Challenges and Issues in Cloud Security for WBAN applications – A Systematic Survey

A systematic and comprehensive review of privacy preserving and security challenges in cloud environment is presented in this literature. Since, cloud supports various applications, it requires immediate attention for serious security and privacy issues. Research must focus on efficient security mechanism for cloud-based networks, also it is essential to explore the techniques to maintain the integrity and confidentiality of the data. This paper highlights research challenges and directions concerning the security as a comprehensive study through intensive analysis of various literatures in the last decade, and it is summarized in terms of architecture types, evaluation strategies and security model. We surveyed, investigated and reviewed the articles in every aspect related to security and privacy preserving concepts and identified the following tasks: 1) architecture of wireless body area networks in cloud, 2) security and privacy in cloud based WBAN, 3), Cloud security and privacy issues in cloud 4) diverse authentication and cryptographic approaches, 4) optimization strategies to improve the security performance.


Introduction
Wireless body area network is a low power intelligent wireless communication technology which could be implanted or attached to human body for continuous monitoring of body [1] under mobility and stationary conditions [2]. Internetworking these devices collects and transmits the information through gateway [3]. The delivered data in monitoring station stores, process and analyse the data using a suitable communication infrastructure [4]. IEEE 802.15.6 standard classifies the wireless body are network applications into two categories such as medical and nonmedical. The medical applications are further categorized into remote control, Implant and wearable applications while the nonmedical applications include real time streaming, entertainment and emergency. Initially, WBAN was implemented for efficient and real time health monitoring [5] systems to help the aging society. Later, the advantages and cost-effective benefits in continuous monitoring and assessment, helps to improve the real time process which makes the WBAN to spread in wide area of applications. Figure 1 depicts the key application of WBAN in detail under various categories [6].

Fig. 2: Communication Tiers in WBAN
Cloud Enabled WBAN Cloud computing refers to the applications or services processed over distributed network by utilizing the virtual resources [12]. These common resources are accessed through basic internet protocols and networking standards. It provides virtual and boundless resources which could be accessed by end user through prescribed applications. Integrating cloud with WBAN requires on-demand, scalable, secure storage processing infrastructure [13]. This hybrid platform process large amount of data which is collected through sensor nodes. The collected data must be transmitted with minimum delay and power [14]. Figure 3 depicts the integrated architecture of cloud enabled WBAN in medical application [15]. Cloud providers has robust infrastructure which includes servers, routers and more components to provide essential service to the user. It requires high scale devices for different applications to meet the economic and technical requirements. The recent development in low-cost devices helps to integrate the WBAN with cloud is complex to realize. Two important parameters are considered in case of WBAN such as nodes and transmission rate in terms security and privacy [16], [17]. Node security is essential so that the generated or collected information could be preserved from intruder. Transmission rate plays another vital role since if the data encryption or decryption is performed in the data before transmission to preserve its uniqueness if affects the transmission rate. Generally, sensors are used as nodes and the transmission rate may increase or decrease due to environment changes which affects the performance of the system. This leads into data degradation or loss so that an intelligent resource allocation and management system is required to implement cloud based WBAN. Integrating cloud with WBAN has various advantages such as • Integrating cloud with WBAN provides wide functionalities and services based on the requirements of application such as video streaming, data mining, etc., • Reduces the limitation in bandwidth requirements since the integrated architecture deploy the services and enhance the efficiency in terms of communication, computation, storage and power. • Strong privacy and security protection could be enabled in the integrated architecture due to its flexible services. • Cloud has multiple backups of data, so that the reliability is much better than conventional wireless sensor networks. The application will run continuously in cloud without any interruption. There are few limitations present in integrating cloud with WBAN as follows • Cloud doesn't have self-governing nature to adapt with WBAN nodes and its transmission rates. • Increased number of clouds in a region simultaneously increases the delay and transmission power.

Literature Survey
In this section vast survey has been made by analyzing various research models in terms of cloud security and privacy, integrated architecture models, authentication, cryptographic approaches and optimization straggles used in cloud. Special attention required while handling data in cloud and the trust of entire system depends on the data prevention techniques. Numerous tools have been introduced and tested by researchers for efficient data protection and prevention of unauthorized access. Still the gap needs an attention to sort it through a better data prevention and protection technique.

