International Journal of

ADVANCED AND APPLIED SCIENCES

EISSN: 2313-3724, Print ISSN: 2313-626X

Frequency: 12
line decor
  
line decor

 Volume 12, Issue 4 (April 2025), Pages: 79-87

----------------------------------------------

 Original Research Paper

A hybrid model for detecting and preventing attacks on cloud computing systems using blockchain technology

 Author(s): 

 Ali Aqarni *

 Affiliation(s):

 Department of Computer Science, College of Computing and Information Technology, University of Bisha, P.O. Box 67714, Bisha, Saudi Arabia

 Full text

  Full Text - PDF

 * Corresponding Author. 

  Corresponding author's ORCID profile: https://orcid.org/0009-0004-0830-8787

 Digital Object Identifier (DOI)

 https://doi.org/10.21833/ijaas.2025.04.010

 Abstract

Cloud computing is increasingly used for processing large volumes of data, particularly in businesses, but concerns about cloud security may hinder its broader adoption. Ensuring data confidentiality and protecting resources are critical aspects of cloud security. Numerous models, frameworks, techniques, and mechanisms have been proposed to detect and prevent attacks on cloud computing systems, mostly focusing on intrusion detection systems (IDSs) and intrusion prevention systems (IPSs). However, traditional IDSs and IPSs are inadequate for detecting and preventing various types of attacks on cloud systems. This study aims to review and analyze existing IDSs and IPSs for cloud computing systems and develop a novel model called the Hybrid Detecting and Preventing Model for Cloud Computing Systems (HDPMCC) using blockchain technology. Employing the design science method, the findings reveal that current IDSs and IPSs mainly address Distributed Denial-of-Service (DDOS) attacks. The proposed HDPMCC comprises five essential components: intrusion detection systems, behavioral analysis, blockchain technology, smart contracts, and privacy-enhancing technologies. Compared to existing IDSs and IPSs, HDPMCC offers a more effective approach for detecting and preventing attacks on cloud computing systems.

 © 2025 The Authors. Published by IASE.

 This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).

 Keywords

 Cloud security, Intrusion detection, Intrusion prevention, Blockchain technology, Hybrid model

 Article history

 Received 31 October 2024, Received in revised form 28 March 2025, Accepted 17 April 2025

 Acknowledgment

The authors are thankful to the Deanship of Graduate Studies and Scientific Research at the University of Bisha for supporting this work through the Fast-Track Research Support Program.

 Compliance with ethical standards

 Conflict of interest: The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

 Citation:

 Aqarni A (2025). A hybrid model for detecting and preventing attacks on cloud computing systems using blockchain technology. International Journal of Advanced and Applied Sciences, 12(4): 79-87

 Permanent Link to this page

 Figures

 Fig. 1 Fig. 2

 Tables

 Table 1 Table 2 Table 3 Table 4

----------------------------------------------   

 References (35)

