Data leakage happens whenever a system that is designed to be closed to an eavesdropper reveals some information to unauthorized parties. We know that for business purpose, it is necessary to transfer important data among many business partner and between the numbers of employees. But during this transfer of data, information is reach to unauthorized person. So it is very challenging and necessary to find leakage and guilty person responsible for information leakage. In this system we find the person which is responsible for the leakage of text as well as image file. For this we used distributor and agent. Distributor means owner of data and agents means trusted parties to whom we send data. This system finds the insider collusion attack. An insider attack is a malicious threat to an organization that come from people within the organization such as employees, contractor or business associate, who have inside information concerning the organization’s security practices, data and computer system. The main aim of this system is to find data of owner which is leaked and detect agent who leaked data. Here for text data we used kernel based algorithm and for image file we used steganography concept.
This document reviews securing cloud data using fog computing. It proposes using user behavior profiling and decoy technology to detect unauthorized access to cloud data. User behavior profiling models normal patterns of how, when and how much a user accesses cloud data. Deviations from this baseline may signal a masquerade attack. Decoy information like fake documents are generated and can be returned to attackers, confusing them into thinking they have accessed real data when they have not. The document discusses these techniques and compares them to related work on using software decoys and addressing security and legal issues in cloud computing.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
data mining privacy concerns ppt presentationiWriteEssays
Data Mining and privacy Presentation
This is a sample presentation on data mining. The presetation looks at the critical Issues In Data Mining: Privacy, National Security And Personal Liberty Implications Of Data Mining
Privacy-Preserving Updates to Anonymous and Confidential Databaseijdmtaiir
The current trend in the application space towards
systems of loosely coupled and dynamically bound
components that enables just-in-time integration jeopardizes
the security of information that is shared between the broker,
the requester, and the provider at runtime. In particular, new
advances in data mining and knowledge discovery that allow
for the extraction of hidden knowledge in an enormous amount
of data impose new threats on the seamless integration of
information. We consider the problem of building privacy
preserving algorithms for one category of data mining
techniques, association rule mining.Suppose Alice owns a kanonymous database and needs to determine whether her
database, when inserted with a tuple owned by Bob, is still kanonymous. Also, suppose that access to the database is strictly
controlled, because for example data are used for certain
experiments that need to be maintained confidential. Clearly,
allowing Alice to directly read the contents of the tuple breaks
the privacy of Bob (e.g., a patient’s medical record); on the
other hand, the confidentiality of the database managed by
Alice is violated once Bob has access to the contents of the
database. Thus, the problem is to check whether the database
inserted with the tuple is still k-anonymous, without letting
Alice and Bob know the contents of the tuple and the database,
respectively. In this paper, we propose two protocols solving
this problem on suppression-based and generalization-based kanonymous and confidential databases. The protocols rely on
well-known cryptographic assumptions, and we provide
theoretical analyses to proof their soundness and experimental
results to illustrate their efficiency.We have presented two
secure protocols for privately checking whether a kanonymous database retains its anonymity once a new tuple is
being inserted to it. Since the proposed protocols ensure the
updated database remains K-anonymous, the results returned
from a user’s (or a medical researcher’s) query are also kanonymous. Thus, the patient or the data provider’s privacy
cannot be violated from any query. As long as the database is
updated properly using the proposed protocols, the user queries
under our application domain are always privacy-preserving
The document proposes a method to secure data from theft in cloud computing using fog computing. It involves combining user behavior profiling to detect abnormal access and deploying decoy documents. Decoy documents that look like real data are used to confuse attackers if abnormal access is detected. By making it hard to distinguish real data from fakes, this integrated approach aims to increase security of personal and business data stored in the cloud.
This document provides a literature review of cryptography and its role in network security. It begins with an abstract and then discusses early versus modern cryptography. It identifies overall trends in the research, including that cryptography serves as the foundation for most IT security solutions. It reviews both scholarly and non-scholarly literature on the topic. The scholarly literature section discusses research studies on topics like identity management, group key establishment protocols, wireless security, software vulnerability analysis, and chosen ciphertext attacks. The review concludes that continuing research into cryptography is important for preserving electronic data security and privacy.
Honeywords for Password Security and ManagementIRJET Journal
This document summarizes a research paper on using honeywords to improve password security. Honeywords involve storing fake passwords (honeywords) along with users' real passwords in a hashed format. If an attacker steals the hashed password database, they cannot distinguish real passwords from honeywords. Any attempt to login with a honeyword would trigger an alarm. The document discusses how honeywords can detect password database breaches and prevent attackers from impersonating users. It also outlines the objectives of generating realistic honeywords and reducing storage costs compared to previous honeyword approaches.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
This document reviews securing cloud data using fog computing. It proposes using user behavior profiling and decoy technology to detect unauthorized access to cloud data. User behavior profiling models normal patterns of how, when and how much a user accesses cloud data. Deviations from this baseline may signal a masquerade attack. Decoy information like fake documents are generated and can be returned to attackers, confusing them into thinking they have accessed real data when they have not. The document discusses these techniques and compares them to related work on using software decoys and addressing security and legal issues in cloud computing.
International Journal of Computational Engineering Research (IJCER) is dedicated to protecting personal information and will make every reasonable effort to handle collected information appropriately. All information collected, as well as related requests, will be handled as carefully and efficiently as possible in accordance with IJCER standards for integrity and objectivity.
data mining privacy concerns ppt presentationiWriteEssays
Data Mining and privacy Presentation
This is a sample presentation on data mining. The presetation looks at the critical Issues In Data Mining: Privacy, National Security And Personal Liberty Implications Of Data Mining
Privacy-Preserving Updates to Anonymous and Confidential Databaseijdmtaiir
The current trend in the application space towards
systems of loosely coupled and dynamically bound
components that enables just-in-time integration jeopardizes
the security of information that is shared between the broker,
the requester, and the provider at runtime. In particular, new
advances in data mining and knowledge discovery that allow
for the extraction of hidden knowledge in an enormous amount
of data impose new threats on the seamless integration of
information. We consider the problem of building privacy
preserving algorithms for one category of data mining
techniques, association rule mining.Suppose Alice owns a kanonymous database and needs to determine whether her
database, when inserted with a tuple owned by Bob, is still kanonymous. Also, suppose that access to the database is strictly
controlled, because for example data are used for certain
experiments that need to be maintained confidential. Clearly,
allowing Alice to directly read the contents of the tuple breaks
the privacy of Bob (e.g., a patient’s medical record); on the
other hand, the confidentiality of the database managed by
Alice is violated once Bob has access to the contents of the
database. Thus, the problem is to check whether the database
inserted with the tuple is still k-anonymous, without letting
Alice and Bob know the contents of the tuple and the database,
respectively. In this paper, we propose two protocols solving
this problem on suppression-based and generalization-based kanonymous and confidential databases. The protocols rely on
well-known cryptographic assumptions, and we provide
theoretical analyses to proof their soundness and experimental
results to illustrate their efficiency.We have presented two
secure protocols for privately checking whether a kanonymous database retains its anonymity once a new tuple is
being inserted to it. Since the proposed protocols ensure the
updated database remains K-anonymous, the results returned
from a user’s (or a medical researcher’s) query are also kanonymous. Thus, the patient or the data provider’s privacy
cannot be violated from any query. As long as the database is
updated properly using the proposed protocols, the user queries
under our application domain are always privacy-preserving
The document proposes a method to secure data from theft in cloud computing using fog computing. It involves combining user behavior profiling to detect abnormal access and deploying decoy documents. Decoy documents that look like real data are used to confuse attackers if abnormal access is detected. By making it hard to distinguish real data from fakes, this integrated approach aims to increase security of personal and business data stored in the cloud.
This document provides a literature review of cryptography and its role in network security. It begins with an abstract and then discusses early versus modern cryptography. It identifies overall trends in the research, including that cryptography serves as the foundation for most IT security solutions. It reviews both scholarly and non-scholarly literature on the topic. The scholarly literature section discusses research studies on topics like identity management, group key establishment protocols, wireless security, software vulnerability analysis, and chosen ciphertext attacks. The review concludes that continuing research into cryptography is important for preserving electronic data security and privacy.
Honeywords for Password Security and ManagementIRJET Journal
This document summarizes a research paper on using honeywords to improve password security. Honeywords involve storing fake passwords (honeywords) along with users' real passwords in a hashed format. If an attacker steals the hashed password database, they cannot distinguish real passwords from honeywords. Any attempt to login with a honeyword would trigger an alarm. The document discusses how honeywords can detect password database breaches and prevent attackers from impersonating users. It also outlines the objectives of generating realistic honeywords and reducing storage costs compared to previous honeyword approaches.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
This document discusses a novel privacy preservation technique called slicing that partitions data both horizontally and vertically. Slicing preserves better data utility than generalization and can handle high-dimensional data. It applies the mean square contingency algorithm, k-means clustering, and l-diversity to anonymize data. Slicing partitions attributes into columns based on correlation and tuples into buckets to anonymize while preserving correlations between attributes. Experiments show slicing preserves better utility than generalization and prevents attribute disclosure and membership disclosure more effectively than bucketization. However, other works discuss limitations of k-anonymity and how generalization may destroy data mining utility and not prevent attribute disclosure when an adversary has background knowledge.