Cloud Service Security
Security issues in cloud service model is categorized into • Network level security issues • Data level security issues • User authentication level security issues • Generic security issues. Service level cloud security models [18] has its own limitations and before understanding the issues the relationship between the service models is essential. Cloud has three service models such as SaaS [19], PaaS and IaaS [20]. In that the security breach over the IaaS will affect the other two models since they are hosted over the IaaS. Generally, PaaS offers a platform to build an application and SaaS offers deployment platform to the application which increases the security. Because of these dependencies of three layers in cloud, if any attacks or breaches occurs in the network the entire environment will be at risk.

Security Issues with SaaS
In the three cloud service models SaaS has less control over security. It provides services to business applications, communication software and emails. Based on the applications the security factors are analysed in SaaS as follows.
Data security is the major challenge in SaaS platform as the service providers need to concern over the user data security. Based on the control measures and technologies it classified into three sections as • Protection of data in cloud on migration [21] • Protection of data between cloud and different service providers [22] • Protection of data within the cloud [23] SaaS has the responsibility to secure the data from collection to till storage and analyse the data. Most of the organizational data are processes as plaintext in cloud and faces critical issues while handling backup and recovery process. Also, service providers need to concern over the disaster management to ensure the data security. But most of the agreements are complex for service providers due to data location and service provider's data centers which introduces issues in data security and privacy.
Most of the cloud services are facilitated as applications to users and it is typically processed over internet and web browsers. The possibilities of vulnerabilities in web-based applications are more compared to other processing technologies. Conventional security mechanisms could not ensure the security and privacy of the data [24]. So, it is essential that new approaches need to be evolved to prevent the security threats and malicious activity over the data in web services.
Another security issue in SaaS is multi-tenancy. Cloud provides service as shared platform and this multi-tenancy [25] has flaws that other users in the network could see the operation of user and trace the residual data. Since multiple tenants and their data are stored in the same database this leads into leakage of privacy information and the risk of data theft which leads into serious issue. So, it is essential to ensure the data security when the resource is shared to other users in the network. Service providers need to handle the issue by implementing security policies to protect the user data from other customers.
Accessing the resource through specific application over internet may expose serious security issues in cloud [26].
Since the user has able to access the network devices which includes personal and public computers and mobile phones etc., which creates a way to intruder to obtain the data. Cloud security alliance provides a list of threats such as stealing information through malware, insecure network connection, OS based vulnerabilities, official applications and other proxy-based security threats.

Security Issues with PaaS
PaaS is an integrated environment which offers the user to develop, test and deploy the application to support customers. Two layers of security are comprised in PaaS such as • PaaS platform security [27] • Application deployed in PaaS platform [28] The platform service provides must ensure the safety of software which has runtime engine which runs over the user applications. Since the user are dependent over web hosted development tools and other services the PaaS must provide suitable security measure. Combing one or more source elements as an integrated system PaaS must ensure the safety of the data as well as network. Since the components which are changed in PaaS platform to secure the user data and network the complexity of building application over PaaS must be considered by the developers. Also, the developers need to manage the issues related to data storage location. Even though the developers and service providers considering these facts the security issues in PaaS are still exist and researchers work on it to obtain secured model.
The security over access control mechanism in PaaS is present in its delivery model [29]. The CSP in PaaS is responsible for network management, server management and infrastructure management of application over the platform. The customer is also responsible to access the resource [30] through the application developed in platform which has access management to ensure the security through authentication of the users.