  1. Abd Razak S, Othman SH, Aldolah AA, and Ngadi MA (2016). Conceptual investigation process model for managing database forensic investigation knowledge. Research Journal of Applied Sciences, Engineering and Technology, 12(4): 386-394. https://doi.org/10.19026/rjaset.12.2377   [Google Scholar]
  2. Alam S, Shuaib M, and Samad A (2019). A collaborative study of intrusion detection and prevention techniques in cloud computing. In the International Conference on Innovative Computing and Communications: Proceedings of ICICC 2018, Springer Singapore, Delhi, India, 1: 231-240. https://doi.org/10.1007/978-981-13-2324-9_23   [Google Scholar]
  3. Al-Dhaqm AMR (2019). Simplified database forensic investigation using metamodeling approach. Faculty of Computing, Department of Computer Science, Universiti Teknologi Malaysia, Skudai, Malaysia.   [Google Scholar]
  4. Alhussan AA, Al-Dhaqm A, Yafooz WM, Razak SBA, Emara AHM, and Khafaga DS (2022). Towards development of a high abstract model for drone forensic domain. Electronics, 11(8): 1168. https://doi.org/10.3390/electronics11081168   [Google Scholar]
  5. Ali M, Benamrane F, Luong DK, Hu YF, Li JP, and Abdo K (2019). An AI based approach to secure SDN enabled future avionics communications network against DDoS attacks. In the IEEE/AIAA 38th Digital Avionics Systems Conference, IEEE, San Diego, USA: 1-7. https://doi.org/10.1109/DASC43569.2019.9081639   [Google Scholar]
  6. Aljuhani A (2021). Machine learning approaches for combating distributed denial of service attacks in modern networking environments. IEEE Access, 9: 42236-42264. https://doi.org/10.1109/ACCESS.2021.3062909   [Google Scholar]
  7. Alqahtani SM, Al Balushi M, and John R (2014). An intelligent intrusion prevention system for cloud computing (SIPSCC). In the International Conference on Computational Science and Computational Intelligence, IEEE, Las Vegas, USA, 2: 152-158. https://doi.org/10.1109/CSCI.2014.161   [Google Scholar]
  8. Alshammari A (2023). Detection and investigation model for the hard disk drive attacks using FTK imager. International Journal of Advanced Computer Science and Applications, 14(7): 767-774. https://doi.org/10.14569/IJACSA.2023.0140784   [Google Scholar]
  9. Ashoor AS and Gore S (2011). Difference between intrusion detection system (IDS) and intrusion prevention system (IPS). In the Advances in Network Security and Applications: 4th International Conference, Springer Berlin Heidelberg, Chennai, India, 4: 497-501. https://doi.org/10.1007/978-3-642-22540-6_48   [Google Scholar]
  10. Bahassi H, Edddermoug N, Mansour A, and Mohamed A (2022). Toward an exhaustive review on machine learning for cybersecurity. Procedia Computer Science, 203: 583-587. https://doi.org/10.1016/j.procs.2022.07.083   [Google Scholar]
  11. Bokhari MU, Alam S, and Hasan SH (2014). A detailed analysis of grain family of stream ciphers. International Journal of Computer Network and Information Security, 6(6): 34-40. https://doi.org/10.5815/ijcnis.2014.06.05   [Google Scholar]
  12. Charhi YB, Mannane N, Bendriss E, and Regragui B (2016). Intrusion detection in cloud computing based attacks patterns and risk assessment. In the 3rd International Conference on Systems of Collaboration, IEEE, Casablanca, Morocco: 1-4. https://doi.org/10.1109/SYSCO.2016.7831341   [Google Scholar]
  13. Ficco M (2013). Security event correlation approach for cloud computing. International Journal of High-Performance Computing and Networking 1, 7(3): 173-185. https://doi.org/10.1504/IJHPCN.2013.056525   [Google Scholar]
  14. Karaçay L, Savaş E, and Alptekin H (2020). Intrusion detection over encrypted network data. The Computer Journal, 63(1): 604-619. https://doi.org/10.1093/comjnl/bxz111   [Google Scholar]
  15. Kavitha V and Preetha S (2019). Cyber Security issues and challenges-A review. International Journal of Computer Science and Mobile Computing, 8(11): 1-6.   [Google Scholar]
  16. Kebande VR and Ray I (2016). A generic digital forensic investigation framework for internet of things (IoT). In the IEEE 4th International Conference on Future Internet of Things and Cloud, IEEE, Vienna, Austria: 356-362. https://doi.org/10.1109/FiCloud.2016.57   [Google Scholar]
  17. Kebande VR and Venter H (2016). Requirements for achieving digital forensic readiness in the cloud environment using an NMB solution. In the 11th International Conference on Cyber Warfare and Security, ACPI, Boston, USA: 399-406.   [Google Scholar]
  18. Kebande VR, Ikuesan RA, Karie NM, Alawadi S, Choo KK, and Al-Dhaqm A (2020). Quantifying the need for supervised machine learning in conducting live forensic analysis of emergent configurations (ECO) in IoT environments. Forensic Science International: Reports, 2: 100122. https://doi.org/10.1016/j.fsir.2020.100122   [Google Scholar]