The document proposes new distributed deduplication systems with higher reliability for secure cloud storage. Data chunks are distributed across multiple cloud servers using a deterministic secret sharing scheme. This improves reliability over traditional deduplication systems that store only one copy of each file. The systems aim to achieve security requirements of data confidentiality and consistency while limiting overhead.
The document discusses security issues and methods for e-commerce, including Pretty Good Privacy (PGP). PGP provides encryption methods for authentication and confidentiality of electronic messages and files. It uses public/private key encryption along with hashing and digital signatures. The document also discusses other methods for e-commerce security including privacy policies, cryptography (symmetric and asymmetric keys), and digital certificates. Secure Socket Layer (SSL) and public key infrastructure help ensure secure transmission of data and authentication of parties engaging in e-commerce transactions over the internet.
Data Mining on Web URL Using Base 64 Encoding to Generate Secure URNIJMTST Journal
This document discusses making digital artifacts on the web immutable and verifiable. It proposes using trusty URIs containing cryptographic hash values to reference digital artifacts. This allows the contents and dependencies of files to be verified independently of file format. The current web lacks mechanisms to enforce immutability and reproducibility of results. The proposed approach uses cryptographic hashes in URIs to make references unambiguous and verifiable, while staying compatible with web standards. It describes implementing this approach through distributed file access, RDF generation and transfer that generates trusty URIs for files and RDF graphs. This allows verification of data integrity and prevents man-in-the-middle attacks.
The document discusses various ways that data mining can be applied for security applications such as intrusion detection, firewall policy management, worm detection, and counter-terrorism surveillance. It describes techniques like anomaly detection, link analysis, classification, and prediction that can help detect cyber attacks, trace malware authors, and predict future threats. It also addresses challenges of working with real-time streaming data from sensors for critical applications.
Control Cloud Data Access Using Attribute-Based Encryptionpaperpublications3
Abstract: Cloud computing is a revolutionary computing paradigm which enables flexible, on-demand and low-cost usage of computing resources. Those advantages, ironically, are the causes of security and privacy problems, which emerge because the data owned by different users are stored in some cloud servers instead of under their own control. To deal with security problems, various schemes based on the Attribute-Based Encryption have been proposed recently. Data access control is an effective way to ensure the data security in the cloud. However, due to data outsourcing and untrusted cloud servers, the data access control becomes a challenging issue in cloud storage systems. Data security is the key concern in the distributed system. Various schemes based on the attribute-based encryption have been proposed to secure the cloud storage. However, most work focuses on the data contents privacy and the access control, while less attention is paid to the privilege control and the identity privacy. In this paper, we present a semianonymous privilege control scheme AnonyControl to address not only the data privacy, but also the user identity privacy in existing access control schemes. AnonyControl decentralizes the central authority to limit the identity leakage and thus achieves semianonymity. Besides, it also generalizes the file access control to the privilege control, by which privileges of all operations on the cloud data can be managed in a fine-grained manner. Subsequently, we present the AnonyControl-F, which fully prevents the identity leakage and achieve the full anonymity. Our security analysis shows that both AnonyControl and AnonyControl-F are secure under the decisional bilinear Diffie–Hellman assumption, and our performance evaluation exhibits the feasibility of our schemes.
Iaetsd enhancement of performance and security in bigdata processingIaetsd Iaetsd
This document discusses enhancing performance and security in big data processing. It proposes collecting sensitive data and encrypting it using proxy re-encryption before storing it in a NoSQL database for increased security. The encrypted data can then be decrypted and accessed by authorized external users. MapReduce is used to filter duplicate data during access.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
This document discusses secure data deduplication techniques in cloud storage. It proposes using convergent encryption to encrypt duplicate data only once while allowing deduplication. Managing the large number of encryption keys is a challenge. The document proposes Dekey, which distributes encryption key shares across multiple servers rather than having users manage keys directly. It also proposes using user behavior profiling and decoy files/information. Profiling a user's normal access patterns can help detect abnormal access, while decoys confuse attackers by providing bogus information if unauthorized access is detected. The combination of these techniques aims to provide strong security against insider and outsider attackers in deduplicated cloud storage systems.
The document discusses how Intel and McAfee have evolved together over the past 5 years since Intel acquired McAfee, looking at what they anticipated at the time compared to what actually occurred such as how the cyber threat landscape has changed and expanded more rapidly than expected, and how their focus has shifted from embedding security in silicon to leveraging it to boost software defenses and address new attack types like those originating from firmware and BIOS. It also examines how different attacker profiles have emerged and expanded in resources and sophistication more than anticipated.
This document proposes a key-aggregate encryption scheme called Input Cumulative Cryptosystem for secure and scalable data sharing in cloud computing. The scheme allows a data owner to generate a constant-size aggregate decryption key that can decrypt multiple ciphertexts. The key has the combined decryption power of all individual secret keys. An intrusion detection system also monitors communication between hosts to only allow data sharing between trusted hosts, improving security. The proposed system aims to address issues with existing approaches that require distributing multiple decryption keys or have fixed hierarchies for access control. It allows flexible delegation of decryption rights for dynamic sets of ciphertexts in cloud storage.
Data Leakage Detection and Security Using Cloud ComputingIJERA Editor
The data owner will store the data in the cloud. Every user must registered in the cloud. Cloud provider must
verify the authorized user. If someone try to access the account, data will get leaked. This leaked data will
present in an unauthorized place (e.g., on the internet or someone’s laptop). In this paper, we propose Division
and Replication of Data in the Cloud for Optimal Performance and Security (DROPS) that collectively
approaches the security and performance issues. In DROPS methodology, we have to select the file and then
store the particular file in the cloud account. In order to provide security we are going to implement DROPS
concepts. Now we divide the file into various fragments based on the threshold value. Each and every fragments
are stored in the node using T-Coloring. After the placement of fragments in node, it is necessary to replicate
each fragments for one time in cloud.
Cloud computing offers a very important approach to achieving lasting strategic advantages by rapidly adapting to complex challenges in IT management and data analytics. This paper discusses the business impact and analytic transformation opportunities of cloud computing. Moreover, it highlights the differences among two cloud architectures—Utility Clouds and Data Clouds—with illustrative examples of how Data Clouds are shaping new advances in Intelligence Analysis.
The document discusses using anonymous identity assignment (AIDA) to preserve privacy and security when sharing data across distributed systems. AIDA allows nodes in a network to be assigned anonymous IDs through a distributed computation, so their real identities are unknown to other nodes. This allows sensitive data to be shared anonymously. The document outlines existing approaches like using a trusted third party and secure multi-party computation, and their limitations. It then proposes using AIDA and secure computations to allow private queries and sharing of complex data while preserving anonymity of nodes. Experimental results show the approach can anonymously store and retrieve patient medical records.
IRJET- An Intrusion Detection and Protection System by using Data Mining ...IRJET Journal
This document proposes an Internal Intrusion Detection and Protection System (IIDPS) to detect insider attacks by analyzing system calls (SCs) using data mining and forensic techniques. The IIDPS creates personal profiles for each user to track their computer usage behaviors over time. When a user logs in, the IIDPS compares their current behaviors to the patterns in their personal profile to determine if they are the legitimate account holder or an unauthorized insider attacker. The IIDPS aims to more accurately authenticate users and detect insider threats compared to existing systems that rely only on usernames and passwords.
Requirement Based Intrusion Detection in Addition to Prevention Via Advanced ...journal ijrtem
An intrusion detection system (IDS) is designed to monitor all inbound and outbound network
activity and identify any suspicious patterns that may indicate a network or system attack from someone
attempting to break into or compromise a system. IDS is considered to be a passive-monitoring system, since the
main function of an IDS product is to warn you of suspicious activity taking place − not prevent them. An IDS
essentially reviews your network traffic and data and will identify probes, attacks, exploits and other
vulnerabilities. IDSs can respond to the suspicious event in one of several ways, which includes displaying an
alert, logging the event or even paging an administrator. In some cases, the IDS may be prompted to reconfigure
the network to reduce the effects of the suspicious intrusion. The proposed protocol called Password Guessing
Resistant Protocol (PGRP), helps in preventing such attacks and provides a pleasant login experience for
legitimate users. PGRP limits the number of login attempts for unknown users. In additional we propose an attack
detector for cloud spoofing that utilizes MAC (Media access Control) and RSS (Received Signal strength) analysis.