Security Issues with IaaS
IaaS provides resources such as storage servers, networks and other resources as a virtualized system through internet.
IaaS has better security concern over other models by controlling the software running in virtual machine. Using suitable security and configuration policies the privacy and security of the system is ensured in IaaS model by cloud service providers. Compared to PaaS and SaaS the security standard is much better in IaaS [31] by providing full access to the user through VM host which is isolated from other systems using hypervisor technology. Hypervisor [32] in VM is used to isolate the VM from other systems. Generally, it is referred as virtual machine monitor which is low level software that controls the VMs. If the security of hypervisor is breached that leads into data expose to all domain so that attacker could migrate the VMM model into malicious server would leads into serious issue. Generally, it is advised to place the VMM as much as small in size which reduces the risk of vulnerabilities and easy to fix if anything happens. Since the malicious VM could capture the information from other VMs as the cloud uses shared memory concept. Similarly, the utilization of convert channels in VMs by passes all the rules in security model of VMM could help the intruder to monitor the resource without known to the VMM. So that the user is responsible for maintaining the system from security threats [33]. IaaS undertake efforts to reduce the security threats from communication, modification, monitoring and mobility of the user data, application. Few important threats under public IaaS [34] are attacking unpatched or vulnerable service over standard ports, hack the account with minimum secured or weakly secured account, key theft to access the control over host, deploying Trojans through software embedded in VM [35], [36] break the system which has not properly configured or secured by firewalls.
Virtualization [37] is a platform which allows the user to roll the virtual machines to run over variety of applications. It creates opportunities to intruders to break the security. Breaking the security in one VM affects the entire VMs in the network as the environment is similar to normal infrastructure. This gives more challenge in security [38] and interconnection complexity. Trojan is one of the security issues and in this an attacker with valid credentials create an image which includes malicious code and sent to the user in the network. If the image is used by another user, then the VM and its data are affected by hidden malware which leads into data breach. In some cases, data leakage could be happened due to VM replication [39]. Since in replication all the information such as passwords, cryptographic keys are recorded as image and if the image is not cleaned after replication [40], that data could be used by another user. Virtual Networks [41], [42] are responsible for VMs interconnectivity and it secures the VM by connecting the user with physical channel. But most of the hypervisor uses virtual networks to connect VM directly using configured networks such as bridge or routed models. These models are efficient but it creates possible ways to attackers to capture the information. Some of the famous attacks in virtual networks are sniffing and spoofing.

