A Survey for Cloud Application Programming Interface Security: Threats and Protection br

n the cloud era, cloud Application Programming Interface (API) is the best carrier for servicedelivery, capability replication and data output. However, cloud API increases the exposure and attack surfaceof cloud application while opening up services and data. Through data hijacking, traffic analysis and othertechnologies, attackers can obtain the key resources of the target cloud API, so as to identify the identity andbehavior of users, or even directly cause the paralysis of the underlying system. Currently, there are many typesof attacks against cloud APIs, and their threats and protection methods are different. However, the existingresearches lack a systematic summary for cloud API attack and protection methods. In this paper, a detailsurvey on the threats and protection methods faced by cloud API is conducted. Firstly, the evolution and theclassification of cloud API are analyzed. The vulnerability of cloud API and the importance of cloud APIsecurity research are then discussed. Furthermore, a systematical cloud API security research framework isproposed, which covers six aspects: identity authentication, cloud API Distributed Denial of Service (DDoS)attack protection, replay attack protection, Man-In-The-Middle (MITM) attack protection, injection attackprotection and sensitive data protection. In addition, the necessity of Artificial Intelligence (AI) protection forcloud API is discussed. Finally, the future challenges and development trends of cloud API protection are presented