Next, we describe how we integrated our attack detector into a real-time indoor localization system, which is also
capable of localizing the positions of the attackers
DLP Systems: Models, Architecture and AlgorithmsLiwei Ren任力偉
DLP is a data security technology that detects and prevents data breach incidents by monitoring data in-use, in-motion and at-rest. It has been widely applied for regulatory compliances, data privacy and intellectual property protection. This talk will introduce basic concepts and security models to describe DLP systems with high level architecture. DLP is an interesting discipline with content inspection techniques supported by sophisticated algorithms. Special investigation will be taken for a few algorithms: document fingerprinting, data record fingerprinting, scalable M-pattern string match and etc..
IRJET- Medical Big Data Protection using Fog Computing and Decoy TechniqueIRJET Journal
This document proposes a system to protect medical big data stored in a healthcare cloud using fog computing and a decoy technique. The system creates a decoy medical big data gallery that is stored in fog computing and appears identical to attackers. The original medical data is encrypted and stored securely in the cloud. When a user accesses the system, their legitimacy is verified using user profiling before they can access the original data. This technique aims to provide full security by redirecting attackers to the decoy data, while legitimate users can access the real encrypted data after authentication. Various algorithms are used like blowfish encryption, LZW compression and authentication protocols to securely implement this system.
Among different online attacks obstructing IT security,
Denial of Service (DoS) and Distributed Denial of Service (DDoS)
are the most devastating attack. It also put the security experts under
enormous pressure recently in finding efficient defiance methods.
DoS attack can be performed variously with diverse codes and tools
and can be launched form different OSI model layers. This paper
describes in details DoS and DDoS attack, and explains how different
types of attacks can be implemented and launched from different OSI
model layers. It provides a better understanding of these increasing
occurrences in order to improve
Secure Medical Data Computation using Virtual_ID Authentication and File Swap...IJASRD Journal
PHR provides users with a great deal in leakage of sensitive information. However, securing the sensitive medical data also brings very serious security problems, especially for the data security which is stored in the medical cloud data. Once the data is leaked to a third party, then the data privacy has become a major problem, mainly such as authentication, availability of data, confidentiality etc., and which is to be taken into consideration very effectively. An authentication scheme based on virtual smartcard using hashing function for medical data is proposed to solve the problem of in which the illegal users access the resources of servers. Here, we also maintain PHR sensitive data in the cloud by using file swapping concept. Once the user access the data. The user data will be swapped into different places by file swapping concept, so the file will be more secured and no one can hack or theft our data.
The amount of data in the world seems increasing and computers make it easy to save the data. Companies offer data storage by providing cloud services and the amount of data being stored in these servers is increasing rapidly. In data mining, the data is stored electronically and the search is automated or at least augmented by computer. As the volume of data increases, inexorably, the proportion of it that people understand decreases alarmingly. This paper presents the data leakage problem arises because the services like Facebook and Google store all your data unencrypted on their servers, making it easy for them, or governments and hackers, to monitor the data.
International Journal of Engineering Research and Development (IJERD)IJERD Editor
The document summarizes a research paper that proposes a privacy-preserving model called BSS Homomorphic Encryption for outsourcing the mining of frequent patterns from large transactional databases. The model aims to encrypt transaction data in a way that protects both individual data items and mined patterns. It works by grouping data items, adding fake transactions, and converting the encrypted database into a matrix format to prevent guessing attacks. Experimental results on a real transactional database show the technique effectively protects privacy while remaining scalable.
This document discusses a novel privacy preservation technique called slicing that partitions data both horizontally and vertically. Slicing preserves better data utility than generalization and can handle high-dimensional data. It applies the mean square contingency algorithm, k-means clustering, and l-diversity to anonymize data. Slicing partitions attributes into columns based on correlation and tuples into buckets to anonymize while preserving correlations between attributes. Experiments show slicing preserves better utility than generalization and prevents attribute disclosure and membership disclosure more effectively than bucketization. However, other works discuss limitations of k-anonymity and how generalization may destroy data mining utility and not prevent attribute disclosure when an adversary has background knowledge.
The document proposes new distributed deduplication systems with higher reliability for secure cloud storage. Data chunks are distributed across multiple cloud servers using a deterministic secret sharing scheme. This improves reliability over traditional deduplication systems that store only one copy of each file. The systems aim to achieve security requirements of data confidentiality and consistency while limiting overhead.
The document discusses security issues and methods for e-commerce, including Pretty Good Privacy (PGP). PGP provides encryption methods for authentication and confidentiality of electronic messages and files. It uses public/private key encryption along with hashing and digital signatures. The document also discusses other methods for e-commerce security including privacy policies, cryptography (symmetric and asymmetric keys), and digital certificates. Secure Socket Layer (SSL) and public key infrastructure help ensure secure transmission of data and authentication of parties engaging in e-commerce transactions over the internet.
Data Mining on Web URL Using Base 64 Encoding to Generate Secure URNIJMTST Journal
This document discusses making digital artifacts on the web immutable and verifiable. It proposes using trusty URIs containing cryptographic hash values to reference digital artifacts. This allows the contents and dependencies of files to be verified independently of file format. The current web lacks mechanisms to enforce immutability and reproducibility of results. The proposed approach uses cryptographic hashes in URIs to make references unambiguous and verifiable, while staying compatible with web standards. It describes implementing this approach through distributed file access, RDF generation and transfer that generates trusty URIs for files and RDF graphs. This allows verification of data integrity and prevents man-in-the-middle attacks.
The document discusses various ways that data mining can be applied for security applications such as intrusion detection, firewall policy management, worm detection, and counter-terrorism surveillance. It describes techniques like anomaly detection, link analysis, classification, and prediction that can help detect cyber attacks, trace malware authors, and predict future threats. It also addresses challenges of working with real-time streaming data from sensors for critical applications.
Control Cloud Data Access Using Attribute-Based Encryptionpaperpublications3
Abstract: Cloud computing is a revolutionary computing paradigm which enables flexible, on-demand and low-cost usage of computing resources. Those advantages, ironically, are the causes of security and privacy problems, which emerge because the data owned by different users are stored in some cloud servers instead of under their own control. To deal with security problems, various schemes based on the Attribute-Based Encryption have been proposed recently. Data access control is an effective way to ensure the data security in the cloud. However, due to data outsourcing and untrusted cloud servers, the data access control becomes a challenging issue in cloud storage systems. Data security is the key concern in the distributed system. Various schemes based on the attribute-based encryption have been proposed to secure the cloud storage. However, most work focuses on the data contents privacy and the access control, while less attention is paid to the privilege control and the identity privacy. In this paper, we present a semianonymous privilege control scheme AnonyControl to address not only the data privacy, but also the user identity privacy in existing access control schemes. AnonyControl decentralizes the central authority to limit the identity leakage and thus achieves semianonymity. Besides, it also generalizes the file access control to the privilege control, by which privileges of all operations on the cloud data can be managed in a fine-grained manner. Subsequently, we present the AnonyControl-F, which fully prevents the identity leakage and achieve the full anonymity. Our security analysis shows that both AnonyControl and AnonyControl-F are secure under the decisional bilinear Diffie–Hellman assumption, and our performance evaluation exhibits the feasibility of our schemes.
Iaetsd enhancement of performance and security in bigdata processingIaetsd Iaetsd
This document discusses enhancing performance and security in big data processing. It proposes collecting sensitive data and encrypting it using proxy re-encryption before storing it in a NoSQL database for increased security. The encrypted data can then be decrypted and accessed by authorized external users. MapReduce is used to filter duplicate data during access.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
This document discusses secure data deduplication techniques in cloud storage. It proposes using convergent encryption to encrypt duplicate data only once while allowing deduplication. Managing the large number of encryption keys is a challenge. The document proposes Dekey, which distributes encryption key shares across multiple servers rather than having users manage keys directly. It also proposes using user behavior profiling and decoy files/information. Profiling a user's normal access patterns can help detect abnormal access, while decoys confuse attackers by providing bogus information if unauthorized access is detected. The combination of these techniques aims to provide strong security against insider and outsider attackers in deduplicated cloud storage systems.
The document discusses how Intel and McAfee have evolved together over the past 5 years since Intel acquired McAfee, looking at what they anticipated at the time compared to what actually occurred such as how the cyber threat landscape has changed and expanded more rapidly than expected, and how their focus has shifted from embedding security in silicon to leveraging it to boost software defenses and address new attack types like those originating from firmware and BIOS. It also examines how different attacker profiles have emerged and expanded in resources and sophistication more than anticipated.
This document proposes a key-aggregate encryption scheme called Input Cumulative Cryptosystem for secure and scalable data sharing in cloud computing. The scheme allows a data owner to generate a constant-size aggregate decryption key that can decrypt multiple ciphertexts. The key has the combined decryption power of all individual secret keys. An intrusion detection system also monitors communication between hosts to only allow data sharing between trusted hosts, improving security. The proposed system aims to address issues with existing approaches that require distributing multiple decryption keys or have fixed hierarchies for access control. It allows flexible delegation of decryption rights for dynamic sets of ciphertexts in cloud storage.
