Alleviating Internal Data Theft Attacks by Decoy Technology in Cloud?

Cloud Computing enables several users to share common computing resources, and to access and store their personal and business information. The accessing includes so many things as well as can keep their private and industrial information. These new thoughts and innovations have pro’s at the same time con’s too. And there is new security challenges has been a raised. The increase in the number of cloud users are from the World Wide Web users means of internet. The users who have prospective valid credentials which contain username and password are treated as insiders. In security perspective, all the remote users are known as attackers. Some active security mechanisms fails to prevent data theft attacks and it should make sure that the remote user is not an attacker. We propose a new approach for securing data in the cloud by using user profiling and provoking decoy technology. When an unauthorized access is assumed and then confirmed using various challenge questions, we initiate a disinformation attack by returning huge amount of decoy information to the attacker. This approach protects against the misuse of the original user data. When a decoy document is loaded into memory, we authenticate whether the document is a decoy document by computing an HMAC based on all the contents of that document.