Intruder Detection through Pattern Matching and Provenance Driven Data Recovery

Intruder detection and recovering tampered data is challenging enough without the added complexity of the cloud or the forthcoming EU General Data Protection Regulation (GDPR), which will put greater pressure on companies to strengthen their cyber security or potentially face large fines. Intruder breach reporting and forensic analysis needs to drastically improve in order to avoid these potentially catastrophic fines. We conducted a conceptual exploration of intruder detection and data recovery methods. This paper aims to encourage further research for effective cloud security assurance with a focus on increased protection from tough legislation, such as complying with the forthcoming GDPR. We propose a framework which uses pattern matching to identify tampered data, provenance models for data assurance and audit trails to recover original data.