Towards Privacy-Aware Causal Inference in Cloud Security: Detecting Hidden Threat Paths in Multi-Cloud Ecosystems

Abstract

The growing adoption of multi-cloud ecosystems has revolutionized the delivery of computing resources, offering flexibility, scalability, and resilience. However, this distributed architecture introduces significant challenges for security monitoring, particularly in detecting stealthy or hidden threat paths that traverse across heterogeneous platforms. Traditional rule-based intrusion detection and anomaly detection frameworks often fail to uncover complex interdependencies across cloud services, leaving organizations vulnerable to advanced persistent threats (APTs). This research proposes a privacy-aware causal inference framework designed to detect hidden threat paths in multi-cloud environments by modeling causal dependencies within anonymized or obfuscated logs. The approach leverages graph-based causal reasoning combined with privacy-preserving techniques to balance security observability with user data confidentiality. Experimental validation conducted using obfuscated CloudTrail and Azure Activity logs demonstrates that the proposed method achieves high detection accuracy while reducing the risk of privacy leakage. Comparative results against conventional anomaly detection methods reveal superior performance in terms of precision, recall, and explainability. The findings highlight the potential of privacy-aware causal inference to transform cloud security by enabling transparent, robust, and accountable threat detection in complex, distributed infrastructures.