STAP Journal of Security Risk Management

ISSN: 3080-9444 (Online)

Securing Trust: Rule-Based Defense Against On/Off and Collusion Attacks in Cloud Environments

by 

Qais Al-Na’amneh ;

Mahmoud Aljawarneh ;

Ahmad Saleh Alhazaimeh ;

Rahaf Hazaymih ;

Shahid Munir Shah ;

Walid Dhifallah

PDF logoPDF

Published: 2025/12/01

Abstract

The pervasive adoption of cloud computing, underscored by its distributed, multi-tenant characteristics, introduces intricate vulnerabilities concerning trust assurance. Malicious entities increasingly deploy sophisticated stratagems, such as on/off behavioral subterfuge and orchestrated collusion, to subvert conventional trust assessment mechanisms. This manuscript introduces a Hierarchical Rule-Based Trust Orchestration System (HRTOS), a non-learning, deterministically governed architectural framework designed for the proactive identification and mitigation of these insidious threats within federated cloud environments. HRTOS operates through a synergistic ensemble of modules dedicated to multi-vector behavioral fingerprinting, contextual anomaly evaluation, feedback integrity validation, and collusion pattern grammar analysis. The system’s core philosophy emphasizes operational transparency, imposing minimal computational burden while exhibiting acute sensitivity to nuanced deviations from normative interaction patterns. Rigorous simulations employing diverse synthetic user archetypes—spanning consistent integrity, strategic deception, and coordinated malevolence—demonstrate HRTOS’s pronounced capability to accurately discern legitimate activities from complex reputation manipulation endeavors. Conventional trust paradigms, frequently reliant on computationally intensive machine learning or opaque probabilistic models, often falter when confronted by adaptive adversaries exploiting systemic latencies, sparse data conditions, or the inherent ”black-box” nature of such models. HRTOS circumvents these limitations by employing a layered, context-aware rule engine that processes interaction telemetry and feedback metadata in near real-time. Abrupt behavioral transitions are identified via a multi-faceted deviation index; anomalous feedback is systematically de-weighted through source credibility and content plausibility checks; collusive engagements are surfaced by analyzing reciprocity dynamics and group behavioral coherence. Trust state adjudication is effectuated through deterministic rule sets, fostering auditable enforcement and low-latency response. The presented evaluations, encompassing varied attack vectors including sophisticated on/off attacks and multi-entity collusion schemes, affirm the model’s high fidelity in threat differentiation, its negligible false positive incidence, and its inherent interpretability, rendering HRTOS exceptionally suitable for securing dynamic, federated cloud ecosystems where accountability, efficiency, and proactive threat neutralization are paramount.

Keywords

Security of Cloud ComputingMalicious AttacksRule-Based Defense

Securing Trust: Rule-Based Defense Against On/Off and Collusion Attacks in Cloud Environments is licensed under CC BY 4.0CCBY