Attacks in Cloud
Though cloud has various advantages it also brings risks to technology adopted organizations. Most of the security threat are performed for data and resources over the delivery model and deployment model as shown in Table 1. Compared to public cloud, private cloud achieves much high security level. As the utilization of cloud data increases every day various types of attacks are increases to know the information of other user. Generally, threat is referred as a potential attack which is performed to access the user information or resources, in contrast vulnerability is referred as flaws in a system which allows the attacker to perform action over the system successfully. Some of the important attacks in cloud data is briefed as follows.
Cross site scripting XSS attacks [43] is performed in client side through some malicious scripts which is introduced by the attacker through website or application. XSS is the most familiar web application vulnerability utilizes the un-valid or un-encoded user input to generate an output. This results into projection of unrelated webpages to the user input. Also, the intruder uses a string along with website as victim browser to access control over the user. Around 84% of security vulnerabilities [44] are carried out by cross site scripting as per the Symantec survey. Cross site scripting is classified into two types such as persistent and non-persistent [45]. In persistent type, the attacker saves the data permanently in the server and displayed it as a normal page to other users. In case of non-persistent, they are provided to the user as commonly as HTTP query parameter which is used in server-side scripts to display the results without sanitizing the user request.
Malware injection attack [46] in cloud computing performed by attacker in virtual machine or implemented application. These types of attacks result into data modification, blocking and changes in its functionalities. Intruder creates an implementation model [47] and included in the cloud network and cracks the VM. Once the action is completed successfully, the system automatically redirects the user requests to malicious system and the codes are executed. This leads into serious security issue in cloud.
SQL injection attack [48] is common in cloud. In this attacker insert some malicious code into standard code to gain access over the database and sensitive information. Since the attacker query is similar to user query and the website allows the user to access the SQL server. This helps the intruder to know the functionalities of website and they could change it as per their requirement [49]. To check the SQL injection attacks in cloud various filtering methods are available to filter the user input, prevention methods to avoid the execution of intruder generated SQL codes. In some research models proxy-based architecture is used to prevent SQL injection attack and detects the user inputs for suspected SQL control sequence [50]. Web based intrusion detection systems are used to differentiate authentic events arising in the cloud from the prohibited ones [51]. With low false alarm rate and high detection rate, intrusion detection systems detect harmful codes in cloud computing.
Another popular attack in cloud is Man in the middle attack [52], where the intruder tries to intrude in between the communication and injects false information and obtains the important information from the communication. Cloud requires strong encryption technology to prevent this attack and dSniff [53], CAIN [54], ETTERCAP, AIRJACK etc., are some of the technologies available.
Denial of service [55], [56] is an attack which makes the user not to avail the resource on demand. The request is untrusted temporarily or indefinitely interrupted by the intruder and suspend the service to the user. There are two types of attacks in denial of service such as crash services and flood services. Distributed denial of service [57] is performed the same over thousands of IP addresses. In order to induce denial of service attack multiple systems are targeted in cloud and corrupted in distributed denial of service. The target of DDoS is to attack servers like banks, payment gateways, etc., which can take inefficiencies in web application and it is difficult to identify over the network layer. Various protection measures like cloud based and proxy-based solutions are introduced to reduce the attack intensity [58] by including HTTPD, MySQL server etc., Permanent denial of service is another type of attack that damages the system which requires reinstallation or replacement of hardware [59]. Permanent denial of service accesses the remote administration over the interface of user hardware and other networking elements and modify the firmware with corrupted image and makes the device unusable until it is replaced or repaired. Buffer overflow attack [60] occurs in cloud if the data is stored beyond its capacity. Generally, a portion of adjacent memory is used to store various types of data and lack of validation of data results into excess data overflow or data overwriting. This makes the system into more vulnerable to attacks and it allows the intruders to deploy the necessary programs [61] which leads into damage. Successful overflow vulnerability leads into changes into memory variable and gains full control of host.
Insecure application programming interface [62] in cloud target to breach a network. Programming interface are provided to users by service providers to manage the data in cloud. Attackers act as common door in application and access the system externally and take over the information. This happens in cloud due to poor authentication and encryption systems. Initially the logs from the application are collected then it can be used to integrate with database to find the necessary resources.
As shown in Table 2, Malicious insider [63] refers to a person or business partner authorized to access data using his privileges. It is not known to the network firewalls and other detection system due to authorized access. Compared to other data breaches, malicious insider causes more security damage and it could affect large number of users. There are two types of threats in insider attack [64] such as inside the cloud service provider and threats from outsourced cloud. If the intruder is working for the service provider and causes damage to security of user data, the impacts could not be measured. It creates much counter issues over service provider and client side. If a part of cloud is outsourced [65] and data breach will occur in the cloud due to insider this threat is outsourced threat. Based on client or service provider side using suitable intrusion detection system the risks in malicious insider attack could be reduced in cloud. Invocation of inadequate disaster recovery or business continuity processes

Cloud Authentication Attacks
Authentication is the process which confirms the identity of the user credentials. If the user needs to access information authentication is the first step to prove the right access to resource. In cloud similar procedure is followed, the user has to establish the connection through his credentials to access the cloud resource [66]. Based on the facts in cloud, some of the important authentication attacks are listed as follows. •

