Figure 1:
Figure 2:
Figure 3:
Figure 4:
Figure 5:
Figure 6:
Comparison of proposed CWPP with existing research approaches
| Metric | Existing CWPP-A [24] | Existing CWPP-B [25] | Proposed CWPP framework |
|---|---|---|---|
| Threat detection accuracy (%) | 82.4 | 86.1 | 94.7 |
| False positive rate (%) | 9.5 | 7.8 | 3.2 |
| Average response time (ms) | 620 | 480 | 310 |
| Policy adaptation time (ms) | 750 | 540 | 320 |
| CPU utilization (%) | 42 | 38 | 33 |
| Memory utilization (%) | 48 | 44 | 36 |
Comparative table: Traditional CWPP vs AI-enhanced CWPP vs proposed CWPP
| Feature | Traditional CWPPs | AI-enhanced CWPPs | Proposed CWPP framework |
|---|---|---|---|
| Deployment model | Static, single-cloud | Hybrid/multicloud (limited support) | Fully hybrid and multicloud optimized |
| Threat intelligence | Static signatures, manual updates | Some support for dynamic feeds | Real-time dynamic threat feeds + ML-based anomaly detection |
| Policy enforcement | Rule-based, manually triggered | Semi-automated | Fully adaptive, real-time policy enforcement |
| Cryptographic integration | AES/RSA-based (general) | Not typically integrated | ECC-based HE for secure key management |
| Automation level | Minimal | Moderate | High automation with minimal manual intervention |
| Integration with legacy systems | Poor | Moderate | Seamless integration supported |
| Scalability (multicloud) | Limited | Moderate | Highly scalable with data-aware orchestration |
| False positive management | High | Improved with ML | Reduced significantly via contextual intelligence |
| Test environment | Simulated (CloudSim or similar) | Mostly testbed or emulated | Real-time deployment on AWS and SSD Nodes |
| Evaluation metrics used | Limited (qualitative or basic) | Some quantitative analysis | Comprehensive (detection accuracy, response time, etc.) |
j_ijssis-2026-0012_tab_003
| Term | Explanation |
|---|---|
| CWPP | Cloud Workload Protection Platform; secures workloads, such as VMs, containers, and serverless functions across any cloud. |
| CSPM | Cloud Security Posture Management; identifies misconfigurations and compliance issues in cloud infrastructure. |
| Cloud Workloads | Applications, services, or processes running on cloud infrastructure, often distributed across locations. |
| Orchestration | Automated coordination and management of cloud resources, services, and workloads for efficiency and scalability. |
| Hybrid cloud | A mix of on-premise infrastructure and public/private cloud services, working together seamlessly. |
| Multicloud | Use of multiple cloud service providers to avoid vendor lock-in and enhance flexibility and reliability. |
| Multitenant | A single cloud environment serving multiple customers (tenants) with shared infrastructure but isolated data. |
| Single-tenant | A dedicated cloud environment for one customer, offering better control and data isolation. |
| Zero trust | A security model where no entity is trusted by default, requiring continuous verification of identity and access. |