Biblio

Found 897 results

Filters: Keyword is cloud computing  [Clear All Filters]
2021-08-02
Magdy, Yousra, Kashkoush, Mona S., Azab, Mohamed, Rizk, Mohamed R. M..  2020.  Anonymous blockchain Based Routing For Moving-target Defense Across Federated Clouds. 2020 IEEE 21st International Conference on High Performance Switching and Routing (HPSR). :1—7.
Cloud federation is the evolution of modern cloud computing. It provides better resource-sharing, perfect resource-utilization, and load-balancing. However, the heterogeneity of security policies and configurations between cloud service providers makes it hard for users to totally trust them. Further, the severe impact of modern cloud attacks such as cross-side channels on federated environments is a major roadblock against such evolution. Securing users' capsules (Virtual Machines and containers) against cross-side channel attacks is considered as a big challenge to cloud service providers. Moving-target Defense (MtD) by live capsule migration was introduced as an effective mechanism to overcome such challenge. However, researchers noted that even with MtD, migrated capsules can still be tracked via routing information. In this paper, we propose a novel Blockchain-based routing mechanism to enable trace-resistant Moving-target Defence (BMtD) to enable anonymous live cross-cloud migrations of running capsules in federated cloud environments. Exploiting the Vulnerable, Exposed, Attacked, Recovered (VEAR) model, simulation results demonstrated the effectiveness of BMtD in minimizing viral attack dispersion.
2021-04-27
Niu, S., Chen, L., Liu, W..  2020.  Attribute-Based Keyword Search Encryption Scheme with Verifiable Ciphertext via Blockchains. 2020 IEEE 9th Joint International Information Technology and Artificial Intelligence Conference (ITAIC). 9:849–853.
In order to realize the sharing of data by multiple users on the blockchain, this paper proposes an attribute-based searchable encryption with verifiable ciphertext scheme via blockchain. The scheme uses the public key algorithm to encrypt the keyword, the attribute-based encryption algorithm to encrypt the symmetric key, and the symmetric key to encrypt the file. The keyword index is stored on the blockchain, and the ciphertext of the symmetric key and file are stored on the cloud server. The scheme uses searchable encryption technology to achieve secure search on the blockchain, uses the immutability of the blockchain to ensure the security of the keyword ciphertext, uses verify algorithm guarantees the integrity of the data on the cloud. When the user's attributes need to be changed or the ciphertext access structure is changed, the scheme uses proxy re-encryption technology to implement the user's attribute revocation, and the authority center is responsible for the whole attribute revocation process. The security proof shows that the scheme can achieve ciphertext security, keyword security and anti-collusion. In addition, the numerical results show that the proposed scheme is effective.
2021-05-13
Whaiduzzaman, Md, Oliullah, Khondokar, Mahi, Md. Julkar Nayeen, Barros, Alistair.  2020.  AUASF: An Anonymous Users Authentication Scheme for Fog-IoT Environment. 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1—7.
Authentication is a challenging and emerging issue for Fog-IoT security paradigms. The fog nodes toward large-scale end-users offer various interacted IoT services. The authentication process usually involves expressing users' personal information such as username, email, and password to the Authentication Server (AS). However, users are not intended to express their identities or information over the fog or cloud servers. Hence, we have proposed an Anonymous User Authentication Scheme for Fog-IoT (AUASF) to keep the anonymity existence of the IoT users and detect the intruders. To provide anonymity, the user can send encrypted credentials such as username, email, and mobile number through the Cloud Service Provider (CSP) for registration. IoT user receives the response with a default password and a secret Id from the CSP. After that, the IoT user submits the default password for first-time access to Fog Service Provider (FSP). The FSP assigns a One Time Password (OTP) to each user for further access. The developed scheme is equipped with hash functions, symmetric encryptions, and decryptions for security perceptions across fog that serves better than the existing anonymity schemes.
