Our journal has become is a renowned international journal that operates on a monthly basis. It embraces the principles of open access, peer review, and full refereeing to ensure the highest standards of scholarly communication stands as a testament to the commitment of the global scientific community towards advancing research, promoting interdisciplinary collaborations, and enhancing academic excellence.
Study and Analysis of Big Data Security Analytics for Protecting Cloud Based ...ijtsrd
In cloud computing virtualized infrastructures has become a stimulating target for cyber attackers to initiate advance attacks. The motive of this work may be a narrative huge knowledge primarily based security analytics approach to get advanced attacks in virtualized infrastructures. User application logs and network logs collected consistently from the tenant virtual machines VMs are saved within the Hadoop Distributed File system HDFS . Extraction of attack features is performed through graph based event correlation and Map Reduce parser based identification of potential attack paths. Two step machine learning approaches logistic regression and belief propagation are used to perform the determination of attack presence. Hilal Ahmad Khan | Gurinder Pal "Study and Analysis of Big Data Security Analytics for Protecting Cloud Based Virtualized Infrastructures" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-1 , December 2019, URL: https://www.ijtsrd.com/papers/ijtsrd29709.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-security/29709/study-and-analysis-of-big-data-security-analytics-for-protecting-cloud-based-virtualized-infrastructures/hilal-ahmad-khan
Secure intrusion detection and countermeasure selection in virtual system usi...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Challenges and Mechanisms for Securing Data in Mobile Cloud Computingijcnes
Cloud computing enables users to utilize the services of computing resources. Now days computing resources in mobile applications are being delivered with cloud computing. As there is a growing need for new mobile applications, usage of cloud computing can not be overlooked. Cloud service providers offers the services for the data request in a remote server. Virtualization aspect of cloud computing in mobile applications felicitates better utilization of resources. The industry needs to address the foremost security risk in the underlying technology. The cloud computing environment in mobile applications aggravated with various security problems. This paper addresses challenges in securing data in cloud for mobile Cloud computing and few mechanisms to overcome.
This paper describes the concept of implementing the network vulnerability assessment process as a web service in Eucalyptus cloud.This paper is published in one of the international conferences.I implemented the mentioned concept during my M.E. thesis.
Study and Analysis of Big Data Security Analytics for Protecting Cloud Based ...ijtsrd
In cloud computing virtualized infrastructures has become a stimulating target for cyber attackers to initiate advance attacks. The motive of this work may be a narrative huge knowledge primarily based security analytics approach to get advanced attacks in virtualized infrastructures. User application logs and network logs collected consistently from the tenant virtual machines VMs are saved within the Hadoop Distributed File system HDFS . Extraction of attack features is performed through graph based event correlation and Map Reduce parser based identification of potential attack paths. Two step machine learning approaches logistic regression and belief propagation are used to perform the determination of attack presence. Hilal Ahmad Khan | Gurinder Pal "Study and Analysis of Big Data Security Analytics for Protecting Cloud Based Virtualized Infrastructures" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-4 | Issue-1 , December 2019, URL: https://www.ijtsrd.com/papers/ijtsrd29709.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-security/29709/study-and-analysis-of-big-data-security-analytics-for-protecting-cloud-based-virtualized-infrastructures/hilal-ahmad-khan
Secure intrusion detection and countermeasure selection in virtual system usi...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Challenges and Mechanisms for Securing Data in Mobile Cloud Computingijcnes
Cloud computing enables users to utilize the services of computing resources. Now days computing resources in mobile applications are being delivered with cloud computing. As there is a growing need for new mobile applications, usage of cloud computing can not be overlooked. Cloud service providers offers the services for the data request in a remote server. Virtualization aspect of cloud computing in mobile applications felicitates better utilization of resources. The industry needs to address the foremost security risk in the underlying technology. The cloud computing environment in mobile applications aggravated with various security problems. This paper addresses challenges in securing data in cloud for mobile Cloud computing and few mechanisms to overcome.
This paper describes the concept of implementing the network vulnerability assessment process as a web service in Eucalyptus cloud.This paper is published in one of the international conferences.I implemented the mentioned concept during my M.E. thesis.
