Iowa State University Team Works on a New Approach to Securing the Cloud

A team of ISU computer scientists is working together to create an algorithm on school data extremely difficult, even for today's hackers.

by Grayson Schmidt, Ames Tribune / May 14, 2018

(TNS) — With the rise in popularity of cloud-based storage, Iowa State University Associate Professor of Computer Science Wensheng Zhang said, comes the rise of a new style of hacker.

And Zhang, along with a team of computer scientists at ISU, is working to create an algorithm that would make access to user data extremely difficult for hackers.

"They're very convenient, but they come with risks of security and privacy," Zhang said. "When we use these storage spaces, we have to put our data in the hands of providers of spaces, instead of holding the data by ourselves with full control."

According to Zhang, cloud storage has been around in some capacity for at least 10 years but has only started to gain traction within the past five.

Part of the appeal of cloud storage is the convenience and large amounts of data that can be stored.

Though reports of attacks on cloud storage may not have received major media attention, Zhang said they do occur, and even though users can encrypt their data and information, it is how they access the data that poses the risk.

Zhang's team is focused on data access pattern protection, which he said alerts the provider how frequently users access certain data compared to others.

If hackers can gain access to the cloud, then Zhang said they can take a look at what is frequently accessed and alter or remove that information.

"In terms of how real this is, to my best knowledge I haven't seen any media coverage about such kind of attacks, but researchers have found some attacks that have been launched based on the knowledge of these access patterns," Zhang said.

"If an attacker knows the access pattern, and even if the data is encrypted (hackers) may be able to guess with a pretty high probability what the original data is."

That is why Zhang's team is creating an algorithm that incorporates a mix of fake and real access requests, making it difficult to detect a pattern.

Now Zhang said even though this is a simplified version of what the team is doing, there are some major hurdles to get through, such as higher costs, bandwidth usage, and time.

From here, Zhang said he hopes the work can lead to software that clients can use, or providers can offer, that helps users protect their access patterns.

"As clients, we should push cloud providers to take more efficient and effective approaches to protect the platform," Zhang said.

"Nowadays, attacks can generally be prevented, but the attacks that we are looking at may become more prominent."

©2018 the Ames Tribune, Iowa Distributed by Tribune Content Agency, LLC.