2021-04-27
Ti, Y., Wu, C., Yu, C., Kuo, S..  2020.  Benchmarking Dynamic Searchable Symmetric Encryption Scheme for Cloud-Internet of Things Applications. IEEE Access. 8:1715–1732.
Recently, the rapid development of Internet of things (IoT) has resulted in the generation of a considerable amount of data, which should be stored. Therefore, it is necessary to develop methods that can easily capture, save, and modify these data. The data generated using IoT contain private information; therefore sufficient security features should be incorporated to ensure that potential attackers cannot access the data. Researchers from various fields are attempting to achieve data security. One of the major challenges is that IoT is a paradigm of how each device in the Internet infrastructure is interconnected to a globally dynamic network. When searching in dynamic cloud-stored data, sensitive data can be easily leaked. IoT data storage and retrieval from untrusted cloud servers should be secure. Searchable symmetric encryption (SSE) is a vital technology in the field of cloud storage. SSE allows users to use keywords to search for data in an untrusted cloud server but the keywords and the data content are concealed from the server. However, an SSE database is seldom used by cloud operators because the data stored on the cloud server is often modified. The server cannot update the data without decryption because the data are encrypted by the user. Therefore, dynamic SSE (DSSE) has been developed in recent years to support the aforementioned requirements. Instead of decrypting the data stored by customers, DSSE adds or deletes encrypted data on the server. A number of DSSE systems based on linked list structures or blind storage (a new primitive) have been proposed. From the perspective of functionality, extensibility, and efficiency, these DSSE systems each have their own advantages and drawbacks. The most crucial aspect of a system that is used in the cloud industry is the trade-off between performance and security. Therefore, we compared the efficiency and security of multiple DSSE systems and identified their shortcomings to develop an improved system.
2021-02-16
Kriaa, S., Papillon, S., Jagadeesan, L., Mendiratta, V..  2020.  Better Safe than Sorry: Modeling Reliability and Security in Replicated SDN Controllers. 2020 16th International Conference on the Design of Reliable Communication Networks DRCN 2020. :1—6.
Software-defined networks (SDN), through their programmability, significantly increase network resilience by enabling dynamic reconfiguration of network topologies in response to faults and potentially malicious attacks detected in real-time. Another key trend in network softwarization is cloud-native software, which, together with SDN, will be an integral part of the core of future 5G networks. In SDN, the control plane forms the "brain" of the software-defined network and is typically implemented as a set of distributed controller replicas to avoid a single point of failure. Distributed consensus algorithms are used to ensure agreement among the replicas on key data even in the presence of faults. Security is also a critical concern in ensuring that attackers cannot compromise the SDN control plane; byzantine fault tolerance algorithms can provide protection against compromised controller replicas. However, while reliability/availability and security form key attributes of resilience, they are typically modeled separately in SDN, without consideration of the potential impacts of their interaction. In this paper we present an initial framework for a model that unifies reliability, availability, and security considerations in distributed consensus. We examine – via simulation of our model – some impacts of the interaction between accidental faults and malicious attacks on SDN and suggest potential mitigations unique to cloud-native software.
2021-04-27
Tsai, W., Chou, T., Chen, J., Ma, Y., Huang, C..  2020.  Blockchain as a Platform for Secure Cloud Computing Services. 2020 22nd International Conference on Advanced Communication Technology (ICACT). :155—158.
Problems related to privacy and cyber-attacks have increased in recent years as a result of the rapid development of cloud computing. This work concerns secure cloud computing services on a blockchain platform, called cloud@blockchain, which benefit from the anonymity and immutability of blockchain. Two functions- anonymous file sharing and inspections to find illegally uploaded files- on cloud@blockchain are designed. On cloud@blockchain, cloud users can access data through smart contracts, and recognize all users within the application layer. The performance of three architectures- a pure blockchain, a hybrid blockchain with cache and a traditional database in accessing data is analyzed. The results reveal the superiority of the hybrid blockchain with the cache over the pure blockchain and the traditional database, which it outperforms by 500% and 53.19%, respectively.