Data Leakage Detection and Security Using Cloud ComputingIJERA Editor
The data owner will store the data in the cloud. Every user must registered in the cloud. Cloud provider must
verify the authorized user. If someone try to access the account, data will get leaked. This leaked data will
present in an unauthorized place (e.g., on the internet or someone’s laptop). In this paper, we propose Division
and Replication of Data in the Cloud for Optimal Performance and Security (DROPS) that collectively
approaches the security and performance issues. In DROPS methodology, we have to select the file and then
store the particular file in the cloud account. In order to provide security we are going to implement DROPS
concepts. Now we divide the file into various fragments based on the threshold value. Each and every fragments
are stored in the node using T-Coloring. After the placement of fragments in node, it is necessary to replicate
each fragments for one time in cloud.
Cloud computing offers a very important approach to achieving lasting strategic advantages by rapidly adapting to complex challenges in IT management and data analytics. This paper discusses the business impact and analytic transformation opportunities of cloud computing. Moreover, it highlights the differences among two cloud architectures—Utility Clouds and Data Clouds—with illustrative examples of how Data Clouds are shaping new advances in Intelligence Analysis.
The document discusses using anonymous identity assignment (AIDA) to preserve privacy and security when sharing data across distributed systems. AIDA allows nodes in a network to be assigned anonymous IDs through a distributed computation, so their real identities are unknown to other nodes. This allows sensitive data to be shared anonymously. The document outlines existing approaches like using a trusted third party and secure multi-party computation, and their limitations. It then proposes using AIDA and secure computations to allow private queries and sharing of complex data while preserving anonymity of nodes. Experimental results show the approach can anonymously store and retrieve patient medical records.
IRJET- An Intrusion Detection and Protection System by using Data Mining ...IRJET Journal
This document proposes an Internal Intrusion Detection and Protection System (IIDPS) to detect insider attacks by analyzing system calls (SCs) using data mining and forensic techniques. The IIDPS creates personal profiles for each user to track their computer usage behaviors over time. When a user logs in, the IIDPS compares their current behaviors to the patterns in their personal profile to determine if they are the legitimate account holder or an unauthorized insider attacker. The IIDPS aims to more accurately authenticate users and detect insider threats compared to existing systems that rely only on usernames and passwords.
Requirement Based Intrusion Detection in Addition to Prevention Via Advanced ...journal ijrtem
An intrusion detection system (IDS) is designed to monitor all inbound and outbound network
activity and identify any suspicious patterns that may indicate a network or system attack from someone
attempting to break into or compromise a system. IDS is considered to be a passive-monitoring system, since the
main function of an IDS product is to warn you of suspicious activity taking place − not prevent them. An IDS
essentially reviews your network traffic and data and will identify probes, attacks, exploits and other
vulnerabilities. IDSs can respond to the suspicious event in one of several ways, which includes displaying an
alert, logging the event or even paging an administrator. In some cases, the IDS may be prompted to reconfigure
the network to reduce the effects of the suspicious intrusion. The proposed protocol called Password Guessing
Resistant Protocol (PGRP), helps in preventing such attacks and provides a pleasant login experience for
legitimate users. PGRP limits the number of login attempts for unknown users. In additional we propose an attack
detector for cloud spoofing that utilizes MAC (Media access Control) and RSS (Received Signal strength) analysis.
Next, we describe how we integrated our attack detector into a real-time indoor localization system, which is also
capable of localizing the positions of the attackers
DLP Systems: Models, Architecture and AlgorithmsLiwei Ren任力偉
DLP is a data security technology that detects and prevents data breach incidents by monitoring data in-use, in-motion and at-rest. It has been widely applied for regulatory compliances, data privacy and intellectual property protection. This talk will introduce basic concepts and security models to describe DLP systems with high level architecture. DLP is an interesting discipline with content inspection techniques supported by sophisticated algorithms. Special investigation will be taken for a few algorithms: document fingerprinting, data record fingerprinting, scalable M-pattern string match and etc..
IRJET- Medical Big Data Protection using Fog Computing and Decoy TechniqueIRJET Journal
This document proposes a system to protect medical big data stored in a healthcare cloud using fog computing and a decoy technique. The system creates a decoy medical big data gallery that is stored in fog computing and appears identical to attackers. The original medical data is encrypted and stored securely in the cloud. When a user accesses the system, their legitimacy is verified using user profiling before they can access the original data. This technique aims to provide full security by redirecting attackers to the decoy data, while legitimate users can access the real encrypted data after authentication. Various algorithms are used like blowfish encryption, LZW compression and authentication protocols to securely implement this system.
Among different online attacks obstructing IT security,
Denial of Service (DoS) and Distributed Denial of Service (DDoS)
are the most devastating attack. It also put the security experts under
enormous pressure recently in finding efficient defiance methods.
DoS attack can be performed variously with diverse codes and tools
and can be launched form different OSI model layers. This paper
describes in details DoS and DDoS attack, and explains how different
types of attacks can be implemented and launched from different OSI
model layers. It provides a better understanding of these increasing
occurrences in order to improve
Secure Medical Data Computation using Virtual_ID Authentication and File Swap...IJASRD Journal
PHR provides users with a great deal in leakage of sensitive information. However, securing the sensitive medical data also brings very serious security problems, especially for the data security which is stored in the medical cloud data. Once the data is leaked to a third party, then the data privacy has become a major problem, mainly such as authentication, availability of data, confidentiality etc., and which is to be taken into consideration very effectively. An authentication scheme based on virtual smartcard using hashing function for medical data is proposed to solve the problem of in which the illegal users access the resources of servers. Here, we also maintain PHR sensitive data in the cloud by using file swapping concept. Once the user access the data. The user data will be swapped into different places by file swapping concept, so the file will be more secured and no one can hack or theft our data.
The amount of data in the world seems increasing and computers make it easy to save the data. Companies offer data storage by providing cloud services and the amount of data being stored in these servers is increasing rapidly. In data mining, the data is stored electronically and the search is automated or at least augmented by computer. As the volume of data increases, inexorably, the proportion of it that people understand decreases alarmingly. This paper presents the data leakage problem arises because the services like Facebook and Google store all your data unencrypted on their servers, making it easy for them, or governments and hackers, to monitor the data.
International Journal of Engineering Research and Development (IJERD)IJERD Editor
The document summarizes a research paper that proposes a privacy-preserving model called BSS Homomorphic Encryption for outsourcing the mining of frequent patterns from large transactional databases. The model aims to encrypt transaction data in a way that protects both individual data items and mined patterns. It works by grouping data items, adding fake transactions, and converting the encrypted database into a matrix format to prevent guessing attacks. Experimental results on a real transactional database show the technique effectively protects privacy while remaining scalable.
Design and Implementation of algorithm for detecting sensitive data leakage i...dbpublications
This document contains summaries of several articles on privacy-preserving detection of sensitive data exposure and data leakage. The summaries discuss how data leakage is an increasing problem, often caused by human error, and describe techniques like using sensitive data digests and fuzzy fingerprints to enable detection of leaks while preserving privacy. The advantage of these methods is they allow data owners to delegate detection to third parties without revealing the sensitive data. The evaluations indicate the methods can accurately detect leaks with few false alarms in different data leakage scenarios.
Fog Computing:The Justifying Insider Data Stealing Attacks in the CloudIJSRD
Cloud computing allows us for share and access our personal and business data. With this technology the communication becomes faster. But when a user share his personal data, he will start worrying about the security. Existing data security paradigms such as encryption have failed in protect data theft attacks, especially those committed by an insider to the cloud service provider. To overcome this problem, We propose a different approach for providing the security for data in the cloud by using offensive decoy technology(ODT). In this Technic we observe data access in the cloud and detect anomalous data access patterns. When unofficial access is found and then verified using challenge questions, we launch a deception attack by returning large amounts of decoy information to the attacker. This protects against the illegal use of the user’s real data. Experiments conducted in a local file setting provide indication that this approach may provide extraordinary levels of user data security in a Cloud environment.
Analysis of personal information security behavior and awareness.docxdaniahendric
Analysis of personal information security behavior and awareness
It's a developing portion of human security that aims at raising awareness concerning the dangers of fast-evolving information forms and emerging threats to the info which focuses on human character. Since threats have developed and information is developing value, attackers have upgraded their abilities and extended to broader intentions. Also, more means of making the attacks have as well developed (Öğütçü, Testik & Chouseinoglou, 2016). The attacks have evolved to circumvent processes and controls. Aggressors have focused and effectively exploited the character of humans to breach relevant infrastructure schemes and corporate networks. Individual who are unaware about the threats may circumvent traditional processes and security controls and cause organization breach. In reply, information security awareness is growing.
The main aim of the concept in the discussion is to enhance awareness to everyone and inform that they can be a victim of the threats and risk any time. Information security consciousness responds to developing cyber-attacks. Most of the time, people assume that security it's all about technical controls (Ki-Aries & Faily, 2017). But the fact is that people are the targets and the character they possess can cause risk or offer countermeasures in response to threats and risks. Awareness metrics are increasing at a high rate to know and amount people threat landscape. The increase also aims at reducing risks associated with organizations and weigh the effectiveness and expense of awareness as the countermeasure.
