Multi-defense Framework for Mitigating Man in the Cloud Attack (MitC)

Prabakeran Saravanan*, K. Swarnapriya **, Remina Agnes Priscilla ***
*-***Department of Computer Science & Engineering, K. C. G College of Technology, Chennai, Tamilnadu, India.
Periodicity:June - August'2019


Cloud computing is the technology of forming a network of remote servers hosted on the Internet to manage process and store data. This technology has its own drawback from the security point of view. This research work aims to address the most recent attack called the man in the cloud attack and the possible solution to overcome it. The attack is tried to be defended at multilevel, so that we can protect our system to the at most level. The first level is to notify the user by detecting the phishing sites, through which the malware is sent into the user's system. At the second level, the user's token id is encrypted, so that the switching of credentials can be avoided.


Man in the Cloud (MITC) Attack, Cloud Computing, Switcher, Tokens, Random Forest Algorithm, RSA, IDEA.

How to Cite this Article?

Saravanan, P., Swarnapriya, K., Priscilla, R. A.(2019). Multi-defense Framework for Mitigating Man in the Cloud Attack (MitC), i-manager's Journal on Computer Science, 7(2), 8-18.


[1]. Chennam, K. K., Muddana, L., & Aluvalu, R. K. (2017, May). Performance analysis of various encryption algorithms for usage in multistage encryption for securing data in cloud. In 2017 2nd IEEE International Conference on Recent Trends in Electronics, Information & Communication Technology (RTEICT) (pp. 2030-2033). IEEE.
[2]. Dataaspirant. (2017). The Random Forest Algorithm works in machine learning. Retrieved from machine-learing/
[3]. Github. (n.d). frankosterfeld/qtkeychain: Platform-independent QtAPI for storing passwords securely. Retrieved from feld/ qtkeychain
[4]. Guleria, S., & Vatta, D. S. (2013). To enhance multimedia security in cloud computing environment using crossbreed algorithm. International Journal of Application or Innovation in Engineering and Management (IJAIEM), 2(6), 562-568.
[5]. Imperva, (n.d). Man in the Cloud (MITC) Attack. Retrieved from In_The_Cloud_Attacks.pdf
[6]. Islam, M., & Chowdhury, N. K. (2016). Phishing websites detection using machine learning based classification techniques. In 1st International Conference on Advanced Information and Communication Technology.
[7]. James, J., Sandhya, L., & Thomas, C. (2013, December). Detection of phishing URLs using machine learning techniques. In 2013 International Conference on Control Communication and Computing (ICCC) (pp. 304-309). IEEE.
[8]. Kao, C. H., Dai, J. H., Ko, R., Kuang, Y. T., Lai, C. P., & Mao, C. H. (2016, December). MITC Viz: Visual Analytics for Man-in-the-Cloud Threats Awareness. In 2016 International Computer Symposium (ICS) (pp. 306-311). IEEE.
[9]. Khan, N., & Al-Yasiri, A. (2016). Identifying cloud security threats to strengthen cloud computing adoption framework. Procedia Computer Science, 94, 485-490.
[10]. Liang, X., Shetty, S., Zhang, L., Kamhoua, C., & Kwiat, K. (2017, June). Man In The Cloud (MITC) defender: Sgxbased user credential protection for synchronization applications in cloud computing platform. In 2017 IEEE 10th International Conference on Cloud Computing (CLOUD) (pp. 302-309). IEEE.
[11]. OneConnect. (2017). Prevention of Man in the Cloud (MITC) Attack. Retrieved from
[12]. OwnCloud (2019). The last cloud collaboration platform you'll ever need. Retrieved from https://own
[13]. Ramachandran, M. (2016). Software security requirements management as an emerging cloud computing service. International Journal of Information Management, 36(4), 580-590.
[14]. Saravanan, P., Sethukarasi, T., & Indumathi, V. (2018a). An efficient software defined network based cooperative scheme for mitigation of Distributed Denial of Service (DDoS) Attacks. Journal of Computational and Theoretical Nanoscience, 15(6-7), 2221-2226.
[15]. Saravanan, P., Sethukarasi, T., & Indumathi, V. (2018b). authentic novel trust propagation model with deceptive recommendation penalty scheme for distributed Denial of Service attacks. Journal of Computational and Theoretical Nanoscience, 15(6-7), 2383-2389.
[16]. Saravanan, P., Sethukarasi, T., & Indumathi, V. (2018c). Two level trust propagation model with global weighted index for detecting and mitigating denial of service. TAGA Journal of Graphic Technology, 14, 2491- 2504.
[17]. Saravanan, P., & Sethukarasi, T. (2019). Optimal hop selection based novel trust based DDoS attack removal framework for reliable and secured transmission of data in VANETs. Wireless Personal Communications, 1-29.
[18]. Seahorse. (2005). A gnome encryption interface. Retrieved from
[19]. Shahzad, F. (2014). State-of-the-art survey on cloud computing security challenges, approaches and solutions. Procedia Computer Science, 37, 357-362.
[20]. Singh, A. P., & Pasupuleti, S. K. (2016). Optimized public auditing and data dynamics for data storage security in cloud computing. Procedia Computer Science, 93, 751-759.
[21]. Suguna, M., Anusia, R., Shalinie, S. M., & Deepti, S. (2017, March). Secure identity management in mobile cloud computing. In 2017 International Conference on Nextgen Electronic Technologies: Silicon to Software (ICNETS2) (pp. 42-45). IEEE.
[22]. UCI. (2007). Machine Learning Repository. Retrieved from
[23]. Wang, Q., Wang, C., Ren, K., Lou, W., & Li, J. (2011). Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Transactions on Parallel and Distributed Systems, 22(5), 847-859.
[24]. Zimba, A., Hongsong, C., & Zhaoshun, W. (2016, October). Attack tree analysis of Man in the Cloud attacks on client device synchronization in cloud computing. In 2016 2nd IEEE International Conference on Computer and Communications (ICCC) (pp. 2702-2706). IEEE.
If you have access to this article please login to view the article or kindly login to purchase the article

Purchase Instant Access

Single Article

North Americas,UK,
Middle East,Europe
India Rest of world
Pdf 35 35 200 20
Online 35 35 200 15
Pdf & Online 35 35 400 25

Options for accessing this content:
  • If you would like institutional access to this content, please recommend the title to your librarian.
    Library Recommendation Form
  • If you already have i-manager's user account: Login above and proceed to purchase the article.
  • New Users: Please register, then proceed to purchase the article.