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Editor IJCATR
Network Intrusion detection and Countermeasure Election in virtual network systems (NICE) are used to establish a
defense-in-depth intrusion detection framework. For better attack detection, NICE incorporates attack graph analytical procedures into
the intrusion detection processes. We must note that the design of NICE does not intend to improve any of the existing intrusion
detection algorithms; indeed, NICE employs a reconfigurable virtual networking approach to detect and counter the attempts to
compromise VMs, thus preventing zombie VMs. NICE includes two main phases: deploy a lightweight mirroring-based network
intrusion detection agent (NICE-A) on each cloud server to capture and analyze cloud traffic. A NICE-A periodically scans the virtual
system vulnerabilities within a cloud server to establish Scenario Attack Graph (SAGs), and then based on the severity of identified
vulnerability toward the collaborative attack goals, NICE will decide whether or not to put a VM in network inspection state. Once a
VM enters inspection state, Deep Packet Inspection (DPI) is applied, and/or virtual network reconfigurations can be deployed to the
inspecting VM to make the potential attack behaviors prominent.
Building a Distributed Secure System on Multi-Agent Platform Depending on the...CSCJournals
Today, applications in mobile multi-agent systems require a high degree of confidence that running code inside the system will not be malicious. Also any malicious agents must be identified and contained. Since the inception of mobile agents, the intruder has been addressed using a multitude of techniques, but many of these implementations have only addressed concerns from the position of either the platform or the agents. Very few approaches have undertaken the problem of mobile agent security from both perspectives simultaneously. Furthermore, no middleware exists to facilitate provisioning of the required security qualities of mobile agent software while extensively focusing on easing the software development burden. The aim is to build a distributed secure system using multi-agents by applying the principles of software engineering. The objectives of this paper is to introduce multi agent systems that enhance security rules through the access right to building a distributed secure system integrating with principles of software engineering system life cycle, as well as satisfy the security access right for both platform and agents to improve the three characteristics of agents adaptively, mobility and flexibility. This project based on the platform of PHP and MYSQL (Database) which can be presented in a website. The implementation and test are applied in both Linux and Windows platforms, including Linux Red Hat 8, Linux Ubuntu 6.06 LTS and Microsoft Windows XP Professional. Since PHP and MySQL are available in almost all operating systems, the result could be tested the platform as long as PHP and MySQL configuration is available. PHP5 and the MySQL (database) software are used to build a secure website. Multiple techniques of security and authentications have been used by multi-agents system. Secure database is encrypted by using md5. Also satisfy the characteristics for security requirements: confidentiality (protection from disclosure to unauthorized persons), integrity (maintaining data consistency) and authentication (assurance of identity of person or originator of data).
A Collaborative Intrusion Detection System for Cloud Computingijsrd.com
Cloud computing is a computing paradigm that shifts drastically from traditional computing architecture. Although this new computing paradigm brings many advantages like utility computing model but the design in not flawless and hence suffers from not only many known computer vulnerabilities but also introduces unique information confidentiality, integrity and availability risks as well due its inherent design paradigm. To provide secure and reliable services in cloud computing environment is an important issue. To counter a variety of attacks, especially large-scale coordinated attacks, a framework of Collaborative Intrusion Detection System (IDS) is proposed. The proposed system could reduce the impact of these kinds of attacks through providing timely notifications about new intrusions to Cloud users' systems. To provide such ability, IDSs in the cloud computing regions both correlate alerts from multiple elementary detectors and exchange knowledge of interconnected Clouds with each other.
Single Sign-on Authentication Model for Cloud Computing using KerberosDeepak Bagga
ABSTRACT
In today’s organizations need for several new resources and storage requirements for terabytes of data is generated every day. Cloud computing provides solution for this in a cost effective and efficient manner. Cloud computing provides on demand resources as services to clients. Cloud is highly scalable and flexible. Although it is benefiting the clients in several ways but as data is stored remotely it has many security loopholes like attacks, data lose, other security and authentication issues. In this paper we are proposing an authentication model for cloud computing based on the Kerberos protocol to provide single sign-on and to prevent against DDOS attacks. This model can benefit by filtering against unauthorized access and to reduce the burden, computation and memory usage of cloud against authentication checks for each client. It acts as a third party between cloud servers and clients to allow secure access to cloud services. In this paper we will see some of the related work for cloud security issues and attacks. Then in next section we will discuss the proposed architecture, its working and sequential process of message transmission. Next we will see how it can prevent against DDOS attacks, some benefits and how it provides single sign-on.
