A Multi-Tenant Cloud Security Framework Using Zero-Trust Architecture and AI-Based Anomaly Detection
DOI:
https://doi.org/10.63282/3117-5481/AIJCST-V6I4P101Keywords:
Zero-Trust Architecture, Multi-Tenant Cloud Security, AI-Based Anomaly Detection, Deep Learning, Threat Response Automation, Cloud ComputingAbstract
The concept of cloud computing has revolutionized information processing across the world due to the services that are elastic, scalable and cost effective. Nevertheless, multi-tenancy brings in critical risks, such as, unauthorized lateral movement, data leakage by tenants, insider threats, privileged escalation and advanced cyberattacks. Existing perimeter security models fail to perform properly in dynamic, distributed and cloud environments, in which there is no clearly defined trust boundaries. In this paper, I suggest a Multi-Tenant Cloud Security Framework (MTCSF), which integrates Zero-Trust Architecture (ZTA) and AI-Based Anomaly Detection to develop an active and adaptable defense system. The framework provides the continuity of authentication, the regulation of least-privilege access, micro-segmentation, and encryption of the lifecycle data. An anomaly detection engine is a hybrid AI-based system of supervised deep learning and unsupervised clustering that determines the anomalies (insider abuses or anomalous patterns of resource access) in real time. The system will also utilize a Security Orchestration, Automation, and Response (SOAR) layer that will automatically start mitigation actions. The simulated multi-tenant cloud testbed with benchmark datasets (NSL-KDD and CIC-IDS 2021) of simulated threat scenarios such as DDoS, privilege abuse, and malicious file transfer were experimented. Findings indicate better detection and were lower than false positives with the existing cloud security systems. The most important key performance indicators are a detection rate of 98.21 percent, a false-positive rate of 1.79 percent, a shorter switching time to threat responses, and low latency overhead (less than 3 ms). The suggested MTCSF fulfills architectural and operational security vulnerabilities. The contributions involve: (1) a Multi-tenant access control Zero-trust enforcement model, (2) a hybrid AI abnormality detector to be incorporated into security processes, Detection and isolation of threats tailored to the homes occupied by tenants. This study has shown that trust-agnostic and intelligent control are beneficial to improve confidentiality, integrity, and availability of multi-tenant clouds and to satisfy regulatory compliance and tenant isolation needs. Optimized model scalability and increased cross-cloud sharing of threat intelligence will be optimized in future work
References
[1] Alsaeedi, M., Al-Momani, A., & Govardhan, A. (2021). Security challenges in multi-tenant cloud computing environments: A survey. Journal of Cloud Computing, 10(1), 1-17.
[2] Subashini, S., & Kavitha, V. (2020). Cloud security issues and challenges: A survey. International Journal of Computer Applications, 975, 8887.
[3] Alharkan, I., & Youssef, M. (2022). Enhancing tenant isolation using software-defined segmentation in cloud platforms. Future Generation Computer Systems, 128, 373-384.
[4] Mothukuri, V., et al. (2021). Security and privacy of multi-cloud-based edge computing: A survey. IEEE Communications Surveys & Tutorials, 23(2), 1412-1450.
[5] Rose, S., et al. (2020). Zero Trust Architecture. NIST Special Publication 800-207.
[6] Chen, T., & Xiang, Y. (2022). Challenges in enforcing Zero-Trust in distributed cloud-native microservices. IEEE Access, 10, 45380-45394.
[7] Kaloudi, N., & Li, J. (2021). Integration issues of Zero-Trust with legacy IAM systems. Computers & Security, 105, 102259.
[8] Alharthi, R., et al. (2023). Performance overhead analysis of Zero-Trust authentication in latency-sensitive workloads. Journal of Network and Computer Applications, 216, 103658.
[9] Satish, P., & Syed, A. (2021). LSTM-based intrusion detection for cloud networks. International Journal of Information Security Science, 10(4), 198-207.
[10] Kumar, A., & Kaur, J. (2022). Hybrid K-Means + SVM model for cloud anomaly detection. Applied Intelligence, 52(6), 6210-6225.
[11] Rahman, M. M., et al. (2023). Blockchain-assisted access control for secure multi-tenant computing. IEEE Transactions on Cloud Computing, 11(3), 1504-1517.
[12] Priya, M., & Jeyanthi, N. (2021). Deep learning-enhanced IDS for virtualized environments. Journal of Information Security and Applications, 58, 102711.
[13] Wang, Y., et al. (2022). Scalability limitations of ML-based IDS in large cloud infrastructures. Computers & Electrical Engineering, 100, 107938.
[14] Hussain, F., et al. (2023). AI for Zero-Trust automation in the cloud: A survey. IEEE Internet of Things Journal, 10(4), 3501-3518.
[15] Mohanarajesh Kommineni. Revanth Parvathi. (2013) Risk Analysis for Exploring the Opportunities in Cloud Outsourcing.