2021-09-07
Fernando, Praveen, Wei, Jin.  2020.  Blockchain-Powered Software Defined Network-Enabled Networking Infrastructure for Cloud Management. 2020 IEEE 17th Annual Consumer Communications Networking Conference (CCNC). :1–6.
Cloud architecture has become a valuable solution for different applications, such as big data analytics, due to its high degree of availability, scalability and strategic value. However, there still remain challenges in managing cloud architecture, in areas such as cloud security. In this paper, we exploit software-defined networking (SDN) and blockchain technologies to secure cloud management platforms from a networking perspective. We develop a blockchain-powered SDN-enabled networking infrastructure in which the integration between blockchain-based security and autonomy management layer and multi-controller SDN networking layer is defined to enhance the integrity of the control and management messages. Furthermore, our proposed networking infrastructure also enables the autonomous bandwidth provisioning to enhance the availability of cloud architecture. In the simulation section, we evaluate the performance of our proposed blockchain-powered SDN-enabled networking infrastructure by considering different scenarios.
2020-12-21
Huang, H., Zhou, S., Lin, J., Zhang, K., Guo, S..  2020.  Bridge the Trustworthiness Gap amongst Multiple Domains: A Practical Blockchain-based Approach. ICC 2020 - 2020 IEEE International Conference on Communications (ICC). :1–6.
In isolated network domains, global trustworthiness (e.g., consistent network view) is critical to the multiple-domain business partners who aim to perform the trusted corporations depending on each isolated network view. However, to achieve such global trustworthiness across distributed network domains is a challenge. This is because when multiple-domain partners are required to exchange their local domain views with each other, it is difficult to ensure the data trustworthiness among them. In addition, the isolated domain view in each partner is prone to be destroyed by malicious falsification attacks. To this end, we propose a blockchain-based approach that can ensure the trustworthiness among multiple-party domains. In this paper, we mainly present the design and implementation of the proposed trustworthiness-protection system. A cloud-based prototype and a local testbed are developed based on Ethereum. Finally, experimental results demonstrate the effectiveness of the proposed prototype and testbed.
2021-03-15
Azahari, A. M., Ahmad, A., Rahayu, S. B., Halip, M. H. Mohamed.  2020.  CheckMyCode: Assignment Submission System with Cloud-Based Java Compiler. 2020 8th International Conference on Information Technology and Multimedia (ICIMU). :343–347.
Learning programming language of Java is a basic part of the Computer Science and Engineering curriculum. Specific Java compiler is a requirement for writing and convert the writing code to executable format. However, some local installed Java compiler is suffering from compatibility, portability and storage space issues. These issues sometimes affect student-learning interest and slow down the learning process. This paper is directed toward the solution for such problems, which offers a new programming assignment submission system with cloud-based Java compiler and is known as CheckMyCode. Leveraging cloud-computing technology in terms of its availability, prevalence and affordability, CheckMyCode implements Java cloud-based programming compiler as a part of the assignment management system. CheckMyCode system is a cloud-based system that allows both main users, which are a lecturer and student to access the system via a browser on PC or smart devices. Modules of submission assignment system with cloud compiler allow lecturer and student to manage Java programming task in one platform. A framework, system module, main user and feature of CheckMyCode are presented. Also, taking into account are the future study/direction and new enhancement of CheckMyCode.
2021-03-01
Raj, C., Khular, L., Raj, G..  2020.  Clustering Based Incident Handling For Anomaly Detection in Cloud Infrastructures. 2020 10th International Conference on Cloud Computing, Data Science Engineering (Confluence). :611–616.