Most of the organizations don't invest a lot in information security. Few organizations pay attention to security issues. They tend to assume all is well so long as they have a password in their systems. However, this not trust because if an attack occurs, such kind of organization is likely to suffer a lot. Security is an essential plan any organization can adopt to minimize security threats resulting from workers. Awareness plan assists associates to understand that security it's not personal responsibility but everyone's' responsibility. Everyone should be careful when it comes to security because nobody can choose to be a victim, but they only find themselves (Ki-Aries & Faily, 2017). Employees should be accountable for the actions done under their empathies. Security awareness enforces effective means of how business computers can be handled.
A policy developed should give awareness about social media and other types of virus. Workers should be aware of necessary to be followed when using computers. Alternatively, Companies can plan to form interactive sessions for every worker to get to understand more about their security. Such kind of interactive sessions entails consciousness about new risks and measure to overcome them. The program of awareness won't be gainful if no punishment for those who violate rules. Employees who don't adhere to the pr ...
Ijeee 7-11-privacy preserving distributed data mining with anonymous id assig...Kumar Goud
Privacy Preserving Distributed Data Mining with Anonymous ID Assignment
Chikkudu Chandrakanth Bheemari Santhoshkumar Tejavath Charan Singh
M.Tech Scholar(CSE) M.Tech Scholar(CSE) Assistant Professor, Dept of CSE
Sri Indu College of Engg and Tech Sri Indu College of Engg and Tech Sri Indu College of Engg and Tech
Ibrahimpatan, Hyderabad, TS, India Ibrahimpatan, Hyderabad, TS, India Ibrahimpatan, Hyderabad, TS, India
Abstract: This paper builds an algorithm for sharing simple integer data on top of secure sum data mining operation using Newton’s identities and Sturm’s theorem. Algorithm for anonymous sharing of private data among parties is developed. This assignment is anonymous in that the identities received are unknown to the other members of the group. Resistance to collusion among other members is verified in an information theoretic sense when private communication channels are used. This assignment of serial numbers allows more complex data to be shared and has applications to other problems in privacy preserving data mining, collision avoidance in communications and distributed database access. The new algorithms are built on top of a secure sum data mining operation using Newton’s identities and Sturm’s theorem. An algorithm for distributed solution of certain polynomials over finite fields enhances the scalability of the algorithms.
Key words: Cloud, Website, information sharing, DBMS, ID, ODBC, ASP.NET
.
In this era, there are need to secure data in distributed database system. For collaborative data
publishing some anonymization techniques are available such as generalization and bucketization. We consider
the attack can call as “insider attack” by colluding data providers who may use their own records to infer
others records. To protect our database from these types of attacks we used slicing technique for anonymization,
as above techniques are not suitable for high dimensional data. It cause loss of data and also they need clear
separation of quasi identifier and sensitive database. We consider this threat and make several contributions.
First, we introduce a notion of data privacy and used slicing technique which shows that anonymized data
satisfies privacy and security of data which classifies data vertically and horizontally. Second, we present
verification algorithms which prove the security against number of providers of data and insure high utility and
data privacy of anonymized data with efficiency. For experimental result we use the hospital patient datasets
and suggest that our slicing approach achieves better or comparable utility and efficiency than baseline
algorithms while satisfying data security. Our experiment successfully demonstrates the difference between
computation time of encryption algorithm which is used to secure data and our system.
Akamai 2018 Spring state of the Internet security reportYuriy Yuzifovich
This document discusses the importance of collaboration and data sharing in cybersecurity. It argues that no single company has all the data and tools needed to effectively address security threats, and that increased cooperation allows organizations to gain better insights. It highlights examples of collaborative efforts like the Cyber Threat Alliance that enable timely sharing of threat information. The document advocates for moving beyond just tactical sharing to more strategic collaboration that can help disrupt malicious actors by improving protections and coordinating responses to security incidents.
Distributed Data mining using Multi Agent dataIRJET Journal
This document discusses using multi-agent systems to perform distributed data mining. It begins by defining distributed data mining as mining data located across different sites to avoid transferring large volumes of data and address security issues. It then discusses how multi-agent systems can improve distributed data mining by dealing with complex, distributed data systems. Specifically, agents can retrieve relevant data from distributed databases and identify patterns in the observed data. The document focuses on the synergy between multi-agent systems and distributed data mining, with agents working together in a distributed manner to perform classification and other data mining tasks on distributed data sources while preserving data privacy.
This document discusses an approach to automatically detect social engineering attacks using dialog. It proposes using a dynamic Topic Blacklist (TBL) to verify discussion topics in dialog between an attacker and potential victim. Each line of text is checked against the TBL using natural language processing and machine learning. If a forbidden topic is detected, a warning is generated. The TBL is populated from common security requirements and policies. The approach analyzes language to detect attacks, including incorrect grammar. It is applicable to any attack vector using only dialog text.
Automatic Detection of Social Engineering Attacks Using Dialogiosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Alert Logic Cloud Security Report analyze a year of security data to find insights to better help defend against latest threats.
Three interesting things found in the report are:
1. Differences between threats in the cloud and in traditional infrastructure
2. what makes a company more vulnerable to attacks
3. why having a good understanding of the Cyber Kill Chain could help take a preventative approach to cloud security
The document describes a privacy-preserving method for detecting inadvertent leaks of sensitive data in network traffic. The method allows an organization to outsource detection to a provider without revealing the actual sensitive data. It involves the organization computing digests of the sensitive data and sharing a sample with the provider. The provider searches traffic for matches and returns potential leaks. The organization then determines if any are true leaks, protecting the privacy of the sensitive data from the provider. The method was implemented and evaluated on real datasets, showing accurate detection while preserving privacy.
This document summarizes various soft computing techniques that can be used for intrusion detection, including fuzzy logic, graph-based approaches, and neural networks. Fuzzy logic can be used to classify parameters and detect anomalies by comparing normal and new fuzzy association rule sets. Graph-based approaches model network traffic as graphs of nodes and edges and use clustering algorithms to detect anomalies. Neural networks can be trained on audit log data to recognize normal behavior and detect deviations that may indicate attacks. These soft computing methods aim to improve on signature-based detection by learning patterns of normal network activity and detecting anomalies.
Requirement Based Intrusion Detection in Addition to Prevention Via Advanced ...IJRTEMJOURNAL
An intrusion detection system (IDS) is designed to monitor all inbound and outbound network
activity and identify any suspicious patterns that may indicate a network or system attack from someone
attempting to break into or compromise a system. IDS is considered to be a passive-monitoring system, since the
main function of an IDS product is to warn you of suspicious activity taking place − not prevent them. An IDS
essentially reviews your network traffic and data and will identify probes, attacks, exploits and other
vulnerabilities. IDSs can respond to the suspicious event in one of several ways, which includes displaying an
alert, logging the event or even paging an administrator. In some cases, the IDS may be prompted to reconfigure
the network to reduce the effects of the suspicious intrusion. The proposed protocol called Password Guessing
Resistant Protocol (PGRP), helps in preventing such attacks and provides a pleasant login experience for
legitimate users. PGRP limits the number of login attempts for unknown users. In additional we propose an attack
detector for cloud spoofing that utilizes MAC (Media access Control) and RSS (Received Signal strength) analysis.
Next, we describe how we integrated our attack detector into a real-time indoor localization system, which is also
capable of localizing the positions of the attackers.
This document summarizes a research paper on developing a honey pot intrusion detection system. The paper introduces cyber warfare as a growing threat and the need for effective network security. It then describes designing and implementing a honey pot IDS to detect potential threats on a host system by emulating network services and monitoring connections. The IDS would use event correlation, log analysis, alerting and policy enforcement. The document provides background on intrusions, IDS testing methodology, and reasons why only creating secure systems is not enough to prevent all intrusions.
HYBRIDIZED MODEL FOR DATA SECURITY BASED ON SECURITY HASH ANALYSIS (SHA 512) ...IJNSA Journal
High-profile security breaches and attacks on many organization’s database have been on the increase and the consequences of this, are the adverse effect on the organizations in terms of financial loss and reputation. Many of the security breaches has been ascribed to the vulnerability of the organization’s networks, security policy and operations. Additionally, the emerging technology solutions like Internet-ofThings (IoT), Artificial Intelligence, and Cloud Computing, has extremely exposed many of the organizations to different forms of cyber-threats and attacks. Researchers and system designers have made attempts to proffer solution to some of these challenges. However, the efficacy of the techniques remains a great concern due to insufficient control mechanisms. For instance, many of the techniques are majorly based on a single mode encryption techniques which are not too robust to withstand the threats and attacks on organization’s database. To proffer solution to these challenges, the current research designed and integrated a hybridized data security model based on Secured Hash Analysis (SHA 512) and Salting Techniques to enhance the adeptness of the existing techniques. The Hash Analysis algorithm was used to map the data considered to a bit string of a fixed length and salt was added to the password strings essentially to hide its real hash value. The idea of adding salt to the end of the password is basically to complicate the password cracking process. The hybridized model was implemented in Windows environment using python 3.7 IDE platform and tested on a dedicated Local Area Network (LAN) that was exposed to threats from both internal and external sources. The results from the test show that the model performed well in terms of efficiency and robustness to attacks. The performance of the new model recorded a high level of improvement over the existing techniques with a recital of 97.6%.
