Identity Threat Detection: Techniques for Preventing Credential Abuse in Cloud Systems
DOI:
https://doi.org/10.63282/3050-9246.IJETCSIT-V2I4P111Keywords:
Identity Threat Detection, Credential Abuse, Cloud Security, Zero-Trust Access, IAM, MFA, Threat Analytics, Anomaly Detection, Privileged Escalation, Behavior Modeling, Insider Threats, Cloud Access Security Brokers (CASB), Credential StuffingAbstract
Identity-related threats have quickly become a common way for hackers to get into these modern cloud systems. This is because people are reusing their credentials a lot, phishing is common, access restrictions are very weak as well as businesses are leaving a bigger digital footprint. As cloud workloads grow & access gets more spread out, attackers are using stolen or hacked credentials more and more to pretend to be actual users, which makes traditional security measures very less effective. This study looks at how credential-based assaults are becoming more common, such as account takeovers, privilege escalation, session hijacking, API key exploitation as well as lateral movement across cloud identities. It also stresses the need for adaptive, context-aware detection. We give a brief overview of the most advanced methods, such as behavioral analytics, continuous authentication, anomaly-based access monitoring, identity threat detection and response (ITDR), machine learning models for user behavior profiling & role-based privilege baselining. Our research introduces a unified framework that amalgamates signal correlation, identity-focused risk evaluation along with cloud-native telemetry analysis to detect these credential misuse with enhanced accuracy and promptness. This case study shows how the proposed method can find small behavioral changes, like unusual login locations or strange API invocation patterns, well before major breaches happen. It does this by simulating a credential compromise in a multi-cloud context. The paper ends with suggestions that businesses may use, such as making sure that their identity context is part of cloud security operations, constantly improving detection models with real-time data, and making sure that these identity governance follows zero-trust principles. We see identity threat detection not just as a way to protect ourselves, but as a key way to keep cloud systems safe from the next generation of attacks that use credentials
Downloads
References
[1] Habiba, Umme, et al. "Cloud identity management security issues & solutions: a taxonomy." Complex Adaptive Systems Modeling 2.1 (2014): 5
[2] Indu, I., PM Rubesh Anand, and Vidhyacharan Bhaskar. "Identity and access management in cloud environment: Mechanisms and challenges." Engineering science and technology, an international journal 21.4 (2018): 574-588.
[3] Jana, Debasish, and Debasis Bandyopadhyay. "Management of identity and credentials in mobile cloud environment." 2013 International Conference on Advanced Computer Science and Information Systems (ICACSIS). IEEE, 2013.
[4] Kazim, Muhammad, and Shao Ying Zhu. "A survey on top security threats in cloud computing." International Journal of Advanced Computer Science and Applications (IJACSA) (2015).
[5] Amara, Naseer, Huang Zhiqui, and Awais Ali. "Cloud computing security threats and attacks with their mitigation techniques." 2017 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC). IEEE, 2017.
[6] Patel, Ahmed, et al. "An intrusion detection and prevention system in cloud computing: A systematic review." Journal of network and computer applications 36.1 (2013): 25-41.
[7] Khorshed, Md Tanzim, ABM Shawkat Ali, and Saleh A. Wasimi. "A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing." Future Generation computer systems 28.6 (2012): 833-851.
[8] Tabrizchi, Hamed, and Marjan Kuchaki Rafsanjani. "A survey on security challenges in cloud computing: issues, threats, and solutions." The journal of supercomputing 76.12 (2020): 9493-9532.
[9] Suryateja, Pericherla Satya. "Threats and vulnerabilities of cloud computing: a review." International Journal of Computer Sciences and Engineering 6.3 (2018): 297-302.
[10] Khalil, Issa M., Abdallah Khreishah, and Muhammad Azeem. "Cloud computing security: A survey." Computers 3.1 (2014): 1-35.
[11] Islam, Tariqul, D. Manivannan, and Sherali Zeadally. "A classification and characterization of security threats in cloud computing." Int. J. Next-Gener. Comput 7.1 (2016): 268-285.
[12] Kandias, Miltiadis, Nikos Virvilis, and Dimitris Gritzalis. "The insider threat in cloud computing." International Workshop on Critical Information Infrastructures Security. Berlin, Heidelberg: Springer Berlin Heidelberg, 2011.
[13] Khalil, Issa, Abdallah Khreishah, and Muhammad Azeem. "Consolidated Identity Management System for secure mobile cloud computing." Computer Networks 65 (2014): 99-110.
[14] Kofahi, Najib A., and Areej Rasmi Al-Rabadi. "Identifying the top threats in cloud computing and its suggested solutions: a survey." Networks 6.1 (2018): 1-13.
[15] Mangiuc, Dragos Marian. "Cloud identity and access management–A model proposal." Journal of Accounting and Management Information Systems (JAMIS) 11.3 (2012): 484-500.