Incident Handling for Cloud Infrastructures focuses on how the clustering based and non-clustering based algorithms can be implemented. Our research focuses in identifying anomalies and suspicious activities that might happen inside a Cloud Infrastructure over available datasets. A brief study has been conducted, where a network statistics dataset the NSL-KDD, has been chosen as the model to be worked upon, such that it can mirror the Cloud Infrastructure and its components. An important aspect of cloud security is to implement anomaly detection mechanisms, in order to monitor the incidents that inhibit the development and the efficiency of the cloud. Several methods have been discovered which help in achieving our present goal, some of these are highlighted as the following; by applying algorithm such as the Local Outlier Factor to cancel the noise created by irrelevant data points, by applying the DBSCAN algorithm which can detect less denser areas in order to identify their cause of clustering, the K-Means algorithm to generate positive and negative clusters to identify the anomalous clusters and by applying the Isolation Forest algorithm in order to implement decision based approach to detect anomalies. The best algorithm would help in finding and fixing the anomalies efficiently and would help us in developing an Incident Handling model for the Cloud.
2021-08-02
Kong, Tong, Wang, Liming, Ma, Duohe, Chen, Kai, Xu, Zhen, Lu, Yijun.  2020.  ConfigRand: A Moving Target Defense Framework against the Shared Kernel Information Leakages for Container-based Cloud. 2020 IEEE 22nd International Conference on High Performance Computing and Communications; IEEE 18th International Conference on Smart City; IEEE 6th International Conference on Data Science and Systems (HPCC/SmartCity/DSS). :794—801.
Lightweight virtualization represented by container technology provides a virtual environment for cloud services with more flexibility and efficiency due to the kernel-sharing property. However, the shared kernel also means that the system isolation mechanisms are incomplete. Attackers can scan the shared system configuration files to explore vulnerabilities for launching attacks. Previous works mainly eliminate the problem by fixing operating systems or using access control policies, but these methods require significant modifications and cannot meet the security needs of individual containers accurately. In this paper, we present ConfigRand, a moving target defense framework to prevent the information leakages due to the shared kernel in the container-based cloud. The ConfigRand deploys deceptive system configurations for each container, bounding the scan of attackers aimed at the shared kernel. In design of ConfigRand, we (1) propose a framework applying the moving target defense philosophy to periodically generate, distribute, and deploy the deceptive system configurations in the container-based cloud; (2) establish a model to formalize these configurations and quantify their heterogeneity; (3) present a configuration movement strategy to evaluate and optimize the variation of configurations. The results show that ConfigRand can effectively prevent the information leakages due to the shared kernel and apply to typical container applications with minimal system modification and performance degradation.
2021-03-22
Kellogg, M., Schäf, M., Tasiran, S., Ernst, M. D..  2020.  Continuous Compliance. 2020 35th IEEE/ACM International Conference on Automated Software Engineering (ASE). :511–523.
Vendors who wish to provide software or services to large corporations and governments must often obtain numerous certificates of compliance. Each certificate asserts that the software satisfies a compliance regime, like SOC or the PCI DSS, to protect the privacy and security of sensitive data. The industry standard for obtaining a compliance certificate is an auditor manually auditing source code. This approach is expensive, error-prone, partial, and prone to regressions. We propose continuous compliance to guarantee that the codebase stays compliant on each code change using lightweight verification tools. Continuous compliance increases assurance and reduces costs. Continuous compliance is applicable to any source-code compliance requirement. To illustrate our approach, we built verification tools for five common audit controls related to data security: cryptographically unsafe algorithms must not be used, keys must be at least 256 bits long, credentials must not be hard-coded into program text, HTTPS must always be used instead of HTTP, and cloud data stores must not be world-readable. We evaluated our approach in three ways. (1) We applied our tools to over 5 million lines of open-source software. (2) We compared our tools to other publicly-available tools for detecting misuses of encryption on a previously-published benchmark, finding that only ours are suitable for continuous compliance. (3) We deployed a continuous compliance process at AWS, a large cloud-services company: we integrated verification tools into the compliance process (including auditors accepting their output as evidence) and ran them on over 68 million lines of code. Our tools and the data for the former two evaluations are publicly available.