[16] Designing LTE-Based Network Infrastructure for Healthcare IoT Application - Varinder Kumar Sharma - IJAIDR Volume 10, Issue 2, July-December 2019. DOI 10.71097/IJAIDR.v10.i2.1540
[17] Thallam, N. S. T. (2020). Comparative Analysis of Data Warehousing Solutions: AWS Redshift vs. Snowflake vs. Google BigQuery. European Journal of Advances in Engineering and Technology, 7(12), 133-141.
[18] Kanji, R. K. (2020). Federated Learning in Big Data Analytics Privacy and Decentralized Model Training. Journal of Scientific and Engineering Research, 7(3), 343-352.
[19] The Role of Zero-Emission Telecom Infrastructure in Sustainable Network Modernization - Varinder Kumar Sharma - IJFMR Volume 2, Issue 5, September-October 2020. https://doi.org/10.36948/ijfmr.2020.v02i05.54991
[20] Aragani, Venu Madhav and Maroju, Praveen Kumar and Mudunuri, Lakshmi Narasimha Raju, Efficient Distributed Training through Gradient Compression with Sparsification and Quantization Techniques (September 29, 2021). Available at SSRN: https://ssrn.com/abstract=5022841 or http://dx.doi.org/10.2139/ssrn.5022841
[21] P. K. Maroju, "Empowering Data-Driven Decision Making: The Role of Self-Service Analytics and Data Analysts in Modern Organization Strategies," International Journal of Innovations in Applied Science and Engineering (IJIASE), vol. 7, Aug. 2021.
[22] Lakshmi Narasimha Raju Mudunuri, “AI Powered Supplier Selection: Finding the Perfect Fit in Supply Chain Management”, IJIASE, January-December 2021, Vol 7; 211-231.
[23] Kommineni, M. "Explore Knowledge Representation, Reasoning, and Planning Techniques for Building Robust and Efficient Intelligent Systems." International Journal of Inventions in Engineering & Science Technology 7.2 (2021): 105- 114.
[24] Thallam, N. S. T. (2021). Privacy-Preserving Data Analytics in the Cloud: Leveraging Homomorphic Encryption for Big Data Security. Journal of Scientific and Engineering Research, 8(12), 331-337.
[25] Kanji, R. K. (2021). Federated data governance framework for ensuring quality-assured data sharing and integration in hybrid cloud-based data warehouse ecosystems through advanced ETL/ELT techniques. International Journal of Computer Techniques, 8(3), 1-9.
[26] Reinforcement Learning Applications in Self Organizing Networks - Varinder Kumar Sharma - IJIRCT Volume 7 Issue 1, January-2021. DOI: https://doi.org/10.5281/zenodo.17062920
[27] Thirunagalingam, A. (2022). Enhancing Data Governance Through Explainable AI: Bridging Transparency and Automation. Available at SSRN 5047713.
[28] P. K. Maroju, "Conversational AI for Personalized Financial Advice in the BFSI Sector," International Journal of Innovations in Applied Sciences and Engineering, vol. 8, no.2, pp. 156–177, Nov. 2022.
[29] Kulasekhara Reddy Kotte. 2022. ACCOUNTS PAYABLE AND SUPPLIER RELATIONSHIPS: OPTIMIZING PAYMENT CYCLES TO ENHANCE VENDOR PARTNERSHIPS. International Journal of Advances in Engineering Research , 24(6), PP – 14-24, https://www.ijaer.com/admin/upload/02%20Kulasekhara%20Reddy%20Kotte%2001468.pdf
[30] Gopi Chand Vegineni. 2022. Intelligent UI Designs for State Government Applications: Fostering Inclusion without AI and ML, Journal of Advances in Developmental Research, 13(1), PP – 1-13, https://www.ijaidr.com/research-paper.php?id=1454
[31] Hullurappa, M. (2022). The Role of Explainable AI in Building Public Trust: A Study of AI-Driven Public Policy Decisions. International Transactions in Artificial Intelligence, 6.
[32] Mohanarajesh Kommineni. (2022/11/28). Investigating High-Performance Computing Techniques For Optimizing And Accelerating Ai Algorithms Using Quantum Computing And Specialized Hardware. International Journal Of Innovations In Scientific Engineering. 16. 66-80. (Ijise) 2022.
[33] Naga Surya Teja Thallam. (2022). Enhancing Security in Distributed Systems Using Bastion Hosts, NAT Gateways, and Network ACLs. International Scientific Journal of Engineering and Management, 1(1).
[34] Thallam, N. S. T. (2022). Columnar Storage vs. Row-Based Storage: Performance Considerations for Data Warehousing. Journal of Scientific and Engineering Research, 9(4), 238-249.
[35] Garg, A. (2022). Unified Framework of Blockchain and AI for Business Intelligence in Modern Banking . International Journal of Emerging Research in Engineering and Technology, 3(4), 32-42. https://doi.org/10.63282/3050-922X.IJERET-V3I4P105
[36] Kanji, R. K. (2022). A Unified Data Warehouse Architecture for Multi-Source Forest Inventory Integration and Automated Remote Sensing Analysis. Sarcouncil Journal of Engineering and Computer Sciences, 1, 10-16.