References

  1. Mona Soleymani, Navid Abapour, Elham Taghizadeh, Safieh Siadat, and Rasoul Karkehabadi. Fuzzy rule-based trust management model for the security of cloud computing. Mathematical problems in engineering, 2021(1): 6629449, 2021.
  2. Rajanpreet Kaur Chahal and Sarbjeet Singh. Fuzzy rule-based expert system for determining trustworthiness of cloud service providers. International Journal of Fuzzy Systems, 19:338–354, 2017.
  3. Poorva Rathi, Himanshu Ahuja, and Kavita Pandey. Rule based trust evaluation using fuzzy logic in cloud computing. In 2017 6th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions)(ICRITO), pages 510–514. IEEE, 2017.
  4. Shweta Loonkar, Neeti Taneja, and N Beemkumar. Fuzzy rule-based trust management for cloud security. In 2024 1st International Conference on Sustainable Computing and Integrated Communication in Changing Landscape of AI (ICSCAI), pages 1–12. IEEE, 2024.
  5. Venkatarama Reddy Kommidi, Srikanth Padakanti, and Vasudev Pendyala. Securing the cloud: A comprehensive analysis of data protection and regulatory compliance in rule-based eligibility systems. Technology (IJRCAIT), 7(2), 2024.
  6. Abhishek Kesarwani and Pabitra Mohan Khilar. Development of trust based access control models using fuzzy logic in cloud computing. Journal of King Saud University-Computer and Information Sciences, 34(5):1958– 1967, 2022.
  7. Md Shihabul Islam, Mustafa Safa Ozdayi, Latifur Khan, and Murat Kantarcioglu. Secure iot data analytics in cloud via intel sgx. In 2020 IEEE 13th international conference on cloud computing (CLOUD), pages 43–52. IEEE, 2020.
  8. C Veena, S Ramalakshmi, V Bhoopathy, Minakshi Dattatraya Bhosale, CG Magadum, and Abirami SK. Effective intrusion detection and classification using fuzzy rule based classifier in cloud environment. In 2022 International Conference on Automation, Computing and Renewable Systems (ICACRS), pages 497–502. IEEE, 2022.
  9. Yuqing Wang and Xiao Yang. Research on enhancing cloud computing network security using artificial intelligence algorithms. arXiv preprint arXiv:2502.17801, 2025.
  10. Sabah M Alturfi, Dena Kadhim Muhsen, Mohammed A Mohammed, Israa T Aziz, and Mustafa Aljshamee. A combination techniques of intrusion prevention and detection for cloud computing. In Journal of Physics: Conference Series, volume 1804, page 012121. IOP Publishing, 2021.
  11. Qais Al-Na’amneh, Ammar Almomani, Ahmad Nasayreh, Khalid MO Nahar, Hasan Gharaibeh, Rabia Emhamed Al Mamlook, and Mohammad Alauthman. Next generation image watermarking via combined dwt-svd technique. In 2024 2nd International Conference on Cyber Resilience (ICCR), pages 1–10. IEEE, 2024.
  12. Ameera S Jaradat, Ahmad Nasayreh, Qais Al-Na’amneh, Hasan Gharaibeh, and Rabia Emhamed Al Mamlook. Genetic optimization techniques for enhancing web attacks classification in machine learning. In 2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech), pages 0130–0136. IEEE, 2023.
  13. Dena Abu Laila, Qais Al-Na’amneh, Mohammad Aljaidi, Ahmad Nawaf Nasayreh, Hasan Gharaibeh, Rabia Al Mamlook, and Mohammed Alshammari. Simulation of routing protocols for jamming attacks in mobile ad-hoc network. In Risk Assessment and Countermeasures for Cybersecurity, pages 235–252. IGI Global, 2024.
  14. Saydul Akbar Murad, Abu Jafar Md Muzahid, Zafril Rizal M Azmi, Md Imdadul Hoque, and Md Kowsher. A review on job scheduling technique in cloud computing and priority rule based intelligent framework. Journal of King Saud University-Computer and Information Sciences, 34(6):2309–2331, 2022.
  15. Hamza Nasir, Azeem Ayaz, Shahzmaan Nizamani, Saima Siraj, Shahid Iqbal, and M Kamran Abid. Cloud computing security via intelligent intrusion detection mechanisms. International Journal of Information Systems and Computer Technologies, 3(1):84–92, 2024.
  16. Sunil Kumar Parisa and Somnath Banerjee. Ai-enabled cloud security solutions: A comparative review of traditional vs. next-generation approaches. International Journal of Statistical Computation and Simulation, 16(1), 2024.