Encryption and Authentication in cloud security
Even though cloud adopting cloud has various advantages still it has some barriers in its security issues. Some of the significant issues and technologies which are related to cloud privacy and compliance issues are discusses in this section. Some of the existing technologies are listed as follows. Trust based security [73] assessment model for IaaS is considered as reference model for various security and cloud assessment models. Cloud trust estimates the security metrics in terms of confidentiality and integrity of the cloud service provider and computing systems. To assess the security level of multitenant architectures [74] and probability of high value data, a minimal security control is used in cloud trust. This security architecture protects the virtual machines and strengthens the cloud service providers. Also, it reduces the cloud network monitoring and live VMs discovery. The issues identified in IaaS platform using optimized fair pricing scheme are, the profit is often denied mutually between the service providers and users [75]. Also, the maintenance cost is high. Later biometric encryption is introduced to improve the cloud security. But the issue in biometric encryption is in its data as it requires a separate processing and storage units to process the functionalities. Signature based models are evaluated to reduce the central authority and trusted setup environment. Using large class of predicates and standard assumptions the access the provided to the user. The limitation of the signature-based model is present in its computational overhead. Though cloud service providers tried to reduce the computations through outsourcing [76] which leads into untrusted sign in problems.
Multi-factor authentication [77] is used to validate the user in two or more approaches. Generally, two stage authentications are preferred. The first stage consists of user password and the second stage has hybrid profile-based authentication which is recommended based on user behaviour. Later authentication models are evolved with intrusion detection system [78] which provides superior security with minimum computation cost to cloud user and service providers. Using single private key, the user can access the resources from multiple servers. The advantage of the ID based authentication model present in its bilinear cryptosystem pairing [79] and key generation. User authentication and key agreement [80] enables the user to authenticate anonymously and provides connection through secure channel between the user and service provider. The user and server may know the information exchanged and the real identities are nor revealed to the senders which improve the security [81]. Mutual authentication system [82] based cloud authenticates the user and server each other using steganography [83] as an encryption method. Using secret key sharing the authentication is performed and it allows the user and the server to keep a part of key with each other. When it is combined it provides a complete security and it provides flexibility to user to change the key whenever it is required.
Various attribute-based encryption methods [84], [85] are involved to improve the cloud security. Using set of descriptive attributes, the user decrypts the information only if the identity is same as specified by the sender. It there is identity overlaps based on set of threshold values the operation is performed. It could be either denial of resource or grant the resource, it depends on the threshold values and it is suitable for typical applications only. Based on the set of user attributes the encryption [86] is further classified into key policy attribute-based encryption and control policy attribute-based encryption. In KP-ABE [87], based on access policy the sender has to encrypt the data associated with cipher text. Once the sender defined the attributes to define the keys it could not be revoked. Using the same attributed and keys the receiver has to authorize the data and decrypt it using matching attributes. The limitation of KP-ABE is its access policy and secret key as the data owner cannot choose the cipher text to decrypt the data and data owner must rely over the sender attributes. Non-monotonic access with secret key is introduced later to improve the security measure which includes positive and negative attributes. The process is more complicated due to its access policies, size of encryption key, cipher text and computation overhead.
Using monotonic access tree structure control policies attribute-based encryption is introduced. It uses generic group model to implement the security which is considered as limitation of CP-ABE [88]. Dual policy ABE is introduced based on KP-ABE and it allows two access control mechanism such as objective attribute to data and subjective attributes for user credentials [89]. Based on decision bilinear Diffie -Hellman [90] exponent the security proof is described in dual policy ABE model. Multi authority attribute-based encryption is evolved to overcome the issues in dual policy model and in which it has central authority to ensure the proper decryption and cipher text. While the hierarchical attribute-based encryption combines the identity-based encryption and CP-ABE to provide access control and high performance over cloud security. Using proxy re-encryption, it effectively revokes the user rights and expresses the access control policy as disjunctive normal form which provides support to cloud data owner, domain owner, data user and storage service.