The possibilities provided by the internet in this day and times is almost limitless, fueled by
presence of global networks and larger operations being performed on a daily basis coupled with
people around the world who enjoy these benefits. However, the internet space is not used for
peaceful reasons as it should be assumed. The growing development in technologies and
substantive upgrade of programming systems has led to frequent cases of attacks by threat actors,
becoming a real problem for large companies.
Hence, therefore, one of the most famous cases in relation to hacking in the world was the
hacking of important information on the eBay database, an online shopping store. The case study
will focus on this attack.
3
response.pdfresponseby Abc AbcSubmission date 14-Ma.docxzmark3
response.pdf
response
by Abc Abc
Submission date: 14-May-2020 05:58AM (UTC-0400)
Submission ID: 1324028097
File name: response.docx (36.28K)
Word count: 355
Character count: 1780
0%
SIMILARITY INDEX
0%
INTERNET SOURCES
0%
PUBLICATIONS
0%
STUDENT PAPERS
Exclude quotes On
Exclude bibliography On
Exclude matches Off
response
ORIGINALITY REPORT
PRIMARY SOURCES
responseby Abc AbcresponseORIGINALITY REPORTPRIMARY SOURCES
response. d.docx
Running Head: RESPONSE
1
RESPONSE 2
Response
Name
Course
Date of Submission
Discussion 1
Hello, it was interesting to read your post. It is indeed true that honeypots are much expensive than the real security system. There exist several issues with honeypots and most of which make 'it hard for individuals to deal with them. One such issue is individuals' lack of familiarity with them, as you have stated in the post. The main objective of designing and using honeypots is for the attackers to make brute attacks on the system without being noticed by the administration. This is the reason why if a single honeypot gets into the system, it can end up being used to compromise the entire host system, as you have stated in your post. As you have stated in your post, a honeypot is highly relied upon when individuals are considering acquiring valuable intelligence from an organization but one that is still not the most sensitive. Some of the questions which arise with the usage of honeypots in such ventures are whether they can be used by forces to help counter-terrorism. In the age of technology, police are using the internet and its filtering capabilities to identify terrorists and how they conduct recruitment (Sharma & Kaul, 2018).
Discussion 2
Hello, it was interesting to read your post; it was informative. From your research, you have identified the primary objective of honeypot being diversion of assassins so as to extract critical information and data about them by following all the moves they make. This objective does not, however, acknowledge whether there are means of injecting honeypots to the assassins and whether they have measures of protecting their systems against such attempts. Honey pots have been noted to be effective at identifying potential assaults, as you have stated in your post. They are, however, not much effective as attacks still occur in their presence and can only identify a single attack at a time, as you have stated in the post.
References
Sharma, S., & Kaul, A. (2018). A survey on Intrusion Detection Systems and Honeypot based proactive security mechanisms in VANETs and VANET Cloud. Vehicular Communications, 12, 138-164.
Discussion 1 :
Top of Form
Network separation is a standard network practice that has security architecture concepts that are implemented to secure the entire system. It uses various approaches such as.
Similar to Collusion Attack: A Kernel-Based Privacy Preserving Techniques in Data Mining (20)
An improved modulation technique suitable for a three level flying capacitor ...IJECEIAES
This research paper introduces an innovative modulation technique for controlling a 3-level flying capacitor multilevel inverter (FCMLI), aiming to streamline the modulation process in contrast to conventional methods. The proposed
simplified modulation technique paves the way for more straightforward and
efficient control of multilevel inverters, enabling their widespread adoption and
integration into modern power electronic systems. Through the amalgamation of
sinusoidal pulse width modulation (SPWM) with a high-frequency square wave
pulse, this controlling technique attains energy equilibrium across the coupling
capacitor. The modulation scheme incorporates a simplified switching pattern
and a decreased count of voltage references, thereby simplifying the control
algorithm.
artificial intelligence and data science contents.pptxGauravCar
What is artificial intelligence? Artificial intelligence is the ability of a computer or computer-controlled robot to perform tasks that are commonly associated with the intellectual processes characteristic of humans, such as the ability to reason.
› ...
Artificial intelligence (AI) | Definitio
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...IJECEIAES
Climate change's impact on the planet forced the United Nations and governments to promote green energies and electric transportation. The deployments of photovoltaic (PV) and electric vehicle (EV) systems gained stronger momentum due to their numerous advantages over fossil fuel types. The advantages go beyond sustainability to reach financial support and stability. The work in this paper introduces the hybrid system between PV and EV to support industrial and commercial plants. This paper covers the theoretical framework of the proposed hybrid system including the required equation to complete the cost analysis when PV and EV are present. In addition, the proposed design diagram which sets the priorities and requirements of the system is presented. The proposed approach allows setup to advance their power stability, especially during power outages. The presented information supports researchers and plant owners to complete the necessary analysis while promoting the deployment of clean energy. The result of a case study that represents a dairy milk farmer supports the theoretical works and highlights its advanced benefits to existing plants. The short return on investment of the proposed approach supports the paper's novelty approach for the sustainable electrical system. In addition, the proposed system allows for an isolated power setup without the need for a transmission line which enhances the safety of the electrical network
Applications of artificial Intelligence in Mechanical Engineering.pdfAtif Razi
Historically, mechanical engineering has relied heavily on human expertise and empirical methods to solve complex problems. With the introduction of computer-aided design (CAD) and finite element analysis (FEA), the field took its first steps towards digitization. These tools allowed engineers to simulate and analyze mechanical systems with greater accuracy and efficiency. However, the sheer volume of data generated by modern engineering systems and the increasing complexity of these systems have necessitated more advanced analytical tools, paving the way for AI.
AI offers the capability to process vast amounts of data, identify patterns, and make predictions with a level of speed and accuracy unattainable by traditional methods. This has profound implications for mechanical engineering, enabling more efficient design processes, predictive maintenance strategies, and optimized manufacturing operations. AI-driven tools can learn from historical data, adapt to new information, and continuously improve their performance, making them invaluable in tackling the multifaceted challenges of modern mechanical engineering.
Design and optimization of ion propulsion dronebjmsejournal
Electric propulsion technology is widely used in many kinds of vehicles in recent years, and aircrafts are no exception. Technically, UAVs are electrically propelled but tend to produce a significant amount of noise and vibrations. Ion propulsion technology for drones is a potential solution to this problem. Ion propulsion technology is proven to be feasible in the earth’s atmosphere. The study presented in this article shows the design of EHD thrusters and power supply for ion propulsion drones along with performance optimization of high-voltage power supply for endurance in earth’s atmosphere.
Mechanical Engineering on AAI Summer Training Report-003.pdf
Collusion Attack: A Kernel-Based Privacy Preserving Techniques in Data Mining
1. IDL - International Digital Library Of
Technology & Research
Volume 1, Issue 5, May 2017 Available at: www.dbpublications.org
International e-Journal For Technology And Research-2017
IDL - International Digital Library 1 | P a g e Copyright@IDL-2017
Collusion Attack: A Kernel-Based Privacy
Preserving Techniques in Data Mining
Ms. HAMSA V NAYAK 1
, Dr. K THIPPESWAMY 2
Dept. of Computer Science and Engineering
1. M-Tech, Student - VTU PG Center, Mysuru, India
2. Guide & HOD - VTU PG Center, Mysuru, India
ABSTRACT- - Data leakage happens whenever a
system that is designed to be closed to an
eavesdropper reveals some information to
unauthorized parties. We know that for business
purpose, it is necessary to transfer important data
among many business partner and between the
numbers of employees. But during this transfer of
data, information is reach to unauthorized person. So it
is very challenging and necessary to find leakage and
guilty person responsible for information leakage. In
this system we find the person which is responsible for
the leakage of text as well as image file. For this we
used distributor and agent. Distributor means owner of
data and agents means trusted parties to whom we
send data. This system finds the insider collusion
attack. An insider attack is a malicious threat to an
organization that come from people within the
organization such as employees, contractor or business
associate, who have inside information concerning the
organization’s security practices, data and computer
system. The main aim of this system is to find data of
owner which is leaked and detect agent who leaked
data. Here for text data we used kernel based
algorithm and for image file we used steganography
concept.
Index Terms — Privacy preserving data mining,
insider attack, data hiding, kernel.
