Jordanian Journal of Informatics and Computing

Login

Risk Assessment for Identifying Threats, vulnerabilities and countermeasures in Cloud Computing

by 

Santosh Reddy Addula ;

Sajedeh Norozpour ;

Mohammed Amin

PDF logoPDF

Published: 2025/03/28

Abstract

The main objective of this study is to conduct a comprehensive analysis of cyber risks in cloud computing, including classifying threats, vulnerabilities, impacts, and countermeasures. This classification helps to identify suitable security controls to mitigate cyber risks for each type of threat. Additionally, this study aims to explore the main vulnerabilities in terms of infrastructure, service and platform in cloud computing. This study uses the content analysis technique to collect, analyze, and classify data in terms of types of threats, vulnerabilities, and countermeasures. The methodology comprises four primary stages: (1) identifying key components, (2) threat identification, (3) vulnerability identification, and (4) countermeasure identification. The results indicate that DoS attacks and account hijacking attacks were the most prevalent infrastructure vulnerabilities in cloud computing, each accounting for 14% and 10% of incidents. The results found that unpatched software and weak access controls were classified as the most critical threats in the service level in cloud computing, comprising 17% and 12% of incidents, respectively. The results also indicated that encryption methods, access controls mechanisms and firewall malware protection are the most significant and effective countermeasures for protecting the infrastructure, service and platform in cloud computing environment. The findings of this study provides valuable recommendations for academic research in classifying the different types of cyber threats and understanding the significant security controls against cyber-attacks in cloud computing.

Keywords

Risk AssessmentCloud ComputingCybersecurityCyber ThreatsCountermeasures

Risk Assessment for Identifying Threats, vulnerabilities and countermeasures in Cloud Computing is licensed under CC BY 4.0CCBY

References

  1. Tahirkheli, A. I., Shiraz, M., Hayat, B., Idrees, M., Sajid, A., Ullah, R., ... & Kim, K. I. (2021). A survey on modern cloud computing security over smart city networks: Threats, vulnerabilities, consequences, countermeasures, and challenges. Electronics, 10(15), 1811.
  2. Kunduru, A. R. (2023). Security concerns and solutions for enterprise cloud computing applications. Asian Journal of Research in Computer Science, 15(4), 24-33.
  3. Dawood, M., Tu, S., Xiao, C., Alasmary, H., Waqas, M., & Rehman, S. U. (2023). Cyberattacks and security of cloud computing: a complete guideline. Symmetry, 15(11), 1981.
  4. Kumar, R., & Goyal, R. (2019). On cloud security requirements, threats, vulnerabilities and countermeasures: A survey. Computer Science Review, 33, 1-48.
  5. Oladoyinbo, T. O., Adebiyi, O. O., Ugonnia, J. C., Olaniyi, O. O., & Okunleye, O. J. (2023). Evaluating and establishing baseline security requirements in cloud computing: an enterprise risk management approach. Asian journal of economics, business and accounting, 23(21), 222-231.
  6. Raja, V. ., & chopra, B. . (2024). Exploring Challenges and Solutions in Cloud Computing: A Review of Data Security and Privacy Concerns. Journal of Artificial Intelligence General Science (JAIGS) ISSN:3006-4023, 4(1), 121–144. https://doi.org/10.60087/jaigs.v4i1.86.
  7. Sasubilli, M. K., & Venkateswarlu, R. (2021, January). Cloud computing security challenges, threats and vulnerabilities. In 2021 6th international conference on inventive computation technologies (ICICT) (pp. 476-480). IEEE.‏
  8. Jimmy, F. N. U. (2024). Cyber security Vulnerabilities and Remediation Through Cloud Security Tools. Journal of Artificial Intelligence General science (JAIGS) ISSN: 3006-4023, 2(1), 129-171.‏
  9. El Kafhali, S., El Mir, I., & Hanini, M. (2022). Security threats, defense mechanisms, challenges, and future directions in cloud computing. Archives of Computational Methods in Engineering, 29(1), 223-246.‏
  10. Altulaihan, E., Almaiah, M. A., & Aljughaiman, A. (2022). Cybersecurity threats, countermeasures and mitigation techniques on the IoT: Future research directions. Electronics, 11(20), 3330.‏
  11. Aslan, Ö., Aktuğ, S. S., Ozkan-Okay, M., Yilmaz, A. A., & Akin, E. (2023). A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions. Electronics, 12(6), 1333.‏
  12. Dawood, M., Tu, S., Xiao, C., Alasmary, H., Waqas, M., & Rehman, S. U. (2023). Cyberattacks and security of cloud computing: a complete guideline. Symmetry, 15(11), 1981.‏
  13. AL-QTIEMAT, E. M. A. N., & AL-ODAT, Z. E. Y. A. D. (2024). EXAMINING CLOUD SECURITY: IDENTIFYING RISKS AND THE IMPLEMENTED MITIGATION STRATEGIES. Journal of Theoretical and Applied Information Technology, 102(7).‏
  14. Ali, T., Al-Khalidi, M., & Al-Zaidi, R. (2024). Information Security Risk Assessment Methods in Cloud Computing: Comprehensive Review. Journal of Computer Information Systems, 1-28.‏
  15. Shajan, A., & Rangaswamy, S. (2021). Survey of security threats and countermeasures in cloud computing. United International Journal for Research & Technology, 2(7), 201-207.‏