Machine Learning Algorithms in Cloud Security
Machine learning algorithms [91] are the basic model which performs operations based on their learning behaviour. Machine learning models in cloud computing is used for data mining and classification process. Some of the researchers implemented ML in threat detection and prevention measures [92]. Machine learning computes the results automatically based on experience. Some of the important machine models are Support Vector Machine (SVM) [93], [94], Expectation Maximization, Decision Tree, Naïve Bayes Tree classifier [96], Adaptive Neuro Fuzzy Inference System [97], [98], fuzzy C-means Clustering [99] [100], Linear Regression (LR) [101] and Random Forest (RF) [102], Artificial Neural Network [103], [104] and genetic algorithms [105]. Some of the existing models are reviewed in this section based on cloud security. Support Vector Machine (SVM) is widely used in cloud security since it is insensitive to data dimension and able to produce results with high training rate and decision rate. Due to better learning ability SVM is used as intrusion detection system to improve cloud security [106]. The limitation of SVM model in cloud security present in its limited binary classification process. Though it identifies the attack, SVM model lags in identifying the attack type and consumes more training time. Decision tree-based security models are evolved to handle large data sets. It provides high detection rate compared to SVM due to its inherent characteristics. Tree induction algorithm [107] are used to learn the intrusion patterns and used to classify the network activities over the network data. With feature reduction and combination of decision tree with genetic algorithm [108] provides better performance in reducing the false alarm rate. Decision trees are computationally intensive to build which is considered as the limitation of the model. Bayesian network or classifier is suitable for intrusion detection applications which needs prior knowledge about the data and attack type. Based on the variables of interest Bayesian networks encodes the probabilistic relationships is the added advantage.
Bayesian networks lags in performance while handling continuous features and if the prior knowledge about the data and system is incorrect. Fuzzy based intrusion detection system is proposed in literature [99]. Fuzzy c means clustering is widely used in most of the intrusion detection system in cloud computing [98]. Higher order fuzzy c means algorithm is used to cluster the heterogeneous data and each data object is represented as tensor with its correlation values. Implementing fuzzy model with encryption scheme such as homomorphic encryption [109] improves the security performance. Also, fuzzy clustering is used as [110] conventional privacy protection methods to secure the sensitive information. Using kNN [111] and map reduce model with fuzzy clustering reduces the data dimensionality and reduces the risk. [112] Distributed fuzzy c means clustering algorithm is proposed in the research model to achieve better decision and the security is enhanced over the encrypted data through homomorphic encryption. Implementing virtual nodes over private server helps to detect the intruder attack. The limitation of fuzzy model is its high resource computation. It lags in updating the subsets at runtime which affects the security performance.
Neural network is used in cloud security to find novel and unknown intrusions. Neural network models do not need any expert knowledge in identifying the threats and attacks over the network. Moreover, it is capable of processing noisy, incomplete and limited data it is widely used in various cloud security models. Artificial neural network is widely used in cloud security to detect various types of threats and security breaches. In particular back propagation based supervised learning model [113] is used in various research models. It assesses the network error based on the modified weights. Due to its hidden layer, nonlinear models could be developed which helps to identify the complex relationship between the attributes and classification labels. Later recurrent neural network and deep convolutional neural networks [114] are evolved to classify the tasks along with intrusion detection. Though ANN based IDS models are better, it has some limitations such in its detection precision and accuracy. since the dataset used in training model is small and it is difficult to identify all the properties of attack. Due to this detection accuracy gets reduced and low frequency attacks could not be identified by ANN models. The limitation of neural network is its over fit nature during training and slow training process. Other than this models, expectation maximization, linear regression and random forest models are used to improve cloud security. Other than supervised learning models in cloud security, few research models are evolved based on semi-supervised learning techniques. It eliminates the attacks in side channels and reduces coresistance attack by analysing the cluster and improves the security in cloud.

