Researchers developing improved cloud security tools
While phishing attacks are the most common strategy hackers use, successfully cracking into a data storage service may enable them to exploit data access patterns.
Cloud users are commonly encouraged to encrypt sensitive data and information, but how they access that data may make it vulnerable.
That’s according to a team of computer scientists, including Wensheng Zhang, an associate professor of computer science at Iowa State University, that is working to defend against the potential cyber risk that comes with cloud storage.
According to Zhang, reports of access pattern-based attacks to cloud storage are rare, but if hackers can crack a data storage service, it may be only a matter of time before they try to exploit data access patterns.
"Cloud storage is very convenient, but there are privacy risks," he said. "This kind of threat may be of greater concern to companies or agencies working with very sensitive data. For example, military agencies or some branches of the government.”
For example, explained Zhang, an agency might upload a large dataset to its cloud account. A team analyzing a specific subset of the data regularly accesses the information, creating a pattern. Someone – a rogue employee or hacker who compromised the cloud service – could observe the pattern and make assumptions about the data.
While the idea is not likely for the average person who uses the cloud to store photos or less sensitive information, a user storing classified documents or, say, healthcare research results in the cloud may be more vulnerable.
According to Zhang, his team’s goal is to develop technology to disguise access patterns. He says the basic premise is to create an algorithm that incorporates a mix of fake and real access requests, making it difficult to detect a pattern.
The work is ongoing as the team looks for ways to improve performance and efficiency. Zhang says they are also exploring the pros and cons of splitting large datasets across multiple providers, so that access patterns do not reveal the full picture.
"Storage is now more affordable. Five years ago, it was expensive to buy a computer with several hundred gigabytes of storage, but today it is very common," Zhang said. "If users are concerned about privacy, they can keep a small subset of data locally and export the remaining dataset to storage, which can save some cost for protecting the access pattern privacy."