for Mobile

Networks [C], In: Proceedings of 2010 International Conference on Information and

Emerging Technologies (ICIET): June, 14-16(2010),

DOI(https://doi.org/10.1109/ICIET.2010.5625718)

S. Yazji, R. P. Dick, P. Scheuermann, G. Trajcevski, Protecting private data on mobile

systems based on spatio–temporal analysis, In: International Conference on Pervasive

and Embedded Computing and Communication Systems, 2, 114-123(2011)

S. Yazji, P. Scheuermann, R. P. Dick, G. Trajcevski, R. J. P. Jin, U. Computing,

Efficient location aware intrusion detection to protect mobile devices, 18, 143-

(2014),DOI(https://doi.org/10.1007/s00779-012-0628-9)

S. Subudhi, S. J. P. C. S. Panigrahi, Quarter-sphere support vector machine for fraud

detection in mobile telecommunication networks, 48, 353-359(2015),

DOI(https://doi.org/10.1016/j.procs.2015.04.193)

S. Yazji, X. Chen, R. P. Dick, P. Scheuermann, Implicit user re-authentication for

mobile devices, In: International Conference on Ubiquitous Intelligence and

Computing, 325-339(2009),DOI(https://doi.org/10.1007/978-3-642-02830-4_25)

E. Shi, Y. Niu, M. Jakobsson, R. Chow, Implicit authentication through learning user

behavior, In: Information Security: 13th International Conference, ISC 2010, Boca

Raton, FL, USA, October 25-28, 2010, Revised Selected Papers 13, 99-113(2011),

DOI(https://doi.org/10.1007/978-3-642-18178-8_9)

D. Damopoulos, Evaluation of anomaly‐based IDS for mobile devices using machine

learning classifiers, 5(1), 3-14(2012), DOI(https://doi.org/10.1002/sec.341)

F. Li, N. Clarke, M. Papadaki, P. J. I. j. o. i. s. Dowland, Active authentication for

mobile devices utilising behaviour profiling, vol. 13, 229-244(2014),

DOI(https://doi.org/10.1007/s10207-013-0209-6)

L. Fridman, S. Weber, R. Greenstadt, M. J. I. S. J. Kam, Active authentication on

mobile devices via stylometry, application usage, web browsing, and GPS location,

(2), 513-521(2016),DOI(https://doi.org/10.1109/JSYST.2015.2472579)

Ö. D. Incel, DAKOTA: Sensor and touch screen-based continuous authentication on a

mobile banking application, 9, 38943-38960(2021),

DOI(https://doi.org/10.1109/ACCESS.2021.3063424)

V. Gattulli, D. Impedovo, G. Pirlo, F. J. S. R. Volpe, Touch events and human

activities for continuous authentication via smartphone, 13(1), 10515(2023),

DOI(https://doi.org/10.1038/s41598-023-36780-3)

M. B. Salem, S. J. Stolfo, Modeling user search behavior for masquerade detection, In:

International workshop on recent advances in intrusion detection, 181-200(2011),

DOI( https://doi.org/10.1007/978-3-642-23644-0_10)

M. Abramson, D. Aha, User authentication from web browsing behavior, In: The

Twenty-Sixth International FLAIRS Conference, (2013)

D. S. David, Cloud Security Service for Identifying Unauthorized User Behaviour,

(2), (2022),DOI(10.32604/cmc.2022.020213)

L. K. Vashishtha, A. P. Singh, K. J. W. P. C. Chatterjee, HIDM: A hybrid intrusion

detection model for cloud based systems, 128(4), 2637-2666(2023)

A. Gupta, R. Simon, Enhancing Security in Cloud Computing With Anomaly

Detection Using Random Forest, In: 2024 11th International Conference on

Reliability, Infocom Technologies and Optimization (Trends and Future

Directions)(ICRITO), 1-6(2024), IEEE,

DOI(https://doi.org/10.1109/ICRITO61523.2024.10522227)

J. Sola, J. J. I. T. o. n. s. Sevilla, Importance of input data normalization for the

application of neural networks to complex industrial problems, 44(3), 1464-

(1997)

Downloads

Published

2025-01-01

How to Cite

albayati, burhan. (2025). Continuous User Verification in Cloud Storage Services using Deep Learning. Academic Science Journal, 3(1), 33–50. https://doi.org/10.24237/ASJ.03.01.950A

Issue

Vol. 3 No. 1 (2025)

Section

Articles

License

Copyright (c) 2025 CC BY 4.0

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.