Understand what it means to develop a cloud security strategy as a cybersecurity specialist. Gain mastery in core skills via the best cybersecurity certification programs. Becoming a Cloud security professional is made easy with USCSI®.
Read more: https://shorturl.at/lDGL7
Understand what it means to develop a cloud security strategy as a cybersecurity specialist. Gain mastery in core skills via the best cybersecurity certification programs. Becoming a Cloud security professional is made easy with USCSI®.
Read more: https://shorturl.at/lDGL7
SVAC Firewall Restriction with Security in Cloud over Virtual EnvironmentIJTET Journal
Abstract— Cloud computing is so named for the reason that the information being accessed is found in the "clouds", it
does not entail a user to be in a precise place. Organizations found that cloud computing allows them to diminish the cost
of information management, in view of the fact that they are not obligatory to own their own servers. They can use
capacity leased from third parties. It is more important to store and to secure the data in the cloud. It plays a vital role in
the cloud. The data that can be secured by implementing SVAC (Security Virtualization Architecture for Cloud) Firewall
in the virtual environment. An effectual firewall security has been implemented for jamming and filtering the superfluous
requests coming from the clients prior to the request move towards the virtual machine. Next step is to secure the users.
During the demand dispensation, if the abuser requests the sophisticated of information from the cloud, then based on the
compensation prepared by the cloud client, they can access the data from the cloud server. This paper shows the
architecture and the unwanted request can be restricted through SVAC firewall also how the high level of data that can be
accessed by the highly authorized user.
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...iosrjce
Cloud computing is an important transition that makes change in service oriented computing
technology. Cloud service provider follows pay-as-you-go pricing approach which means consumer uses as
many resources as he need and billed by the provider based on the resource consumed. CSP give a quality of
service in the form of a service level agreement. For transparent billing, each billing transaction should be
protected against forgery and false modifications. Although CSPs provide service billing records, they cannot
provide trustworthiness. It is due to user or CSP can modify the billing records. In this case even a third party
cannot confirm that the user’s record is correct or CSPs record is correct. To overcome these limitations we
introduced a secure billing system called THEMIS. For secure billing system THEMIS introduces a concept of
cloud notary authority (CNA). CNA generates mutually verifiable binding information that can be used to
resolve future disputes between user and CSP. This project will produce the secure billing through monitoring
the service level agreement (SLA) by using the SMon module. CNA can get a service logs from SMon and stored
it in a local repository for further reference. Even administrator of a cloud system cannot modify or falsify the
data.
SECURITY AND PRIVACY OF SENSITIVE DATA IN CLOUD COMPUTING: A SURVEY OF RECENT...cscpconf
Cloud computing is revolutionizing many ecosystems by providing organizations with computing resources featuring easy deployment, connectivity, configuration, automation and scalability. This paradigm shift raises a broad range of security and privacy issues that must be taken into consideration. Multi-tenancy, loss of control, and trust are key challenges in cloud computing environments. This paper reviews the existing technologies and a wide array of both earlier and state-of-the-art projects on cloud security and privacy. We categorize the existing research according to the cloud reference architecture orchestration, resource control, physical resource, and cloud service management layers, in addition to reviewing the existing developments in privacy-preserving sensitive data approaches in cloud computing such as privacy threat modeling and privacy enhancing protocols and solutions.
Security and Privacy of Sensitive Data in Cloud Computing : A Survey of Recen...csandit
Cloud computing is revolutionizing many ecosystems by providing organizations with
computing resources featuring easy deployment, connectivity, configuration, automation and
scalability. This paradigm shift raises a broad range of security and privacy issues that must be
taken into consideration. Multi-tenancy, loss of control, and trust are key challenges in cloud
computing environments. This paper reviews the existing technologies and a wide array of both
earlier and state-of-the-art projects on cloud security and privacy. We categorize the existing
research according to the cloud reference architecture orchestration, resource control, physical
resource, and cloud service management layers, in addition to reviewing the existing
developments in privacy-preserving sensitive data approaches in cloud computing such as
privacy threat modeling and privacy enhancing protocols and solutions.