  19. Khan AY, Latif R, Latif S, Tahir S, Batool G, and Saba T (2019). Malicious insider attack detection in IoTs using data analytics. IEEE Access, 8: 11743-11753. https://doi.org/10.1109/ACCESS.2019.2959047   [Google Scholar]
  20. Lewandowska N (2024). Intrusion detection systems: Categories, attack detection and response. https://doi.org/10.20944/preprints202402.0008.v1   [Google Scholar]
  21. Mankotia V, Sunkaria RK, and Gurung S (2023). AFA: Anti-flooding attack scheme against flooding attack in MANET. Wireless Personal Communications, 130(2): 1161-1190. https://doi.org/10.1007/s11277-023-10325-3   [Google Scholar]
  22. Nsabimana T, Bimenyimana CI, Odumuyiwa V, and Hounsou JT (2020). Detection and prevention of criminal attacks in cloud computing using a hybrid intrusion detection systems. In: Ahram T, Karwowski W, Vergnano A, Leali F, and Taiar R (Eds.), Intelligent human systems integration 2020. IHSI 2020. Advances in intelligent systems and computing, vol 1131. Springer, Cham, Switzerland. https://doi.org/10.1007/978-3-030-39512-4_103   [Google Scholar]
  23. Peffers K, Tuunanen T, Rothenberger MA, and Chatterjee S (2007). A design science research methodology for information systems research. Journal of Management Information Systems, 24(3): 45-77. https://doi.org/10.2753/MIS0742-1222240302   [Google Scholar]
  24. Rajamanickam S, Vollala S, Amin R, and Ramasubramanian N (2019). Insider attack protection: Lightweight password-based authentication techniques using ECC. IEEE Systems Journal, 14(2): 1972-1983. https://doi.org/10.1109/JSYST.2019.2933464   [Google Scholar]
  25. Rani S (2021). A perspective for intrusion detection and prevention in cloud environment. International Journal of Advanced Networking and Applications, 12(6): 4770-4775. https://doi.org/10.35444/IJANA.2021.12606   [Google Scholar]
  26. Saad EN, El Mahdi K, and Zbakh M (2012). Cloud computing architectures based IDS. In the IEEE International Conference on Complex Systems, IEEE, Agadir, Morocco: 1-6. https://doi.org/10.1109/ICoCS.2012.6458581   [Google Scholar] PMid:22383920 PMCid:PMC3279494
  27. Sahi A, Lai D, Li Y, and Diykh M (2017). An efficient DDoS TCP flood attack detection and prevention system in a cloud environment. IEEE Access, 5: 6036-6048. https://doi.org/10.1109/ACCESS.2017.2688460   [Google Scholar]
  28. Salas MIP (2024). Attack taxonomy methodology applied to web services. Latin-American Journal of Computing, 11(1): 66-79.   [Google Scholar]
  29. Saleh M, Othman SH, Driss M, Al-dhaqm A, Ali A, Yafooz WM, and Emara AHM (2023). A metamodeling approach for IoT forensic investigation. Electronics, 12(3): 524. https://doi.org/10.3390/electronics12030524   [Google Scholar]
  30. Saleh MA, Othman SH, Al-Dhaqm A, and Al-Khasawneh MA (2021). Common investigation process model for Internet of Things forensics. In the 2nd International Conference on Smart Computing and Electronic Enterprise, IEEE, Cameron Highlands, Malaysia: 84-89. https://doi.org/10.1109/ICSCEE50312.2021.9498045   [Google Scholar] PMid:34022883 PMCid:PMC8140497
  31. Salem M, Othman SH, Al-Dhaqm A, and Ali A (2023). Development of metamodel for information security risk management. In: Yafooz WM, Al-Aqrabi H, Al-Dhaqm A, and Emara A (Eds.), Kids cybersecurity using computational intelligence techniques: 243-253. Springer International Publishing, Cham, Switzerland. https://doi.org/10.1007/978-3-031-21199-7_17   [Google Scholar]
  32. Samad A, Shuaib M, and Beg MR (2017). Monitoring of military base station using flooding and ACO technique: An efficient approach. International Journal of Computer Network and Information Security, 9(12): 36-44. https://doi.org/10.5815/ijcnis.2017.12.05   [Google Scholar]
  33. Sharma S, Zavarsky P, and Butakov S (2020). Machine learning based intrusion detection system for web-based attacks. In the IEEE 6th Intl conference on big data security on cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, and IEEE Intl Conference on Intelligent Data and Security, IEEE, Baltimore, USA: 227-230. https://doi.org/10.1109/BigDataSecurity-HPSC-IDS49724.2020.00048   [Google Scholar]
  34. Singh A and Chatterjee K (2017). Cloud security issues and challenges: A survey. Journal of Network and Computer Applications, 79: 88-115. https://doi.org/10.1016/j.jnca.2016.11.027   [Google Scholar]
  35. Ullah F, Pun CM, Kaiwartya O, Sadiq AS, Lloret J, and Ali M (2023). HIDE-Healthcare IoT data trust management: Attribute centric intelligent privacy approach. Future Generation Computer Systems, 148: 326-341. https://doi.org/10.1016/j.future.2023.05.008   [Google Scholar]