Security Model using Intrusion Detection
System on Cloud Computing Security Management
Muhammad Agreindra Helmiawan
Department of Informatics Engineering
STMIK Sumedang
Sumedang, Indonesia
[email protected]
[email protected]
Yanyan Sofiyan
Department of Information System
STMIK Sumedang
Sumedang, Indonesia
[email protected]
[email protected]
2021 9th International Conference on Cyber and IT Service Management (CITSM) | 978-1-6654-3548-2/21/$31.00 ©2021 IEEE | DOI: 10.1109/CITSM52892.2021.9588810
Abstract—The use of Cloud Computing has advantages that
have the potential to be an extraordinary service in supporting
work procedures that can be carried out anywhere via the
internet. Through the internet, we can carry out activities
anywhere, but it will also cause other problems that will arise
because of access via the internet, one of which is from the
security side, system and security management on a computer
is very crucial for securing a lot of data on it. The purpose of
this research is to provide suggestions related to security
management in Cloud Computing, especially in the sectors of
Integrity, Authority, Privacy, and Confidentiality, also propose
the proposed Concepts and Recommendations which are
expected to improving security for Cloud Computing security
and detection intruders who break into cloud computing
systems using Intrusion Detection System and networks using
Intrusion Detection System methods. Further research can be
implemented and performed for improving security on cloud
computing.
Keywords—cloud computing, security, intrusion detection
system, security management
I. INTRODUCTION
Cloud Computing has the potential to be an extraordinary
service in supporting work procedures that can be carried out
anywhere via the internet [1]. This simple technology is
ideally used by organizations to run innovative business
models in organizations [2]–[4] that use information
technology (IT) in their work procedures and makes it easy
for users to move data and application to the cloud data
center. The Cloud Model has motivated organizations to
implement cloud computing for media center applications,
ranging from high computing-intensive applications to
lightweight services [5], [6]. Cloud Computing is included in
Strategic Planning, organizations, and companies in the
performance process because this model helps approve
Information Technology (IT) without initial investment in
infrastructure, software licensing, and other related
requirements [5]. At the same time, cloud computing has
become an option in managing important files and files to be
accessed wherever and whenever Multitenancy and
flexibility are the two fundamental qualities of the cloud
model that make it conceivable to expand the assets
proposed to offer types of assistance that can be utilized for
its clients. These characteristics form the main basis of
Integrity, privacy, authority, and confidentiality of the Cloud
Computing system [7]–[9]. Problems that arise in the cloud
Authorized licensed use limited to: Universitas Indonesia. Downloaded on November 09,2024 at 06:07:54 UTC from IEEE Xplore. Restrictions apply.
Irfan Fadil
Department of Information System
STMIK Sumedang
Sumedang, Indonesia
4th Esa Firmansyah
Department of Informatics Engineering
STMIK Sumedang
Sumedang, Indonesia
are related to storage on the cloud itself that opposes data,
data theft, violating the authority, and Accountable privacy-
preserving [10], [11] of the cloud system. In this case, the
cloud security architecture discusses the system being a
major concern in cloud computing.
More than the potential advantages that can be gotten
from the distributed computing model, this model despite
everything has many open model issues, the believability and
allure model. Locking, multitenancy and disconnection
merchants, information the board, administration versatility,
machine flexibility, Service Level Agreement (SLA) the
executives, and cloud security are open exploration issues
known in the distributed computing model, and security on
that is a significant worry [12] of the appropriation of the
distributed computing model in light of the fact that:
• Third-party companies that manage outsourcing
security
• Assets in the same location from different tenants
with different security standards.
• The level of guarantee that can change in SLA’s
between consumers and service providers.
Some cloud computing providers have views security
requires [8], [13], [14] many security licenses, security
resources, and is a problem that cannot be found at the
outset, especially authentication and security management
[15]. From this perspective, security in the cloud computing
model will influence consumers and find new security
solutions that solve the problem.