Vulnerability Analysis of 802.11 Authentications and Encryption Protocols: CV...AM Publications
This paper analysis vulnerability of known attacks on WLAN cipher suite, authentication mechanisms and credentials using common vulnerability scoring system (CVSS).
Establishing applications on on-demand infrastructures rather of building applica-tions on fixed and rigid infrastructures was provided by cloud computing provides. By merely exploiting into the cloud, initiatives can gain fast access to business applications or infrastructure resources with decreased Capital Expenditure (CAPEX). The more and more information is placed into the cloud by someone and initiatives, security issues begins to develop and raised. This paper discusses the different security issues that rise up about how secure the mo-bile cloud computing environment.
https://jst.org.in/index.html
Our journal has academic journals form a crucial nexus. Educators leverage the latest research findings to enrich their teaching methodologies, ensuring that students are exposed to the most current and relevant information. Simultaneously, these educators contribute to the body of knowledge through their own research, creating a perpetual cycle of growth.
https://ijaast.com/index.html
Our journal has open-access nature of IJAAST fosters global collaboration. Researchers from diverse geographical locations can engage with and build upon each other's work, transcending borders to collectively address the challenges and opportunities in agricultural science and technology.
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Editor IJCATR
Network Intrusion detection and Countermeasure Election in virtual network systems (NICE) are used to establish a
defense-in-depth intrusion detection framework. For better attack detection, NICE incorporates attack graph analytical procedures into
the intrusion detection processes. We must note that the design of NICE does not intend to improve any of the existing intrusion
detection algorithms; indeed, NICE employs a reconfigurable virtual networking approach to detect and counter the attempts to
compromise VMs, thus preventing zombie VMs. NICE includes two main phases: deploy a lightweight mirroring-based network
intrusion detection agent (NICE-A) on each cloud server to capture and analyze cloud traffic. A NICE-A periodically scans the virtual
system vulnerabilities within a cloud server to establish Scenario Attack Graph (SAGs), and then based on the severity of identified
vulnerability toward the collaborative attack goals, NICE will decide whether or not to put a VM in network inspection state. Once a
VM enters inspection state, Deep Packet Inspection (DPI) is applied, and/or virtual network reconfigurations can be deployed to the
inspecting VM to make the potential attack behaviors prominent.
Building a Distributed Secure System on Multi-Agent Platform Depending on the...CSCJournals
Today, applications in mobile multi-agent systems require a high degree of confidence that running code inside the system will not be malicious. Also any malicious agents must be identified and contained. Since the inception of mobile agents, the intruder has been addressed using a multitude of techniques, but many of these implementations have only addressed concerns from the position of either the platform or the agents. Very few approaches have undertaken the problem of mobile agent security from both perspectives simultaneously. Furthermore, no middleware exists to facilitate provisioning of the required security qualities of mobile agent software while extensively focusing on easing the software development burden. The aim is to build a distributed secure system using multi-agents by applying the principles of software engineering. The objectives of this paper is to introduce multi agent systems that enhance security rules through the access right to building a distributed secure system integrating with principles of software engineering system life cycle, as well as satisfy the security access right for both platform and agents to improve the three characteristics of agents adaptively, mobility and flexibility. This project based on the platform of PHP and MYSQL (Database) which can be presented in a website. The implementation and test are applied in both Linux and Windows platforms, including Linux Red Hat 8, Linux Ubuntu 6.06 LTS and Microsoft Windows XP Professional. Since PHP and MySQL are available in almost all operating systems, the result could be tested the platform as long as PHP and MySQL configuration is available. PHP5 and the MySQL (database) software are used to build a secure website. Multiple techniques of security and authentications have been used by multi-agents system. Secure database is encrypted by using md5. Also satisfy the characteristics for security requirements: confidentiality (protection from disclosure to unauthorized persons), integrity (maintaining data consistency) and authentication (assurance of identity of person or originator of data).