Optimization Models in Cloud Security
Optimization models to improve cloud security is proven in various research works by implementing suitable intrusion detection system [115]. Initially trusted based environment is used to measure the performance of virtual machine and identifies the threats. Later hybrid optimized cost scheduling models are introduced to obtain the resource identity, so that the resource could be added to private cloud for execution with in the stipulated time [116]. Optimizing the cost of resource allocation in cloud computing is developed to allocate the resource automatically and identifies the attacks in various cloud infrastructure layers [117]. Fast flux swarm network optimization [118] is introduced in cloud to detect the denial-of-service attack. Improving the cloud security is achieved by efficient resource allocation is implemented through resource optimization in IaaS system which works based on two online resource allocation models. Double molecular structure based chemical reaction optimization [119] is introduced to formulate the scheduling process in acyclic graph jobs provided optimal solution to the cloud issues. For data intensive computing environment various algorithms like particle swarm optimization, genetic algorithm, multi-start PSO and multi start genetic algorithm are introduced.
To improve the performance of cloud-based healthcare systems, meta-heuristic algorithms are developed which preserves the patient and helps to improve the communication. Later private proxy re-encryption is introduced along with heuristic models [120] to reduce the computational complexities in cloud which improves the cloud security. Based on hybrid architecture of cloud scheduling [121] applied meta-heuristic-based security aware model is developed to improve the efficiency of the cloud. In few research models optimizing the sampling size of clod data is performed to manage the network which reduces the possibility of vulnerabilities in cloud computing. Self-configuring adaptive framework is introduced to optimize the resource allocation in cloud. Similarly, coevolutionary negotiation algorithm [122] is also implemented in few research models to improve the QoS based on security and resource allocation measures. User side optimization is proposed in research model to improve the service provision to user from service provider. Based on physical layer security in heterogeneous cloud this optimization model improves the cloud user security over attacks. Hadoop [123], Map-reduce [124] and spark [125] based optimization is introduced in cloud to monitor and detect the threats.
Genetic algorithm plays vital role in cloud security and data mining applications of cloud [126]. Various research models are evolved to improve the cloud security using genetic algorithm. Later modification in conventional genetic algorithm is introduced to enhance the performance. Game theoretic based GA [127], [128] is introduced to validate the performance of cloud. Nested genetic algorithm [129] is used in few research models to track and maximize the network reliability and server assignment issues in cloud. To improve the performance of classification model's genetic algorithm and PSO based combination are used in few research models which provides better computing elasticity to cloud and improves the security by detecting the service attacks. Evolutionary PSO based models are familiar to cloud for its adaptive mitigation reaction and intrusion detection performance over threats and vulnerabilities. Later improved PSO models are introduced to improve the detection performance through its linear programming nature.
Machine learning models are better in intrusion detection and optimizing the machine process through various models like particle swarm optimization, ant colony optimization [131], [132] artificial bee colony optimization [133], [134] bat optimization algorithms [135], [136] cuckoo search optimization algorithm [137] are implemented in cloud network to improve the security performance. These optimization models improve the performance of cloud in terms of efficient task scheduling, resource allocation and intrusion detection and prevention. Ant colony-based models are evolved to improve the scheduling performance and security parameters over multiple data handling platforms. For efficient cloud service computation artificial bee colony optimization is used in few research models. Cuckoo search optimization-based models are used in cloud to improve the security coverage over the network. Other than nature inspired models few mathematical models are evolved as multi objective optimization models [139], [140] [141], [142], [143] which performs better in disaster recovery in cloud environment.

Findings from The Survey
Based on the intensive study of existing research works the following points are identified for cloud security is summarized as follows • Rapid development of cloud technology leads into serious network and data security issues. • Protecting user data in cloud is a challenging issue as the resources are shared as multi-tenant process. • It is necessary to design and implement suitable detection system to detect the threats in the network. • Detection of indirect access to user data such as malicious insider attack is a challenging task in cloud. • Most of the access control mechanisms are centralized in nature except attribute-based encryption. • Using encryption in authentication increases the operating cost while performing decryption, key pairing and decryption of cipher text. • The access policies in existing schemes are not supportable to multiple reads, write operations. • Utilization of single key distribution in cloud is difficult to support large number of users. • Development of machine learning techniques for fast threat detection is a challenging task. • The limitation of machine learning algorithms must be reduced in detection and categorization of attacks in cloud.
• Optimization models are better in scheduling and resource allocation performances. • Hybrid optimization models performs better in cloud QoS improvement factors. • Least number of optimization models are evolved in terms of cloud security and intrusion detection system. • Traditional methods could not able to identify and provides solution to security threats completely. So, it is important to develop an efficient system to identify and exterminate the security threats.

Conclusion
This survey paper is prepared to address the various security issues in cloud and the possible solutions through existing techniques such as cryptography, machine learning based intrusion detection and prevention, optimization models in cloud security. The challenging issues are analysed and presented in detail. Based on the survey we infer that optimization-based models are the recent trend in cloud security which handles various challenges. Based on this factor we conclude that optimization models will play a significant role in threat detection and attack prevention in future cloud computing environment.