The Repository @ St. Cloud State

Open Access Knowledge and Scholarship

Date of Award


Culminating Project Type




Degree Name

Information Assurance: M.S.


Information Assurance and Information Systems


Herberger School of Business

First Advisor

Lynn Collen

Second Advisor

Jim Q. Chen

Third Advisor

Akalanka Mailewa

Fourth Advisor

Abdullah Abu Hussein

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.

Keywords and Subject Headings

Artificial Intelligence, Bot, Machine Learning, Phishing, Ransomware, Spyware, Trojans, Virus, Vulnerabilities, Worms


During the COVID-19 pandemic, when most businesses were not equipped for remote work and cloud computing, we saw a significant surge in ransomware attacks. This study aims to utilize machine learning and artificial intelligence to prevent known and unknown malware threats from being exploited by threat actors when developers build and deploy applications to the cloud. This study demonstrated an experimental quantitative research design using Aqua. The experiment's sample is a Docker image. Aqua checked the Docker image for malware, sensitive data, Critical/High vulnerabilities, misconfiguration, and OSS license. The data collection approach is experimental. Our analysis of the experiment demonstrated how unapproved images were prevented from running anywhere in our environment based on known vulnerabilities, embedded secrets, OSS licensing, dynamic threat analysis, and secure image configuration. In addition to the experiment, the forensic data collected in the build and deployment phase are exploitable vulnerability, Critical/High Vulnerability Score, Misconfiguration, Sensitive Data, and Root User (Super User). Since Aqua generates a detailed audit record for every event during risk assessment and runtime, we viewed two events on the Audit page for our experiment. One of the events caused an alert due to two failed controls (Vulnerability Score, Super User), and the other was a successful event meaning that the image is secure to deploy in the production environment. The primary finding for our study is the forensic data associated with the two events on the Audit page in Aqua. In addition, Aqua validated our security controls and runtime policies based on the forensic data with both events on the Audit page. Finally, the study’s conclusions will mitigate the likelihood that organizations will fall victim to ransomware by mitigating and preventing the total damage caused by a malware attack.


First and foremost, I thank Allah (S.W.T.) for showering his blessings throughout my master’s thesis. Second, I want to express my deep gratitude to my thesis supervisor Professor Collen Lynn A., for her continuous support of my master’s study and related research. Most importantly, her patience, motivation, and knowledge guided me throughout the research. To Professor Jim Chen, Abu Hussein Abdullah, and Akalanka, thank you for the positive feedback to ensure I complete my research quickly. Everyone significantly influenced my career achievement and encouraged me to study and grow.

Finally, I am incredibly thankful to my parents for their unconditional love, prayers, and sacrifice. My parents have always encouraged me to be a leader and think for myself. My wife deserves special gratitude for understanding and encouraging me to finish my master’s thesis.