A Collaborative Intrusion Detection System for Cloud Computingijsrd.com
Cloud computing is a computing paradigm that shifts drastically from traditional computing architecture. Although this new computing paradigm brings many advantages like utility computing model but the design in not flawless and hence suffers from not only many known computer vulnerabilities but also introduces unique information confidentiality, integrity and availability risks as well due its inherent design paradigm. To provide secure and reliable services in cloud computing environment is an important issue. To counter a variety of attacks, especially large-scale coordinated attacks, a framework of Collaborative Intrusion Detection System (IDS) is proposed. The proposed system could reduce the impact of these kinds of attacks through providing timely notifications about new intrusions to Cloud users' systems. To provide such ability, IDSs in the cloud computing regions both correlate alerts from multiple elementary detectors and exchange knowledge of interconnected Clouds with each other.
Single Sign-on Authentication Model for Cloud Computing using KerberosDeepak Bagga
ABSTRACT
In today’s organizations need for several new resources and storage requirements for terabytes of data is generated every day. Cloud computing provides solution for this in a cost effective and efficient manner. Cloud computing provides on demand resources as services to clients. Cloud is highly scalable and flexible. Although it is benefiting the clients in several ways but as data is stored remotely it has many security loopholes like attacks, data lose, other security and authentication issues. In this paper we are proposing an authentication model for cloud computing based on the Kerberos protocol to provide single sign-on and to prevent against DDOS attacks. This model can benefit by filtering against unauthorized access and to reduce the burden, computation and memory usage of cloud against authentication checks for each client. It acts as a third party between cloud servers and clients to allow secure access to cloud services. In this paper we will see some of the related work for cloud security issues and attacks. Then in next section we will discuss the proposed architecture, its working and sequential process of message transmission. Next we will see how it can prevent against DDOS attacks, some benefits and how it provides single sign-on.
Understand what it means to develop a cloud security strategy as a cybersecurity specialist. Gain mastery in core skills via the best cybersecurity certification programs. Becoming a Cloud security professional is made easy with USCSI®.
Read more: https://shorturl.at/lDGL7
Understand what it means to develop a cloud security strategy as a cybersecurity specialist. Gain mastery in core skills via the best cybersecurity certification programs. Becoming a Cloud security professional is made easy with USCSI®.
Read more: https://shorturl.at/lDGL7
SVAC Firewall Restriction with Security in Cloud over Virtual EnvironmentIJTET Journal
Abstract— Cloud computing is so named for the reason that the information being accessed is found in the "clouds", it
does not entail a user to be in a precise place. Organizations found that cloud computing allows them to diminish the cost
of information management, in view of the fact that they are not obligatory to own their own servers. They can use
capacity leased from third parties. It is more important to store and to secure the data in the cloud. It plays a vital role in
the cloud. The data that can be secured by implementing SVAC (Security Virtualization Architecture for Cloud) Firewall
in the virtual environment. An effectual firewall security has been implemented for jamming and filtering the superfluous
requests coming from the clients prior to the request move towards the virtual machine. Next step is to secure the users.
During the demand dispensation, if the abuser requests the sophisticated of information from the cloud, then based on the
compensation prepared by the cloud client, they can access the data from the cloud server. This paper shows the
architecture and the unwanted request can be restricted through SVAC firewall also how the high level of data that can be
accessed by the highly authorized user.
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...iosrjce
Cloud computing is an important transition that makes change in service oriented computing
technology. Cloud service provider follows pay-as-you-go pricing approach which means consumer uses as
many resources as he need and billed by the provider based on the resource consumed. CSP give a quality of
service in the form of a service level agreement. For transparent billing, each billing transaction should be
protected against forgery and false modifications. Although CSPs provide service billing records, they cannot
provide trustworthiness. It is due to user or CSP can modify the billing records. In this case even a third party
cannot confirm that the user’s record is correct or CSPs record is correct. To overcome these limitations we
introduced a secure billing system called THEMIS. For secure billing system THEMIS introduces a concept of
cloud notary authority (CNA). CNA generates mutually verifiable binding information that can be used to
resolve future disputes between user and CSP. This project will produce the secure billing through monitoring
the service level agreement (SLA) by using the SMon module. CNA can get a service logs from SMon and stored
it in a local repository for further reference. Even administrator of a cloud system cannot modify or falsify the
data.