1. INTRODUCTION The research shows that 33
percent of information security attacks originate from
internal employee mean from the insider. Here insider
means the person working in the organization. Now,
problem of data breaching is one of the rapidly
increase type of attack. Data breach is an incident in
which sensitive, protected or confidential data has
potentially been viewed, stolen or used by an
individual unauthorized person. In proposed system
we find the attacker who carried out attack on text data
file as well as image file. Here we take excel and
access file for text data and jpeg format for image file.
To find guilty person here we used fake object, means
distributor add fake data in the original data before
distributed to agent. According to this fake data we
find guilty person. In text file we generate fake data by
using automatic fake data generator. To generate fake
data we used kernel based algorithm and for image file
we used steganography concept. Here we add fake
data behind the image therefore agent cannot see the
fake data they only see the image. Data-breaching
problems related to insider attacks are one of the
fastest growing attack types. According to the ‘2015
Verizon Data Breach Investigations Report,’’ attacks
from ‘‘insider misuse’’ have risen significantly, from
8% in 2013 to 20.6% in 2015. This near-triple rate of
increase is astonishing when one considers that this
rise has taken place over a span of only two years. As
a result of this rapid increase, insider attacks are now
among the top three types of data breaches. Insider
2. IDL - International Digital Library Of
Technology & Research
Volume 1, Issue 5, May 2017 Available at: www.dbpublications.org
International e-Journal For Technology And Research-2017
IDL - International Digital Library 2 | P a g e Copyright@IDL-2017
attacks arise not from system security errors but from
staff inside the company’s enterprise data security
circles. Thus, insider attacks, because of this lack of
technical barriers, are simple to carry out successfully.
For example, in a single 10-minute phone call to an
enterprise chain store, a nontechnical employee can
provide enough data to a potential attacker for that
attacker to execute a virtual attack—or worse—an
impersonation. One call is all it takes for the system to
crumble. A company may spend huge sums of hard-
earned capital to find technical olutions to protect its
perimeter yet still find it difficult to prevent an insider
attack. Many data mining applications store huge
amounts of personal information; therefore, extensive
research has primarily focused on dealing with
potential privacy breaches. One prime area of research
in preserving privacy is the Support Vector Machine
(SVM). SVM is a very popular data mining
methodology used mainly with the kernel trick to map
data into a higher dimensional feature space as well as
maintain archives with better mining precision results.
With privacy protection in mind, Vaidya et al.
provided a state-of-the-art privacy-preserving
distributed SVM scheme to securely merge kernels.
Their proposal encoded and hid the kernel values in a
noisy mixture during transmission such that the
original data cannot be recovered even if these
distributed organizations colluded. To the best of our
knowledge, no prior work has considered a robust
pragmatic model in which ‘‘insiders within
organizations’’ collude with outsiders. Such a
pragmatic model considers the insider as the key
player in sharing data with an attacker, who can then
recover the original data from the intermediary kernel
values of the SVM model. This attack is more realistic
because the attacker needs only to obtain a few data
entries rather than the entire database from an
organization to successfully recover the rest of the
private data. A comparison between our proposed
insider collusion attack model and the present models
in the privacy preserving DKBDM area is shown in
Fig. 1.
FIGURE 1. Different attack models in DKBDM
areas.
In Fig. 1, a central cloud/transmission server and three
participant organizations (represented by squares)
cooperate with each other (represented by dashed
double-headed arrows) to perform data mining. The
black squares denote the malicious attackers, which
collude (represented by the wide solid double-headed
arrows) to deduce the private data kept by the other
participants. Fig. 1 (a) shows some organizations
colluding with each other; Fig. 1 (b) implies a
malicious cloud colluding with some participant
organizations; and Fig. 1 (c) denotes the malicious
cloud colluding with insiders within organizations
(insiders own only part of the data). Fig. 1 (c) is our
proposed attack model. In this work, we first present a
situational attack based on insider knowledge as an
illustrative example. We then proceed to analyze the
minimum amount of data required to launch an insider
attack. The minimum number is then given a degree of
capacity that characterizes a potential attacker. Finally,
we describe several privacy-preserving schemes to
deal with the above-mentioned attacks.
2. RELATED WORK
Researchers whose focus is on security breaches have
long considered insider threats as serious concerns that
need to be curtailed. However, the approach through
which this limitation ought to be implemented varies
by institution. Some important examples of insider
threat schemes are mentioned by Claycomb and Nicoll
and include the following two cases:
(1) Administrators of a rogue cloud service provider.
3. IDL - International Digital Library Of
Technology & Research
Volume 1, Issue 5, May 2017 Available at: www.dbpublications.org
International e-Journal For Technology And Research-2017
IDL - International Digital Library 3 | P a g e Copyright@IDL-2017
(2) Employees in victims’ organizations who exploit
cloud weaknesses for unauthorized data access.
The first type of insider threat (1) has been addressed
most extensively by research. The other case (2),
which deals with an organizational insider who
exploits vulnerabilities through cloud services to gain
unauthorized access to organization systems and data,
is the target we seek to tackle in this study.Some
research articles such as those of Lin and Chen
propose a random transformation scheme to preserve
privacy. The process works by outsourcing the SVM
training, thereby ensuring a lack of disclosure to the
service provider of the actual content within the
database. This privacy-preserving outsourcing method
helps protect against the first type of insider threat
model mentioned above (1). Other articles such as
those by Goryczka et al. propose an ‘‘m-privacy’’
technique, which deals with the so-called ‘‘m-
adversary’’ insider attack. This attack is carried out by
an outsider who colludes with m data providers
(insiders), allowing inferences about other pieces of
information from k-anonymized data. However, their
method is limited to and works only for the k-
anonymity privacy model. The k-anonymity privacy
model is a privacy-preserving data publishing scheme
that works to reduce the granularity of data
representation such that any given record becomes
indistinguishable by mapping it to a number of records
(‘k’) in the data. The ‘‘m-privacy’’ approach is
orthogonal to our proposed method. Our method is a
secure multiparty computation (SMC) scheme for
distributed data mining. In this type of method,
different parties cooperatively train the model for data
mining tasks without revealing the actual data to each
other. A distinction between prior work in this area
and that of our model is that their insider collusion
attack models are defined either as collusion between
collaborative organizations or collusion between the
cloud and participant organizations, as shown in Fig. 1
(a) (b), while our model considers insiders within
organizations as the key contributors for collusion
with outsiders, as shown in Fig. 1 (c).
FIGURE 2. After the kernel mapping, nonlinear
separable data can become a linear classification case
in a higher dimensional space.
There are several systems for implementing this
scheme; however, our focus is on those systems that
use kernel values (instead of original data) as the most
basic computing unit. For example, Vaidya et al.
propose a privacy-preserving distributed SVM method
for securely merging kernels. Navia-Vázquez et al.
propose a distributed semiparametric support vector
machine (DSSVM) using kernels as basic units to
reduce the communication information. Gönen et al.
propose a multiple kernel machine learning model that
describes the kernel as being a basic computing unit
capable of possibly merging different types of kernel
functions.
We will provide more detail about these proposals in
the next section.
One of the remarkable features of this type of system
is that data can be hidden in the kernel value safely.
It does this by first performing the kernel computation
and then, transforming every pair of the original data
(two vectors) into a kernel value (a single number). In
this new format, no one can obtain the original data
vectors of ‘‘a single number,’’
e.g., for two data vectors
x1 = [1, 3, 7] and
x5 = [2, 5, 8], their linear kernel value
K15 = x1 · x5 =[1, 3, 7] · [2, 5, 8] = 1 ∗ 2 + 3 ∗ 5 + 7 ∗
8 = 73.
It is impossible for anyone who knows only the value
of K15 to obtain the content of x1 and x5.
3. INSIDER COLLUSION ATTACK IN A
KERNEL-BASED DATA MINING SYSTEM
First, we will illustrate in detail the privacy breach
scenario through an example. As shown in Fig. 3,
4. IDL - International Digital Library Of
Technology & Research
Volume 1, Issue 5, May 2017 Available at: www.dbpublications.org
International e-Journal For Technology And Research-2017
IDL - International Digital Library 4 | P a g e Copyright@IDL-2017
there are three roles: the SVM server, hospitals
(organizations), and patients (members of
organization). The SVM server provides the SVM
service, which builds a global SVM model and
performs classification. Organizations in this example
are represented by three hospitals, which store their
patient records separately. Organizations such as
hospitals apply an SVM service to their data for data
analysis. Some of the members are labeled as patients,
while others consist of staff including doctors and
nurses, each of whom has a part of the overall patient
data records. Some members are insiders, who may
then collude with outsiders to launch attacks. For
example, a member within an organization such as an
irresponsible doctor may sell patient records to
outsiders. In such a situation, the semi-trusted SVM
server acts as an outside attacker, attempting to
acquire the entire private patient data with the help of
the portion of the patients’ records already obtained
from the doctor.
