Continuous identity verification in cloud storage services using behavioural profiling

B. Al-Bayati, N. Clark, Paul Haskell-Dowland, Fudong Li

Research output: Chapter in Book/Report/Conference proceedingConference contribution

106 Downloads (Pure)


Cloud storage services have become immensely popular because they enable users to remotely store their data over the Internet. However, this has led to a lack of physical control to protect their information with an increasing vulnerability to potential attacks. Well-known service providers including Dropbox and Apple iCloud have suffered from attacks, leading to sensitive customer information being exposed. A key issue is that the cloud services rely upon a simple authentication login and remain accessible to users afterward for significant periods of time. Thus, arguably more intelligent security measures are required to support the security of the system. Behavioural profiling is one technique that has been applied successfully with a variety of technologies for continuous user verification, telecommunication misuse and credit card fraud. However, the implementation of such a technique in cloud storage services has not been studied. This paper investigates the application in cloud storage services to detect misuse post initial login. A private dataset was collected from a cloud storage service (Dropbox) containing real user interactions of 30 participants over a six month period (totalling 91,371 log entries). A series of experiments have been implemented on the dataset using a supervised machine learning algorithms to examine the feasibility of classifying the normal and abnormal users’ behaviour. On average, the best experimental result achieved an EER of as low as 5.8% with six users experiencing an EER equal to or less than 0.3%. The results are very encouraging and indicate the feasibility of detecting misuse in cloud computing services.
Original languageEnglish
Title of host publicationProceedings of the 17th European Conference on Information Warfare and Security
Subtitle of host publicationECCWS 2018
EditorsAudun Jøsang
PublisherAcademic Conferences and Publishing International Limited
Number of pages10
ISBN (Print)978-1-911218-85-2
Publication statusPublished - 29 Jun 2018
Event17th European Conference on Cyber Warfare and Security - University of Oslo, Norway
Duration: 28 Jul 201829 Jul 2018


Conference17th European Conference on Cyber Warfare and Security
Internet address


Dive into the research topics of 'Continuous identity verification in cloud storage services using behavioural profiling'. Together they form a unique fingerprint.

Cite this