SECURITY AND PRIVACY OF SENSITIVE DATA IN CLOUD COMPUTING: A SURVEY OF RECENT...cscpconf
Cloud computing is revolutionizing many ecosystems by providing organizations with computing resources featuring easy deployment, connectivity, configuration, automation and scalability. This paradigm shift raises a broad range of security and privacy issues that must be taken into consideration. Multi-tenancy, loss of control, and trust are key challenges in cloud computing environments. This paper reviews the existing technologies and a wide array of both earlier and state-of-the-art projects on cloud security and privacy. We categorize the existing research according to the cloud reference architecture orchestration, resource control, physical resource, and cloud service management layers, in addition to reviewing the existing developments in privacy-preserving sensitive data approaches in cloud computing such as privacy threat modeling and privacy enhancing protocols and solutions.
Security and Privacy of Sensitive Data in Cloud Computing : A Survey of Recen...csandit
Cloud computing is revolutionizing many ecosystems by providing organizations with
computing resources featuring easy deployment, connectivity, configuration, automation and
scalability. This paradigm shift raises a broad range of security and privacy issues that must be
taken into consideration. Multi-tenancy, loss of control, and trust are key challenges in cloud
computing environments. This paper reviews the existing technologies and a wide array of both
earlier and state-of-the-art projects on cloud security and privacy. We categorize the existing
research according to the cloud reference architecture orchestration, resource control, physical
resource, and cloud service management layers, in addition to reviewing the existing
developments in privacy-preserving sensitive data approaches in cloud computing such as
privacy threat modeling and privacy enhancing protocols and solutions.
Vulnerability Analysis of 802.11 Authentications and Encryption Protocols: CV...AM Publications
This paper analysis vulnerability of known attacks on WLAN cipher suite, authentication mechanisms and credentials using common vulnerability scoring system (CVSS).
Establishing applications on on-demand infrastructures rather of building applica-tions on fixed and rigid infrastructures was provided by cloud computing provides. By merely exploiting into the cloud, initiatives can gain fast access to business applications or infrastructure resources with decreased Capital Expenditure (CAPEX). The more and more information is placed into the cloud by someone and initiatives, security issues begins to develop and raised. This paper discusses the different security issues that rise up about how secure the mo-bile cloud computing environment.
https://jst.org.in/index.html
Our journal has academic journals form a crucial nexus. Educators leverage the latest research findings to enrich their teaching methodologies, ensuring that students are exposed to the most current and relevant information. Simultaneously, these educators contribute to the body of knowledge through their own research, creating a perpetual cycle of growth.
https://ijaast.com/index.html
Our journal has open-access nature of IJAAST fosters global collaboration. Researchers from diverse geographical locations can engage with and build upon each other's work, transcending borders to collectively address the challenges and opportunities in agricultural science and technology.
https://jst.org.in/index.html
Our journal has serves as a beacon for scholars and practitioners alike, delving into the intricacies of next-generation technologies that promise to reshape the world. From artificial intelligence and renewable energy to advanced materials and beyond, we are at the forefront of engineering's evolution.
https://ijaast.com/index.html
Our journal has increasing flow of scholarly research articles finds a dedicated channel in IJAAST. By offering a consistent platform, the journal facilitates the seamless flow of knowledge, contributing to the intellectual growth of the agricultural science and technology community.
https://ijaast.com/index.html
Our journal has transcends traditional boundaries by embracing a multi-disciplinary approach. The journal serves as a melting pot for diverse research areas within agricultural science and technology, ensuring a holistic exploration of the subject.
https://jst.org.in/index.html
Our journal has foster a sense of community among researchers, scholars, and academics. They provide a space for intellectual exchange, allowing scholars to engage with each other's work, provide constructive feedback, and build upon existing knowledge.
https://ijaast.com/index.html
Our journal has we providing a robust platform for scholarly discourse, IJAAST contributes to the nurturing of future innovations. The journal's role in disseminating novel ideas, methodologies, and findings serves as a catalyst for pushing the boundaries of what is possible in agricultural research.
https://ijaast.com/index.html
Our journal has stands as a beacon of excellence in the realm of agricultural research. With its multi-disciplinary focus, commitment to peer-reviewed excellence, and open-access philosophy, IJAAST is not merely a journal; it is a dynamic hub driving the evolution of agricultural science and technology.