[37] Performance Evaluation of Network Slicing in 5G Core Networks - Varinder Kumar Sharma - IJMRGE 2022; 3(5): 648-654. DOI: https://doi.org/10.54660/.IJMRGE.2022.3.5.648-654 Thirunagalingam, A. (2023). Improving Automated Data Annotation with Self-Supervised Learning: A Pathway to Robust AI Models Vol. 7, No. 7,(2023) ITAI. International Transactions in Artificial Intelligence, 7(7).
[38] Praveen Kumar Maroju, "Optimizing Mortgage Loan Processing in Capital Markets: A Machine Learning Approach, " International Journal of Innovations in Scientific Engineering, 17(1), PP. 36-55 , April 2023.
[39] Kulasekhara Reddy Kotte. 2023. Leveraging Digital Innovation for Strategic Treasury Management: Blockchain, and Real-Time Analytics for Optimizing Cash Flow and Liquidity in Global Corporation. International Journal of Interdisciplinary Finance Insights, 2(2), PP - 1 - 17, https://injmr.com/index.php/ijifi/article/view/186/45
[40] Mudunuri L.N.R.; (December, 2023); “AI-Driven Inventory Management: Never Run Out, Never Overstock”; International Journal of Advances in Engineering Research; Vol 26, Issue 6; 24-36 S. Panyaram, "Digital Transformation of EV Battery Cell Manufacturing Leveraging AI for Supply Chain and Logistics Optimization," International Journal of Innovations in Scientific Engineering, vol. 18, no. 1, pp. 78-87, 2023.
[41] Hullurappa, M. (2023). Intelligent Data Masking: Using GANs to Generate Synthetic Data for Privacy-Preserving Analytics. International Journal of Inventions in Engineering & Science Technology, 9, 9.
[42] B. C. C. Marella, “Data Synergy: Architecting Solutions for Growth and Innovation,” International Journal of Innovative Research in Computer and Communication Engineering, vol. 11, no. 9, pp. 10551–10560, Sep. 2023.
[43] Mohanarajesh Kommineni. (2023/6). Investigate Computational Intelligence Models Inspired By Natural Intelligence, Such As Evolutionary Algorithms And Artificial Neural Networks. Transactions On Latest Trends In Artificial Intelligence. 4. P30. Ijsdcs.
[44] Settibathini, V. S., Kothuru, S. K., Vadlamudi, A. K., Thammreddi, L., & Rangineni, S. (2023). Strategic analysis review of data analytics with the help of artificial intelligence. International Journal of Advances in Engineering Research, 26, 1-10.
[45] Sandeep Rangineni Latha Thamma reddi Sudheer Kumar Kothuru , Venkata Surendra Kumar, Anil Kumar Vadlamudi. Analysis on Data Engineering: Solving Data preparation tasks with ChatGPT to finish Data Preparation. Journal of Emerging Technologies and Innovative Research. 2023/12. (10)12, PP 11, https://www.jetir.org/view?paper=JETIR2312580
[46] Sehrawat, S. K. (2023). The role of artificial intelligence in ERP automation: state-of-the-art and future directions. Trans Latest Trends Artif Intell, 4(4).
[47] Teja Thallam , N. S. (2023). Centralized Management in Multi-Account AWS Environments: A Security and Compliance Perspective. International Journal of Emerging Trends in Computer Science and Information Technology, 4(3), 23-31. https://doi.org/10.63282/3050-9246.IJETCSIT-V4I3P103
[48] Naga Surya Teja Thallam. (2023). High Availability Architectures for Distributed Systems in Public Clouds: Design and Implementation Strategies. European Journal of Advances in Engineering and Technology.
[49] Arpit Garg, S Rautaray, Devrajavans Tayagi. Artificial Intelligence in Telecommunications: Applications, Risks,and Governance in the 5G and Beyond Era. International Journal of Computer Techniques – Volume10Issue1,January - February – 2023. 1-19.
[50] Rajesh Kumar Kanji, Vinodkumar Reddy Surasani, Naveen Kumar Kotha and Uday Kiran Chilakalapalli4 (2023). NLP-BASED INTER AND INTRA-SENTENCE RELATIONSHIP ANALYSIS-AWARE BANK CUSTOMER BEHAVIOR ANALYSIS AND PREFERENCE DETECTION USING GLSNSTM. Journal of Computational Analysis and Applications, 31(4), 1834-1857
[51] Mukkala, S. R. (2023). A Proficient Hospital Ratings Aware Patient Churn Prediction And Prevention System Using Abg-Fuzzy And Ner-Gfjdkmeans. Educational Administration: Theory and Practice, 29 (03), 1407-1424 Doi: 10.53555/kuey. v29i3, 9511.
[52] Varinder Kumar Sharma - Cloud-Edge Continuum in 5G: A Latency-Aware Network Design Review -International Scientific Journal of Engineering and Management Volume: 02 Issue: 03 | Mar – 2023. DOI: 10.55041/ISJEM00133