3.1 THREAT MODEL
There are three players in the investigated threat
scenario:
1. Data Owners—Organizations or Clients: These
organizations own the data and can be trusted. In a
distributed computing environment, they may also
participate in data mining tasks.
2. Insiders: Members within the data owner’s
organization are semi-trusted. They may leak their
own data to outsiders. The insiders leak nothing but
the data content. For example, the data indices do not
need to be leaked.
3. Outsider: The entity does not belong to the data
owner’s organization. This group is semi-trusted and
may collude with insiders. In a distributed
environment, the data mining server, which
coordinates sharing among the different subset of
affiliate groups, may act as a potential outsider. This
outsider (e.g. data mining server) knows the
parameters of the mining data, but does not have
access to the data content because that has been
packed into a kernel format, as described in the
following section.
3.2 THE STATE-OF-THE-ART PRIVACY-
PRESERVING COOPERATIVE SVM SYSTEM
For a simple explanation, we look to Vaidya’s state-
of-the-art privacy-preserving SVM System (PPSVM).
In particular, we look at the modified version of Que
et al., which adds a coordinate server to the PPSVM
system to illustrate the implementation of this type of
cooperative SVM system. We also use this example
system to introduce our proposed insider attacking
scheme in Sections 3.1 to 3.3. PPSVM has the
following three procedures: Procedure 1 (Local Kernel
Matrix Calculation): Organizations use local data to
build a global SVM model in the SVM server from
vertically partitioned data. As shown in Fig. 4, from
the high-level point of view, the entire set of vertically
partitioned data records means that for the whole data
matrix, with m features and n records, each vertical
slice represents a different hospital’s data. As shown
in Fig. 5, Vaidya’s local kernel-merging theorem
presents relationships in equations (1) and (2), where
xi and xj denote two different patient data records, x r i
means the part of xi stored in the hospital r, K r ij
stands for the local kernel value computed by data
vectors.
Xr
i and Xr
i of the hospital r, as shown in equation (3),
and z is the total number of hospitals. Equations (1)
and (2) work for not only linear kernel but also
polynomial kernel and RBF kernel. The reason is that
both the polynomial kernel (c.f. equation (4)) and RBF
kernel (c.f. equation (5)) can be represented as a dot
product of data vectors. In equations (4) and (5), b is
the bias, p is a power number and g is a gamma
parameter.
4. THE PRIVACY-PRESERVING METHODS
The key to successfully countering the proposed attack
with insider collusion lies in preventing the
satisfaction of the privacy breach rule described in
Section 3.4. In the following two sections we describe
our two proposed methods that can effectively counter
such attacks.
5. IDL - International Digital Library Of
Technology & Research
Volume 1, Issue 5, May 2017 Available at: www.dbpublications.org
International e-Journal For Technology And Research-2017
IDL - International Digital Library 5 | P a g e Copyright@IDL-2017
4.1 REDUCING THE NUMBER OF THE
INSIDERS
The first method involves reducing the total number of
insiders until it becomes smaller than the number of
data dimensions. The questions that then come to mind
are: How can we evaluate the number of insiders? and
How can we then identify the insiders to reduce their
numbers? There have been several related research
discussions regarding this process. We add our
proposed method of identifying the insiders to these as
described below. Catching Insiders based on Temporal
Events First, we add an additional dimension of data
in every data record. This extra dimensional data will
be used in kernel computation. We assume that this
extra dimensional data will not complicate the SVM
classification result too much. The lack of
complication is supposed because the extra
dimensional data are obtained from preclustering
results performed by using clustering schemes such as
a self-organizing map on the existing dataset. These
schemes can map the original data to very low
dimensions as a ‘‘thumbnail’’ of the dataset.
4.2 EXPANDING THE DIMENSION OF THE
DATA
The second method to counter the attack is to expand
the dimension of the dataset, making it larger than the
number of insider. Any method of data dimension
expansion that does not involve loss of accuracy can
be used here. In this section, we use our proposed
novel geometric transform because its privacy-
preserving property enhances the complexity for
malicious attackers. The basic idea of the method is to
map a line x to a random curve (x, y), that transforms
the data mapped from a 1-dimensional space to a 2-
dimensional space with some random perturbations.
The mapping function is given in equation (22), where
Dj is a 1-dimensional vector, D is its transformed 2-
dimensional vector, Dj(i) is the i-th element of vector
Dj , and D ̄ j is the normalized result of Dj . Here, k
and θ are random parameters for preserving privacy.
Initially there are two clusters of data in 1 dimension,
where one cluster has values distributed between
−0.15 and −0.95, denoted by ‘‘o’’ and colored in blue.
The other cluster has values distributed between 0.05
and 0.85, denoted by ‘‘x’’ and colored in red.
5 CONCLUSION
In this paper, we propose an insider collusion attack
that is a threat to most data mining systems that
operate on kernels and discuss how many insiders are
sufficient to launch this type of attack. We also present
two privacy-preserving methods to defend against the
attack. Finally, experimental results are provided to
prove the effectiveness of the proposed attack and
defense schemes. Note that our proposed attack
scheme is not only applicable to the vertically
partitioned data but also applicable to horizontally
partitioned data and arbitrarily partitioned data; as
long as every kernel value is composed of two data
vectors and stored in a kernel matrix, our proposed
method can reverse those kernel values back to the
original data. In fact, most data mining systems
operating on kernel computation especially those in a
distributed environment—are potential victims of the
proposed attack. In the future work, we will discuss
whether the privacy breach rule described in Section
3.4 can be relaxed, such that even though the exact
recovery is not possible, but the attacker can identify
the subspace of the private information (corresponding
to many solutions to the set of linear equations).
Under this situation, how to evaluate the security level
of the system? The scope of this paper is limited to
non-homomorphic encryption methods. The main
reason for this is that, until now, homomorphic
encryption systems have been too slow to be practical.
However, if we consider homomorphism encryption
based systems such as, we believe that the proposed
insider threats could lead to a known-plaintext attack,
as described in. Of course, we plan to address this
issue in future work.
REFERENCES
[1] 2015 Verizon Data Breach Investigations Report,
Verizon, Bedminster, NJ, USA, 2015.
[2] L. Xu, C. Jiang, J. Wang, J. Yuan, and Y. Ren,
‘‘Information security in big data: Privacy and data
6. IDL - International Digital Library Of
Technology & Research
Volume 1, Issue 5, May 2017 Available at: www.dbpublications.org
International e-Journal For Technology And Research-2017
IDL - International Digital Library 6 | P a g e Copyright@IDL-2017
mining,’’ IEEE Access, vol. 2, pp. 1149–1176, Oct.
2014.
[3] C. C. Aggarwal and P. S. Yu, ‘‘A general survey
of privacy-preserving data mining models and
algorithms,’’ in Privacy-Preserving Data Mining
Models and Algorithms. USA: Springer, 2008, pp. 10–
52.
[4] J. Vaidya, H. Yu, and X. Jiang, ‘‘Privacy-
preserving SVM classification,’’ Knowl. Inf. Syst.,
vol. 14, no. 2, pp. 161–178, Feb. 2008.
[5] J. Que, X. Jiang, and L. Ohno-Machado, ‘‘A
collaborative framework for distributed privacy-
preserving support vector machine learning,’’ in Proc.
AMIA Annu. Symp., 2012, pp. 1350–1359. [Online].
Available: http://privacy.ucsd.edu:8080/ppsvm/
[6] S. Hartley, Over 20 Million Attempts to Hack into
Health Database. Auckland, New Zealand: The New
Zealand Herald, 2014.
[7] W. R. Claycomb and A. Nicoll, ‘‘Insider threats to
cloud computing: Directions for new research
challenges,’’ in Proc. IEEE 36th Annu. Comput.
Softw. Appl. Conf. (COMPSAC), Jul. 2012, pp. 387–
394.
[8] P. Gaonjur and C. Bokhoree, ‘‘Risk of insider
threats in information technology outsourcing: Can
deceptive techniques be applied?’’ in Proc. Int. Conf.
Secur. Manage. (SAM), Las Vegas, NV, USA, Jun.
2006.
[9] S. Furnell and A. H. Phyo, ‘‘Considering the
problem of insider IT misuse,’’ Austral. J. Inf. Syst.,
vol. 10, no. 2, pp. 134–138, 2003.
[10] G. B. Magklaras and S. M. Furnell, ‘‘The insider
misuse threat survey: Investigating IT misuse from
legitimate users,’’ in Proc. Austral. Inf. Warfare Secur.
Conf., Perth, WA, Australia, 2004, pp. 1–9.
[11] Cloud Security Alliance (CSA). (2010). Top
Threats to Cloud Computing, Version 1.0. [Online].
Available: https://cloudsecurityalliance.org/contact/
[12] K. Chen and L. Liu, ‘‘Geometric data
perturbation for privacy preserving outsourced data
mining,’’ Knowl. Inf. Syst., vol. 29, no. 3, pp. 657–
695, Dec. 2011.