https://ijaast.com/index.html
Our journal has dynamic realm of agricultural science and technology, staying abreast of the latest research findings is crucial for professionals, scholars, and enthusiasts alike. IJAAST transcends traditional boundaries by embracing a multi-disciplinary approach.
https://jst.org.in/index.html
Our Journal has stand as pillars, providing a crucial medium for the advancement and dissemination of research results. This blog post explores the pivotal role these journals play in supporting high-level learning, teaching, and research.
https://jst.org.in/index.html
Our journal has a academic journals is the peer-review process. Before an article is published, it undergoes rigorous scrutiny by experts in the field. This ensures the quality and validity of the research, maintaining a high standard of academic integrity.
https://utilitasmathematica.com/index.php/Index
Our Journal has a exploring partnerships and initiatives to provide training and resources to researchers, reviewers, and editors on issues related to JEDI in statistics. Journal has implemented rigorous editorial practices to ensure that published research adheres to JEDI principles.
Our journal has a academic journals form a crucial nexus. Educators leverage the latest research findings to enrich their teaching methodologies, ensuring that students are exposed to the most current and relevant information. Simultaneously, these educators contribute to the body of knowledge through their own research, creating a perpetual cycle of growth.
https://utilitasmathematica.com/index.php/Index
Our journal has academic and professional communities fosters collaboration and knowledge sharing. When all voices are heard and respected, it strengthens the collective capabilities of the statistical community.
https://jst.org.in/index.html
Our journal has academic journals are not mere repositories of information; they are dynamic entities that breathe life into the academic world. They provide a stage for the drama of ideas, where researchers, educators, and learners converge to push the boundaries of knowledge.
https://jst.org.in/index.html
Our journal Research Knowledge and experience exchange increases social, economic and cultural growth, higher education, career and commercial prospects relevant to members of the department and its surrounding area. And it's journal publishes research papers in the fields of science and technology such as Astronomy and astrophysics, Chemistry, Earth and atmospheric sciences, Physics, Biology in general.
https://utilitasmathematica.com/index
Our Journal has we strive to minimize barriers to access and participation, ensuring that opportunities within the statistical community are available to all, regardless of background. This includes addressing issues such as language barriers, geographical disparities, and financial constraints that may limit access to statistical education and resources.
https://jst.org.in/index.html
Our journal has stands as a beacon of excellence in the field, fostering a culture of high-quality research and unwavering commitment to academic integrity. As research continues to push the boundaries of what's possible, peer review remains an essential tool in ensuring that we continue to progress responsibly and ethically in the realms of science and technology.
https://jst.org.in/index.html
Our journal has Numbers tell stories, and in the world of research and development, mathematics is the universal language. Join us as we explore the elegant equations and mathematical models that underpin technological advancements and scientific breakthroughs.
https://jst.org.in/index.html
Our journal has digital transformation, effective management strategies are crucial. Our pages unfold discussions on navigating the complexities of modern business landscapes, strategic decision-making, and adaptive leadership—essential elements for success in the 21st century.
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...Levi Shapiro
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Acetabularia Information For Class 9 .docxvaibhavrinwa19
Acetabularia acetabulum is a single-celled green alga that in its vegetative state is morphologically differentiated into a basal rhizoid and an axially elongated stalk, which bears whorls of branching hairs. The single diploid nucleus resides in the rhizoid.
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
original research papers
1. www.jst.org.in 42 | Page
Journal of Science and Technology (JST)
Volume 2, Issue 5, Sep - October 2017, PP 42-46
www.jst.org.in ISSN: 2456 - 5660
Protecting Virtualized Infrastructures in Cloud Computing
Based On Big Data Security Analytics
Deshpande Chandrika1
, Dr. M. Sreedhar Reddy2
1
(Department of CSE Samskruti College of Engineering and TechnologyKondapur, Ghatkesar,Hyderabad)
1
(Department of CSE Samskruti College of Engineering and TechnologyKondapur, Ghatkesar,Hyderabad)
Abstract : Virtualized infrastructure in cloud computing has become an attractive target for cyber attackers to
launch advanced attacks. This paper proposes a novel big data based security analytics approach to detecting
advanced attacks in virtualized infrastructures. Network logs as well as user application logs collected
periodically from the guest virtual machines (VMs) are stored in the Hadoop Distributed File System (HDFS).
