Intensify Cloud Security and Privacy Against Phishing Attacks

The world of computation has shifted from centralized (client-server, not web-based) to distributed systems during the last three decades. We are now reverting to virtual centralization, i.e., Cloud Computing (CC). The location of data and processes makes all the difference. On the one hand, a person has complete control over the data and operations in their computer. Cloud computing involves a vendor providing service and data upkeep. At the same time, the client or customer is ignorant of where the processes are operating. As a result, the client does not influence it and doesn't have the right to do it. The internet is used as a communication medium for CC. When it comes to data security in cloud computing, the vendor must guarantee service level agreements (SLAs) to persuade the client. Organizations that utilize CC as a service architecture are keen to look into security and confidentiality concerns for their mission-critical and non-sensitive applications. However, because they provide various services such as Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS), ensuring the security of business data in the "Cloud" is challenging. Each service has its own set of security concerns. As a result, the SLA must define several degrees of security and their complexity depending on the benefits for the client to comprehend the security rules in place. Phishing is a social engineering assault frequently used to obtain user information, such as login passwords and credit card details. It happens when an attacker poses as a trustworthy entity and tricks the victim into opening an email, instant message, or text message. In this research paper, the methodology that tries to identify the phishing attack in the Cloud ecosystem has been explored and mentioned to minimize the attacks to increase the Cloud trust level. The approach used here classifies the malicious and non-malicious URLs with an accuracy of 92.89%. The experimental setup and its outcome prove suitable for identifying the fishing attacks in the cloud ecosystem.