  17. Uma Rani, Surjeet Dalal, and Jugnesh Kumar. Optimizing performance of fuzzy decision support system with multiple parameter dependency for cloud provider evaluation. Int. J. Eng. Technol, 7(1.2):61–65, 2018.
  18. Jomina John and K John Singh. Trust value evaluation of cloud service providers using fuzzy inference based analytical process. Scientific Reports, 14(1):18028, 2024.
  19. Vijay Ramamoorthi. Anomaly detection and automated mitigation for microservices security with ai. Applied Research in Artificial Intelligence and Cloud Computing, 7(6):211–222, 2024.
  20. Monika Mehata. Dynamic zero trust access control: Fortifying security in mobile-cloud environment. Master’s thesis, Youngstown State University, 2025.
  21. Ivan Parkhomenko, Larysa Myrutenko, Roman Ohiievych, and Mykhailo Savonik. Using zero trust principles for detecting authorization attacks in cloud environments. 2024.
  22. Himadri Shekhar Mondal, Md Tariq Hasan, Md Bellal Hossain, Md Ekhlasur Rahaman, and Rabita Hasan. Enhancing secure cloud computing environment by detecting ddos attack using fuzzy logic. In 2017 3rd international conference on electrical information and communication technology (EICT), pages 1–4. IEEE, 2017.
  23. Diwakar Chaudhary, SK Verma, Vijay Mohan Shrimal, Ravikiran Madala, Rashi Baliyan, et al. Ai-based methods to detect and counter cyber threats in cloud environments to strengthen cloud security. In 2024 International Conference on Electrical Electronics and Computing Technologies (ICEECT), volume 1, pages 1–6. IEEE, 2024.
  24. Sudakshina Mandal, Danish Ali Khan, and Sarika Jain. Cloud-based zero trust access control policy: an approach to support work-from-home driven by covid-19 pandemic. new generation computing, 39(3):599–622, 2021.
  25. Somnath Banerjee, Pawan Whig, and Sunil Kumar Parisa. Cybersecurity in multi-cloud environments for retail: An AI-based threat detection and response framework. Transaction on Recent Developments in Industrial IoT, 16 (16), 2024.
  26. Quan Shen and Yanming Shen. Endpoint security reinforcement via integrated zero-trust systems: A collaborative approach. Computers & Security, 136:103537, 2024.
  27. Chirag N Modi and Kamatchi Acha. Virtualization layer security challenges and intrusion detection/prevention systems in cloud computing: a comprehensive review. the Journal of Supercomputing, 73(3):1192–1234, 2017.
  28. Lewis Golightly, Paolo Modesti, Remi Garcia, and Victor Chang. Securing distributed systems: A survey on´ access control techniques for cloud, blockchain, iot and sdn. Cyber Security and Applications, 1:100015, 2023.
  29. Mohammad Amin Hatef, Vahid Shaker, Mohammad Reza Jabbarpour, Jason Jung, and Houman Zarrabi. Hidcc: A hybrid intrusion detection approach in cloud computing. Concurrency and Computation: Practice and Experience, 30(3):e4171, 2018.
  30. Lokesh B Bhajantri and Tabassum Mujawar. A survey of cloud computing security challenges, issues and their countermeasures. In 2019 Third International conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC), pages 376–380. IEEE, 2019.
  31. Naresh Kumar Sehgal, Pramod Chandra P Bhatt, and John M Acken. Future trends in cloud computing. In Cloud computing with security and scalability. concepts and practices, pages 289–317. Springer, 2022.
  32. Omer Aslan, Merve Ozkan-Okay, and Deepti Gupta. Intelligent behavior-based malware detection system on¨ cloud computing environment. IEEE Access, 9:83252–83271, 2021.
  33. Jibu K Samuel, Mahima Thankam Jacob, Melvin Roy, Sayoojya PM, and Anu Rose Joy. Intelligent malware detection system based on behavior analysis in cloud computing environment. In 2023 International Conference on Circuit Power and Computing Technologies (ICCPCT), pages 109–113. IEEE, 2023.
  34. Muzammil Ahmad Khan, Shariq Mahmood Khan, and Siva Kumar Subramaniam. Secured dynamic request scheduling and optimal csp selection for analyzing cloud service performance using intelligent approaches. IEEE Access, 11:140914–140933, 2023.