This paper analyzes security issues in cloud computing
and its strategy in securing user data according to the concept
and character of cloud computing. Data privacy and service
availability in cloud computing are the focus on security
issues. using only one security method cannot provide a
sense of security and comfort in its use. Solving cloud
computing security problems and many applied technologies
and specific strategies must be used together to protect the
cloud computing system completely. The proposed security
model in cloud computing and focuses on the security
infrastructure model, intrusion detection system (IDS) on
network, security management in cloud computing by
collecting some of the problems identified by design,
problems identified with the administration delivery model,
problems identified with the cloud, and problems identified
with cloud interests. This study also proposes a security
model in cloud computing in the form of an infrastructure
The 9th International Conference on Cyber and IT Service Management (CITSM 2021)
Bengkulu, September 22-23, 2021
design for security and a security management framework
aimed at securing cloud computing that focuses on
authentication and user data that resides in it.
II. LITERATURE REVIEW
Cloud Computing requires several methods
management in the transfer of data that is in the Cloud
A. Management and Access Control
Character the executives and access control are required
in the trustworthiness and secrecy of information and
administrations, a track record of the user's identity is needed
to avoid unauthorized access to stored data [16], [17]. Access
control of data owners in cloud computing and stored on
different platforms. Some organizations use many different
authentication authorizations. By utilizing an alternate
methodology, confirmation and approval give conditions that
are protected to a specific timeframe. Distributed computing
assets are dynamic and flexible for cloud clients and Internet
Protocol (IP) [18] delivers keep on changing when
administrations are begun or restarted in each utilization.
This allows users to enter and leave features to cloud
resources when they need an access policy on request. All of
these features require efficient and effective access control
and identity management. Cloud computing must maintain
identity management updates and management quickly for
the user activity [19]. There are numerous issues in get to
control and character the executives, for instance, feeble
certifications can be handily reworked, locking accounts
automatically for a certain period time [20], the ability to
keep track of activity and hold attacks on Extensible Markup
Language (XML) websites.
Threats that arise can occur from within caused by
employees, contractors, business partners of third parties [21]
of an organization. On the side of the Cloud Service Provider
(CSP), the attack causes loss of information, confidentiality,
and user security which results in loss information or a
breach in both environments. There are different examples of
assaults completed by insiders due to the dick get to gave by
the inner structure of the association's information
stockpiling. Most associations don't know about these
conditions, since it can't or is hard to locate the correct
answer for this assault.
Information security relies upon the framework supplier
to get total information security. In cloud condition,
specialist can just decide security settings distantly and are
not known precisely actualized. In this procedure, framework
suppliers must accomplish the objective of classification in
secure information move and access and review abilities. So
that outside interlopers can't get to delicate information put
away in the cloud.
B. Selective Access Data and User Privacy
In the selectivity of other users who access data owners,
regulations are needed that can limit the access rights and
privacy of data [22], [23]. This is necessary so that data
leakage does not occur due to the absence of authority or
data privacy that was leaked. In accessing data from outside,
reliable access, and valid authorization as a data protection
service are required. Access Control Lists (ACL) and Private
keys are needed in cloud computing data access, privacy, and
security monitoring.
Authorized licensed use limited to: Universitas Indonesia. Downloaded on November 09,2024 at 06:07:54 UTC from IEEE Xplore. Restrictions apply.
C. Security Strategies
In the security strategy, there are at least 5 things that
need to be considered, including Business Sustainability
Guarantee, Proactive Warning, Data Leakage Prevention,
Security Response, Security Incident Audit [24]. These five
and things become the main key in the sustainability of the
system and data security of cloud computing users so that
users can calmly and comfortably access data and be flexible
in making use of cloud computing systems anywhere and
anytime safely without any security holes that can be entered
by other parties and of course all activities on cloud
computing are monitored by the user himself.