2021-04-27
Lekshmi, M. M., Subramanian, N..  2020.  Data Auditing in Cloud Storage using Smart Contract. 2020 Third International Conference on Smart Systems and Inventive Technology (ICSSIT). :999–1002.
In general, Cloud storage is considered as a distributed model. Here, the data is usually stored on remote servers to properly maintain, back up and make it accessible to clients over a network, whenever required. Cloud storage providers keep the data and processes to oversee it on capacity servers based on secure virtualization methods. A security framework is proposed for auditing the cloud data, which makes use of the proposed blockchain technology. This ensures to efficiently maintain the data integrity. The blockchain structure inspects the mutation of operational information and thereby ensures the data security. Usually, the data auditing scheme is widely used in a Third Party Auditor (TPA), which is a centralized entity that the client is forced to trust, even if the credibility is not guaranteed. To avoid the participation of TPA, a decentralised scheme is suggested, where it uses a smart contract for auditing the cloud data. The working of smart contracts is based on blockchain. Ethereum is used to deploy a smart contract thereby eliminating the need of a foreign source in the data auditing process.
2021-08-11
Hossain, Md. Sajjad, Bushra Islam, Fabliha, Ifeanyi Nwakanma, Cosmas, Min Lee, Jae, Kim, Dong-Seong.  2020.  Decentralized Latency-aware Edge Node Grouping with Fault Tolerance for Internet of Battlefield Things. 2020 International Conference on Information and Communication Technology Convergence (ICTC). :420–423.
In this paper, our objective is to focus on the recent trend of military fields where they brought Internet of Things (IoT) to have better impact on the battlefield by improving the effectiveness and this is called Internet of Battlefield Things(IoBT). Due to the requirements of high computing capability and minimum response time with minimum fault tolerance this paper proposed a decentralized IoBT architecture. The proposed method can increase the reliability in the battlefield environment by searching the reliable nodes among all the edge nodes in the environment, and by adding the fault tolerance in the edge nodes will increase the effectiveness of overall battlefield scenario. This suggested fault tolerance approach is worth for decentralized mode to handle the issue of latency requirements and maintaining the task reliability of the battlefield. Our experimental results ensure the effectiveness of the proposed approach as well as enjoy the requirements of latency-aware military field while ensuring the overall reliability of the network.
2021-02-01
Sendhil, R., Amuthan, A..  2020.  A Descriptive Study on Homomorphic Encryption Schemes for Enhancing Security in Fog Computing. 2020 International Conference on Smart Electronics and Communication (ICOSEC). :738–743.
Nowadays, Fog Computing gets more attention due to its characteristics. Fog computing provides more advantages in related to apply with the latest technology. On the other hand, there is an issue about the data security over processing of data. Fog Computing encounters many security challenges like false data injection, violating privacy in edge devices and integrity of data, etc. An encryption scheme called Homomorphic Encryption (HME) technique is used to protect the data from the various security threats. This homomorphic encryption scheme allows doing manipulation over the encrypted data without decrypting it. This scheme can be implemented in many systems with various crypto-algorithms. This homomorphic encryption technique is mainly used to retain the privacy and to process the stored encrypted data on a remote server. This paper addresses the terminologies of Fog Computing, work flow and properties of the homomorphic encryption algorithm, followed by exploring the application of homomorphic encryption in various public key cryptosystems such as RSA and Pailier. It focuses on various homomorphic encryption schemes implemented by various researchers such as Brakerski-Gentry-Vaikuntanathan model, Improved Homomorphic Cryptosystem, Upgraded ElGamal based Algebric homomorphic encryption scheme, In-Direct rapid homomorphic encryption scheme which provides integrity of data.