  35. Mufti Mahmud, M Shamim Kaiser, M Mostafizur Rahman, M Arifur Rahman, Antesar Shabut, Shamim AlMamun, and Amir Hussain. A brain-inspired trust management model to assure security in a cloud based iot framework for neuroscience applications. Cognitive Computation, 10:864–873, 2018.
  36. Matin Chiregi and Nima Jafari Navimipour. A comprehensive study of the trust evaluation mechanisms in the cloud computing. Journal of Service Science Research, 9:1–30, 2017.
  37. M Arunkumar and K Ashok Kumar. Malicious attack detection approach in cloud computing using machine learning techniques. Soft Computing, 26(23):13097–13107, 2022.
  38. Faheem Raza and Nasir Hussain. Ai-infused dspm for cloud security: Machine learning-based anomaly detection solutions. 2023.
  39. Sunil Kumar Parisa, Somnath Banerjee, and Pawan Whig. Ai-driven zero trust security models for retail cloud infrastructure: A next-generation approach. International Journal of Sustainable Development in field of IT, 15 (15), 2023.
  40. Behnam Mohammad Hasani Zade, Najme Mansouri, and Mohammad Masoud Javidi. Saea: A security-aware and energy-aware task scheduling strategy by parallel squirrel search algorithm in cloud environment. Expert Systems with Applications, 176:114915, 2021.
  41. Femi Emmanuel Ayo, Sakinat Oluwabukonla Folorunso, Adebayo A Abayomi-Alli, Adebola Olayinka Adekunle, and Joseph Bamidele Awotunde. Network intrusion detection based on deep learning model optimized with rule-based hybrid feature selection. Information Security Journal: A Global Perspective, 29(6): 267–283, 2020.
  42. Shekha Chenthara, Khandakar Ahmed, Hua Wang, and Frank Whittaker. Security and privacy-preserving challenges of e-health solutions in cloud computing. IEEE access, 7:74361–74382, 2019.
  43. Himanshu Kale, Pravin Nerkar, and Rupesh Hushangabade. Design of model for data security in cloud computing environment.
  44. Charlotte Muller and Niklas Wagner. Machine learning in cloud security: Enhancing anomaly detection and¨ response. Eastern-European Journal of Engineering and Technology, 3(1):42–50, 2024.
  45. S Priya and RS Ponmagal. Trust based reputation framework for data center security in cloud computing environment. In 2023 7th International Conference on Computing Methodologies and Communication (ICCMC), pages 1041–1047. IEEE, 2023.
  46. Roberto F Mercado. Identifying the advantages of zero-trust architecture in the cloud environment. Master’s thesis, Utica University, 2022.
  47. Qais Al-Na’amneh, Mahmoud Aljawarneh, Rahaf Hazaymih, Laith Alzboon, Dena Abu Laila, and Sahel Albawaneh. Trust evaluation enhancing security in the cloud market based on trust framework using metric parameter selection. 2025.
  48. Qais Al-Na’amneh, Mohammad Aljaidi, Ahmad Nasayreh, Hasan Gharaibeh, Al Mamlook, Rabia Emhamed, Ameera S Jaradat, Ayoub Alsarhan, and Ghassan Samara. Journal of intelligent systems: Enhancing IoT device security: Cnn-svm hybrid approach for real-time detection of dos and DDoS attacks. 2024.
  49. Mohammad Aljaidi, Ayoub Alsarhan, Dimah Al-Fraihat, Ahmed Al-Arjan, Bashar Igried, Subhieh M El-Salhi, Muhammad Khalid, and Qais Al-Na’amneh. Cybersecurity threats in the era of ai: Detection of phishing domains through classification rules. In 2023 2nd International Engineering Conference on Electrical, Energy, and Artificial Intelligence (EICEEAI), pages 1–6. IEEE, 2023.
  50. Qais Al-Na’amneh, Mahmoud Aljawarneh, Rahaf Hazaymih, and Rabia Emhamed Al Mamlook. Ethical issues in cyber-security for autonomous vehicles (AV) and automated driving: A comprehensive review. Utilizing AI in Network and Mobile Security for Threat Detection and Prevention, pages 173–196, 2025.
  51. Qais Al-Na’amneh, Mohammad Aljaidi, Hasan Gharaibeh, Ahmad Nasayreh, Rabia Emhamed Al Mamlook, Sattam Almatarneh, Dalia Alzu’bi, and Abla Suliman Husien. Feature selection for robust spoofing detection: A chi-square-based machine learning approach. In 2023 2nd International Engineering Conference on Electrical, Energy, and Artificial Intelligence (EICEEAI), pages 1–7. IEEE, 2023.