Network security problems often arise that have an
impact on disruption to cloud computing, so monitoring and
authentication are needed for early detection that can catch
and interpret disturbances that arise in the network and cloud
computing. Network and server security uses a real-time
intruder detection monitoring system and integrates it with
an authentication system as a notification medium to
administrators and sees attack history and coercion in cloud
computing.
D. Intrusion Detection System
Implementing Intrusion Detection System (IDS) in cloud
computing [25], there are several procedures that are
implemented and configured so that IDS can work optimally
[26], [27]. Software requirements include a detection and
monitoring system in the event of an intrusion. In
implementing notification media in the authentication system
and integrating with the IDS system in cloud computing,
several configurations were made to send warning
notifications through the Application Programming Interface
(API) [28], [29] in accordance with the warning messages for
detection of attacks and misuse of data in cloud computing.
Thus, if the IDS system detects an attack, abuse or intrusion,
the notification and authentication system will send a real-
time warning notification via the API based on the intrusion
log.
III. RESULT AND DISCUSSION
The proposed concept of security and infrastructure for
Cloud Computing is made to emphasize the security data
layer stored in cloud computing. Data access and migration
are carried out through verification and authority that can be
known by the owner of the track record, as well as a warning
system that is responsive in restoring cloud computing if
something unexpected happens and protect data from cloud
computing system leaks.
In Figure 1, in the proposed architectural concept, there
are 6 important points of concern in this article, including
Warning System, Encryption, Encrypted/Indexed Data,
Backup and Recovery, Encryption & Decryption, Key
Encrypted Indexed. Alert System, this facility [24] is for
monitoring and notifying the activities carried out and
changes to the user, so that if there is a suspicious activity
and changes to user access, it will be immediately notified to
the user.
Security management has a system that manages security
planning that functions as long-term planning and prediction
of security conditions and situations in the future. This
security plan is related to risk management that overcomes
 The 9th International Conference on Cyber and IT Service Management (CITSM 2021)
and manages security risks that occur, Risk assessment also
has a role in knowing how well the security performance is
based on the status report which later the results of the risk
assessment become the basis for the security control manager
to categorize the security level in cloud computing. All
security history and assessments are stored in a security
repository which serves as a security index for security
enhancements. The IDS [25]–[27] system on authentication
control can detect attacks, intrusions and forced logins
against users, there will be notifications through monitoring
and provide real-time warnings and attack data can be seen
through logs equipped with an IDS monitoring system from
every access to cloud computing. With this proposed model,
security in cloud computing can be implemented and
improved so that data and user connections to cloud
computing are secure.
Fig. 1. Architectural Cloud Computing Security Proposed
Encryption, this facility is to encrypt the path of user
activity in accessing, creating, reading, changing and
deleting data. Encrypted / Indexed Data, every user activity
in managing data which includes creating, reading, changing
and deleting data, will be encrypted with the aim of securing
the data [10]. The data is made into an index, to facilitate
users in processing and accessing data.
Backup and Recovery, this facility aims to backup and
recover in case of a malfunction of the cloud system, backup
and recovery is also encrypted with the aim that if the data
backup leaks, it cannot be opened by other than the user.
Decryption here is provided with authentication that only the
data user has. As long as the user uses data, Backup recovery
and Encryption Decryption continue and function, this is
aimed at securing data during the data access process, so that
the risk of data theft cannot occur [12][30]. Key Encrypted
Indexed, archive and share data using keys as authentication
Authorized licensed use limited to: Universitas Indonesia. Downloaded on November 09,2024 at 06:07:54 UTC from IEEE Xplore. Restrictions apply.
Bengkulu, September 22-23, 2021
provided by users who have access rights to other users to
have access to the data.
Cloud Computing as an IT system interacts with the
internet. Users browse with web services and can access any
website, the service used when accessing the internet is an
Secure Shell (SSH) and File Transfer Protocol (FTP) port,
with this condition Cloud Computing has a high risk of
cybersecurity threats. Cloud Computing cybersecurity to
watch out for includes intrusions in Cloud Computing
systems that can be cracked by intruders and unauthorized
parties over cloud computing, Denial of Service (DDoS)
attacks and malicious malware [31], phishing threats that can
manipulate interfaces and steal identities in cloud computing.