2021-01-25
ManJiang, D., Kai, C., ZengXi, W., LiPeng, Z..  2020.  Design of a Cloud Storage Security Encryption Algorithm for Power Bidding System. 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). 1:1875–1879.
To solve the problem of poor security and performance caused by traditional encryption algorithm in the cloud data storage of power bidding system, we proposes a hybrid encryption method based on symmetric encryption and asymmetric encryption. In this method, firstly, the plaintext upload file is divided into several blocks according to the proportion, then the large file block is encrypted by symmetrical encryption algorithm AES to ensure the encryption performance, and then the small file block and AES key are encrypted by asymmetric encryption algorithm ECC to ensure the file encryption strength and the security of key transmission. Finally, the ciphertext file is generated and stored in the cloud storage environment to prevent sensitive files Pieces from being stolen and destroyed. The experimental results show that the hybrid encryption method can improve the anti-attack ability of cloud storage files, ensure the security of file storage, and have high efficiency of file upload and download.
2021-02-16
Nandi, S., Phadikar, S., Majumder, K..  2020.  Detection of DDoS Attack and Classification Using a Hybrid Approach. 2020 Third ISEA Conference on Security and Privacy (ISEA-ISAP). :41—47.
In the area of cloud security, detection of DDoS attack is a challenging task such that legitimate users use the cloud resources properly. So in this paper, detection and classification of the attacking packets and normal packets are done by using various machine learning classifiers. We have selected the most relevant features from NSL KDD dataset using five (Information gain, gain ratio, chi-squared, ReliefF, and symmetrical uncertainty) commonly used feature selection methods. Now from the entire selected feature set, the most important features are selected by applying our hybrid feature selection method. Since all the anomalous instances of the dataset do not belong to DDoS category so we have separated only the DDoS packets from the dataset using the selected features. Finally, the dataset has been prepared and named as KDD DDoS dataset by considering the selected DDoS packets and normal packets. This KDD DDoS dataset has been discretized using discretize tool in weka for getting better performance. Finally, this discretize dataset has been applied on some commonly used (Naive Bayes, Bayes Net, Decision Table, J48 and Random Forest) classifiers for determining the detection rate of the classifiers. 10 fold cross validation has been used here for measuring the robustness of the system. To measure the efficiency of our hybrid feature selection method, we have also applied the same set of classifiers on the NSL KDD dataset, where it gives the best anomaly detection rate of 99.72% and average detection rate 98.47% similarly, we have applied the same set of classifiers on NSL DDoS dataset and obtain the average DDoS detection of 99.01% and the best DDoS detection rate of 99.86%. In order to compare the performance of our proposed hybrid method, we have also applied the existing feature selection methods and measured the detection rate using the same set of classifiers. Finally, we have seen that our hybrid approach for detecting the DDoS attack gives the best detection rate compared to some existing methods.
2021-02-23
Kumar, M., Singh, A. K..  2020.  Distributed Intrusion Detection System using Blockchain and Cloud Computing Infrastructure. 2020 4th International Conference on Trends in Electronics and Informatics (ICOEI)(48184). :248—252.
Intrusion Detection System is a well-known term in the domain of Network and Information Security. It's one of the important components of the Network and Information Security infrastructure. Host Intrusion Detection System (HIDS) helps to detect unauthorized use, abnormal and malicious activities on the host, whereas Network Intrusion Detection System (NIDS) helps to detect attacks and intrusion on networks. Various researchers are actively working on different approaches to improving the IDS performance and many improvements have been achieved. However, development in many other technologies and newly emerging techniques always opens the doors of opportunity to add a sharp edge to IDS and to make it more robust and reliable. This paper proposes the development of Distributed Intrusion Detection System (DIDS) using emerging and promising technologies like Blockchain upon a stable platform like cloud infrastructure.
2021-03-04
Mehraj, S., Banday, M. T..  2020.  Establishing a Zero Trust Strategy in Cloud Computing Environment. 2020 International Conference on Computer Communication and Informatics (ICCCI). :1—6.