Web Service also needs to be added security with risk
control models including Prevention, Protection, Detection,
and Response. Of the four phases used as protection of cloud
computing web services. Prevention that can be done can be
in the form of security policies, security policy reviews,
security assessments, and regular audits. Protection that can
be done can apply a Firewall, Web Application Firewall, and
Intrusion Protection System.
Fig. 2. Overview of cloud computing infrastructure
Responses that can be done include scanning regularly
and regularly, making repairs as soon as possible in the event
of a system or data leak, blocking internet protocol, and
suspected Uniform Resource Locator (URL). Detection can
be done by analyzing network traffic and reading the cloud
computing log system.
1. Business Sustainability Guarantee, the use of Cloud
Computing requires continuity in a long-time scale,
including countermeasures when unexpected things such
as disasters that cause damage to the infrastructure of
Cloud Computing that have an impact on the obstruction
of an organization's business processes. Recovery also
needs to be planned as a temporary migration measure to
support cloud computing with measurable recovery time.
2. Proactive Warning, real-time warnings are needed to alert
stakeholder organizations that use cloud computing.
Unauthorized users can enter cloud computing systems,
hosts, physical infrastructure, computer networks in
Cloud Computing. Therefore, monitoring cloud
computing systems is very necessary for the disruption
that can be resolved precisely and quickly.
3. Data Leakage Prevention, the most significant and
hazardous dangers are information spillage in distributed
The 9th International Conference on Cyber and IT Service Management (CITSM 2021)
Bengkulu, September 22-23, 2021
computing frameworks, two things that can conceivably
prompt static and dynamic spillage. Static spillage
implies that information put away in server farms,
application memory, and terminal memory is gotten to
and spilled by unapproved clients, while dynamic
spillage implies that information adjusted in the cloud
condition is gotten to and spilled by capturing client
records or tapping system channels. These two kinds of
spillage have normally gotten extraordinary consideration
and are paid attention to.
4. Security Responses, security incidents that occur in cloud
computing, there must be a notification to cloud
computing users. These emergencies must be overcome
by responding to incidents with recovery at the system,
infrastructure, cloud backup, and firewall levels. The
incident must already be in the cloud computing security
standard.
5. Security Incident Audit, to prevent security incidents that
have occurred, previous incidents are audited and studied
what can keep the cloud computing system running and
can be used by users.
Other security problems include resource allocation and
de-allocation related to virtual machines. Unexpected
leakage, for example in the memory log, can occur if the
memory allocated to the virtual machine is not deleted in
accordance with the procedure before it is reallocated to
another virtual machine. Other problems can occur with
communication, monitoring, modification, and migration of
virtual machines. With the characteristics of multi-tenant
cloud computing, if it is not fully correct in the isolation and
placement of virtual resources when used by users it will also
cause problems that occur in cloud computing systems.
IV. CONCLUSION
With the concept of architecture and infrastructure
created, it can be used as a reference in securing data in
cloud computing so that data leakage does not occur by
irresponsible parties. The core of this cloud computing
security includes security management and access control
that is done by using encryption in every user activity.
Selection of user access and privacy with a key and security
on the web service. Implementation of strategies insecurity is
also important in securing cloud computing by ensuring the
continuity of the cloud system, proactive warnings to users,
preventing data leakage by auditing the system regularly and
providing notifications before and after the incident, and
being responsive in responding to incidents and quickly
recovering them as well as right. Further research can be
implemented and performed for improving security on cloud
computing.
REFERENCES
[1] J. Dizdarević, F. Carpio, A. Jukan, and X. Masip-Bruin, “A survey of
communication protocols for internet of things and related challenges
of fog and cloud computing integration,” ACM Comput. Surv., vol.