The increased use of cloud services and its various security and privacy challenges such as identity theft, data breach, data integrity and data confidentiality has made trust management, which is one of the most multifaceted aspect in cloud computing, inevitable. The growing reputation of cloud computing technology makes it immensely important to be acquainted with the meaning of trust in the cloud, as well as identify how the customer and the cloud service providers establish that trust. The traditional trust management mechanisms represent a static trust relationship which falls deficit while meeting up the dynamic requirement of cloud services. In this paper, a conceptual zero trust strategy for the cloud environment has been proposed. The model offers a conceptual typology of perceptions and philosophies for establishing trust in cloud services. Further, importance of trust establishment and challenges of trust in cloud computing have also been explored and discussed.
2021-02-22
Lei, X., Tu, G.-H., Liu, A. X., Xie, T..  2020.  Fast and Secure kNN Query Processing in Cloud Computing. 2020 IEEE Conference on Communications and Network Security (CNS). :1–9.
Advances in sensing and tracking technology lead to the proliferation of location-based services. Location service providers (LSPs) often resort to commercial public clouds to store the tremendous geospatial data and process location-based queries from data users. To protect the privacy of LSP's geospatial data and data user's query location against the untrusted cloud, they are required to be encrypted before sending to the cloud. Nevertheless, it is not easy to design a fast and secure location-based query processing scheme over the encrypted data. In this paper, we propose a Fast and Secure kNN (FSkNN) scheme to support secure k nearest neighbor (k NN) search in cloud computing. We reveal the inherent connection between an Sk NN protocol and a secure range query protocol and further describe how to construct FSkNN based on a secure range query protocol. FSkNN leverages a customized accuracy-assured strategy to ensure the result accuracy and adopts a data structure named random Bloom filter (RBF) to build a secure index for efficiently searching. We formally prove the security of FSkNN under the random oracle model. Our evaluation results show that FSkNN is highly practical.
2021-07-08
Long, Vu Duc, Duong, Ta Nguyen Binh.  2020.  Group Instance: Flexible Co-Location Resistant Virtual Machine Placement in IaaS Clouds. 2020 IEEE 29th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE). :64—69.
This paper proposes and analyzes a new virtual machine (VM) placement technique called Group Instance to deal with co-location attacks in public Infrastructure-as-a-Service (IaaS) clouds. Specifically, Group Instance organizes cloud users into groups with pre-determined sizes set by the cloud provider. Our empirical results obtained via experiments with real-world data sets containing million of VM requests have demonstrated the effectiveness of the new technique. In particular, the advantages of Group Instance are three-fold: 1) it is simple and highly configurable to suit the financial and security needs of cloud providers, 2) it produces better or at least similar performance compared to more complicated, state-of-the-art algorithms in terms of resource utilization and co-location security, and 3) it does not require any modifications to the underlying infrastructures of existing public cloud services.
2021-09-07
Tirupathi, Chittibabu, Hamdaoui, Bechir, Rayes, Ammar.  2020.  HybridCache: AI-Assisted Cloud-RAN Caching with Reduced In-Network Content Redundancy. GLOBECOM 2020 - 2020 IEEE Global Communications Conference. :1–6.
The ever-increasing growth of urban populations coupled with recent mobile data usage trends has led to an unprecedented increase in wireless devices, services and applications, with varying quality of service needs in terms of latency, data rate, and connectivity. To cope with these rising demands and challenges, next-generation wireless networks have resorted to cloud radio access network (Cloud-RAN) technology as a way of reducing latency and network traffic. A concrete example of this is New York City's LinkNYC network infrastructure, which replaces the city's payphones with kiosk-like structures, called Links, to provide fast and free public Wi-Fi access to city users. When enabled with data storage capability, these Links can, for example, play the role of edge cloud devices to allow in-network content caching so that access latency and network traffic are reduced. In this paper, we propose HybridCache, a hybrid proactive and reactive in-network caching scheme that reduces content access latency and network traffic congestion substantially. It does so by first grouping edge cloud devices in clusters to minimize intra-cluster content access latency and then enabling cooperative-proactively and reactively-caching using LSTM-based prediction to minimize in-network content redundancy. Using the LinkNYC network as the backbone infrastructure for evaluation, we show that HybridCache reduces the number of hops that content needs to traverse and increases cache hit rates, thereby reducing both network traffic and content access latency.