51, no. 6, pp. 1–29, 2019.
[2] V. Sagan et al., Monitoring inland water quality using remote
sensing: potential and limitations of spectral indices, bio-optical
simulations, machine learning, and cloud computing, vol. 205. 2020.
[3] S. J. Putra, A. Subiyakto, I. Yunita, M. N. Gunawan, and Y.
Durachman, “Assessing the user satisfaction perspectives of
information system: A library case study in Indonesia,” Indones. J.
Electr. Eng. Comput. Sci., vol. 12, no. 1, pp. 95–101, 2018.
Authorized licensed use limited to: Universitas Indonesia. Downloaded on November 09,2024 at 06:07:54 UTC from IEEE Xplore. Restrictions apply.
[4] D. Yuniarto, M. Suryadi, E. Firmansyah, D. Herdiana, and A. B. A.
Rahman, “Integrating the Readiness and Usability Models for
Assessing the Information System Use,” in 2018 6th International
Conference on Cyber and IT Service Management (CITSM), 2018, pp.
1–6.
[5] F. Shimba, “Cloud computing: Strategies for cloud computing
adoption,” 2010.
[6] M. A. Helmiawan and I. Fadil, “PRIVATE CLOUD STORAGE IN
RURAL’S MANAGEMENT AND INFORMATION SYSTEM
USING ROADMAP FOR CLOUD COMPUTING ADOPTION
(ROCCA),” Intern. (Information Syst. Journal), vol. 2, no. 2, pp.
172–183, 2019.
[7] S. Sengupta, V. Kaulgud, and V. S. Sharma, “Cloud Computing
Security--Trends and Research Directions,” no. May 2014, pp. 524–
531, 2011.
[8] A. A. Che Fauzi, A. Noraziah, T. Herawan, and N. Mohd. Zin, “On
cloud computing security issues,” Lect. Notes Comput. Sci. (including
Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol.
7197 LNAI, no. PART 2, pp. 560–569, 2012.
[9] Y. Fauziah, “Tinjauan Keamanan Sistem Pada Teknologi Cloud
Computing,” J. Inform. Ahmad Dahlan, vol. 8, no. 1, 2014.
[10] H. Cheng, C. Rong, M. Qian, and W. Wang, “Accountable privacy-
preserving mechanism for cloud computing based on identity-based
encryption,” IEEE Access, vol. 6, pp. 37869–37882, 2018.
[11] S. Dewi, “Konsep Perlindungan Hukum Atas Privasi Dan Data
Pribadi Dikaitkan Dengan Penggunaan Cloud Computing Di
Indonesia,” DEMO 2 J., no. 94, 2016.
[12] W. Liu, “Research on cloud computing security problem and
strategy,” 2012 2nd Int. Conf. Consum. Electron. Commun. Networks,
CECNet 2012 - Proc., pp. 1216–1219, 2012.
[13] S. Carlin and K. Curran, “Cloud computing security,” Int. J. Ambient
Comput. Intell., vol. 3, no. 1, pp. 14–19, 2011.
[14] M. A. AlZain, E. Pardede, B. Soh, and J. A. Thom, “Cloud computing
security: From single to multi-clouds,” Proc. Annu. Hawaii Int. Conf.
Syst. Sci., pp. 5490–5499, 2012.
[15] M. Almorsy, J. Grundy, and A. S. Ibrahim, “Collaboration-based
cloud computing security management framework,” Proc. - 2011
IEEE 4th Int. Conf. Cloud Comput. CLOUD 2011, pp. 364–371,
2011.
[16] I. Ghafir, V. Prenosil, J. Svoboda, and M. Hammoudeh, “A survey on
network security monitoring systems,” in 2016 IEEE 4th
International Conference on Future Internet of Things and Cloud
Workshops (FiCloudW), 2016, pp. 77–82.
[17] M. A. Helmiawan, D. I. Juna, and B. Ramdhani, “Pengamanan Sistem
Dan Data E-Voting Berbasis Network,” Intern. (Information Syst.
Journal), vol. 1, no. 1, pp. 1–10, 2018.
[18] N. Sultana, N. Chilamkurti, W. Peng, and R. Alhadad, “Survey on
SDN based network intrusion detection system using machine
learning approaches,” Peer-to-Peer Netw. Appl., vol. 12, no. 2, pp.
493–501, 2019.
[19] N. Khan and A. Al-Yasiri, “Framework for cloud computing
adoption: A road map for Smes to cloud migration,” arXiv Prepr.
arXiv1601.01608, 2016.
[20] I. M. Khalil, A. Khreishah, and M. Azeem, “Cloud computing
security: A survey,” Computers, vol. 3, no. 1, pp. 1–35, 2014.
[21] G. Kulkarni, J. Gambhir, T. Patil, and A. Dongare, “A security
aspects in cloud computing,” ICSESS 2012 - Proc. 2012 IEEE 3rd Int.
Conf. Softw. Eng. Serv. Sci., no. June 2012, pp. 547–550, 2012.
[22] E. Firmansyah et al., “Examining readiness of e-learning
implementation using Aydin and Tasci model: A rural university case
study in Indonesia,” AIP Conf. Proc., vol. 2331, 2021.
[23] D. Yuniarto, M. Helmiawan, D. Junaedi, A. Saeppani, and Y.
Sopiyan, “Factors Affecting the Use of Information Systems in
Hybrid Models,” 2020.
[24] M. A. Helmiawan, E. Firmansyah, I. Fadil, Y. Sofivan, F. Mahardika,
and A. Guntara, “Analysis of Web Security Using Open Web
Application Security Project 10,” in 2020 8th International
Conference on Cyber and IT Service Management (CITSM), 2020, pp.
1–5.
[25] D. Avison, G. Fitzgerald, and P. Powell, “Private Cloud Storage in
Rural’S Management and Information System Using Roadmap for
 The 9th International Conference on Cyber and IT Service Management (CITSM 2021)
Bengkulu, September 22-23, 2021

Cloud Computing Adoption (Rocca),” Inf. Syst. J., vol. 17, no. 3, pp.
215–216, 2007.
[26] D. Ageyev, L. Kirichenko, T. Radivilova, M. Tawalbeh, and O.
Baranovskyi, “Method of self-similar load balancing in network
intrusion detection system,” 2018 28th Int. Conf. Radioelektronika,
RADIOELEKTRONIKA 2018, no. 2, pp. 1–4, 2018.
[27] O. Al-Jarrah and A. Arafat, “Network Intrusion Detection System
Using Neural Network Classification of Attack Behavior,” J. Adv. Inf.
Technol., vol. 6, no. 1, pp. 1–8, 2015.
[28] E. Hodo et al., “Threat analysis of IoT networks using artificial neural
network intrusion detection system,” 2016 Int. Symp. Networks,
Comput. Commun. ISNCC 2016, pp. 4–8, 2016.
[29] T. G. Nguyen, T. V Phan, B. T. Nguyen, C. So-In, Z. A. Baig, and S.
Sanguanpong, “Search: A collaborative and intelligent nids
architecture for sdn-based cloud iot networks,” IEEE access, vol. 7,
pp. 107678–107694, 2019.
[30] J. T. Mościcki and M. Lamanna, “Prototyping a file sharing and
synchronization service with Owncloud,” in Journal of Physics:
Conference Series, 2014, vol. 513, no. 4, p. 42034.
[31] A. Abdollahi and M. Fathi, “An Intrusion Detection System on Ping
of Death Attacks in IoT Networks,” Wirel. Pers. Commun., vol. 112,
no. 4, pp. 2057–2070, 2020.

Authorized licensed use limited to: Universitas Indonesia. Downloaded on November 09,2024 at 06:07:54 UTC from IEEE Xplore. Restrictions apply.