2021-04-27
Uthayashangar, S., Abinaya, J., Harshini, V., Jayavardhani, R..  2020.  Image And Text Encrypted Data With Authorized Deduplication In Cloud. 2020 International Conference on System, Computation, Automation and Networking (ICSCAN). :1—5.
In this paper, the role re-encryption is used to avoid the privacy data lekage and also to avoid the deduplication in a secure role re-encryption system(SRRS). And also it checks for the proof of ownership for to identify whether the user is authorized user or not. This is for the efficiency. Role re-encrytion method is to share the access key for the corresponding authorized user for accessing the particular file without the leakage of privacy data. In our project we are using both the avoidance of text and digital images. For example we have the personal images in our mobile, handheld devices, and in the desktop etc., So, as these images have to keep secure and so we are using the encryption for to increase the high security. The text file also important for the users now-a-days. It has to keep secure in a cloud server. Digital images have to be protected over the communication, however generally personal identification details like copies of pan card, Passport, ATM, etc., to store on one's own pc. So, we are protecting the text file and image data for avoiding the duplication in our proposed system.
2021-02-22
Eftimie, S., Moinescu, R., Rǎcuciu, C..  2020.  Insider Threat Detection Using Natural Language Processing and Personality Profiles. 2020 13th International Conference on Communications (COMM). :325–330.
This work represents an interdisciplinary effort to proactively identify insider threats, using natural language processing and personality profiles. Profiles were developed for the relevant insider threat types using the five-factor model of personality and were used in a proof-of-concept detection system. The system employs a third-party cloud service that uses natural language processing to analyze personality profiles based on personal content. In the end, an assessment was made over the feasibility of the system using a public dataset.
2021-03-22
Yogita, Gupta, N. Kumar.  2020.  Integrity Auditing with Attribute based ECMRSA Algorithm for Cloud Data Outsourcing. 2020 3rd International Conference on Intelligent Sustainable Systems (ICISS). :1284–1289.
Cloud computing is a vast area within which large amounts of data are exchanged through cloud services and has fully grown with its on-demand technology. Due to these versatile cloud services, sensitive data will be stored on cloud storage servers and it is also used to dynamically control a number of problems: security, privacy, data privacy, data sharing, and integrity across cloud servers. Moreover, the legitimacy and control of data access should be maintained in this extended environment. So, one of the most important concepts of cryptographic techniques in cloud computing environment is Attribute Based Encryption (ABE). In this research work, data auditing or integrity checking is considered as an area of concern for securing th cloud storage. In data auditing approach, an auditor inspects and verifies the data file integrity without having any knowledge about the content of file and sends the verification report to the data owner. In this research, Elliptical Curve Modified RSA (ECMRSA) is proposed along with Modified MD5 algorithm which is used for attribute-based cloud data integrity verification, in which data user or owner uploads their encrypted data files at cloud data server and send the auditing request to the Third-Party Auditor (TPA) for verification of their data files. The Third-Party Auditor (TPA) challenges the data server for ensuring the integrity of data files on behalf of the data owners. After verification of integrity of data file auditor sends the audit report to the owner. The proposed algorithm integrates the auditing scheme with public key encryption with homomorphic algorithm which generates digital signature or hash values of data files on encrypted files. The result analysis is performed on time complexity by evaluating encryption time, GenProof time and VerifyProof Time and achieved improvement in resolving time complexity as compared to existing techiques.