Then, extraction of attack features is performed through graph-based event correlation and MapReduce parser
based identification of potential attack paths. Next, determination of attack presence is performed through two-
step machine learning, namley logistic regression is applied to calculate attack’s conditional probabilities with
respect to the attributes, andbelief propagation is applied to calculate the belief in existence of an attack based
on them. Experiments are conducted to evaluate the proposed approach using well-known malware as well as in
comparison with existing security techniques for virtualized infrastructure. The results show that our proposed
approach is effective in detecting attacks with minimal performance overhead.
Keywords – HDFS, VM
I. INTRODUCTION
The three data driven platforms which have evolved since the advancement and origin of the Internet
are Cloud Computing, Big Data and Virtualization. They continue to dominate the control, flow, and
preservation of the data for many large scale and various other enterprises.Cloud Computing or („the Cloud‟) is
a term that describes the collaboration, agility, scaling and availability. It provides for the cost reduction carried
out through optimized and efficient computing [1]. The Cloud Computing environment is classified based upon
its essential characteristics, three services models, and four deployment models, by the National Institute of
Standards and Technology (NIST) [2]. The functionalities carried out by the Cloud, associated with an
enterprise make it more vulnerable to attacks and breach in its security and privacy, thus making it an important
asset to be protected.Big Data , as the name suggests is large amounts of data collected, processed and stored.
The Big Data is classified based upon the four V‟s abbreviation. The four V‟s are: Volume, Velocity, Variety
and Veracity [3]. Big Data analytics contain metadata and can be used to expose the privacy of an individual or
any organization, security measures for the same need to be constructed.Virtualization infrastructure and the
technology associated with it is developing a fast recognition in the industry. Virtualization is the process in
which the virtual machine is created, and it generates a dual operating system environment setup on a single
operating system. Fedora [4] is an example of a distro of the Linux operating system which can be installed on a
virtual machine platform like VMWare [5] or Oracle Virtual Box [6] , and thus the Linux based operating
system can be utilized on a Microsoft Windows running machine. The main idea of this paper is to put a
limelight on the present security measures available to these information processing platforms and to put forth
some ideas which can be implemented to provide additional protection and security to this data in order to
maintain the consistency and integrity of the data.
II. S ECURITY OF THE CLOUD
The National Institute of Standards and Technology (NIST) defines Cloud Computing as, “Cloud
computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of
configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be
rapidly provisioned and released with minimal management effort or service provider interaction”[7].
A. Cloud Platforms The Cloud Computing platform can be further categorized by the services it offers and the
models on which it can be deployed [8], [9]
• Infrastructure as a Service (IaaS) This is the platform that provides virtualized resources, storage and network
connectivity to the users. Users are eligible to scale these resources on demand. IaaS maybe used as a high level
cloud system. Common examples of this services are, Amazon EC2, GoGrid, Microsoft Azure.
• Platform as a Service (PaaS) It is the platform that provides development and virtualized resources which
contain enhanced programming platform elements. It also supports geographically distribution of developers
which contribute towards the development of the platform. Amazon Map Reduce/Simple storage, Google App
Engine and Heroku are some of the examples of PaaS.
2. www.jst.org.in 43 | Page
Journal of Science and Technology
• Software as a Service (SaaS) The most advanced platform of Cloud Computing, it provides an on-demand
access to the services mostly located on the web browser or the computer network. The features are available
more frequently and moreover no license has to be purchased. Due to its easy availability, the SaaS platform can
be integrated easily with mashup applications. Google Maps, Salesforce.com are some prominent examples.
III.LITERATURE REVIEW
Malware detection in virtualised infrastructure
Malware refers to any executable which is designed to compromise the integrity of the system on
which it is run. There are two prominent approaches to malware detection in cloud computing, namely in-VM
and outside-VM interworking approach and hypervisor-assisted malware detection.
In-VM and outside-VM interworking approach to malware detection
In-VM and outside-VM interworking detection consists of an in-VM agent running within the guest VM, and a
remotescrutiny server monitoring the VM‟s behaviour. When a potential malware execution is detected the in-
VM agentsends the suspicious executable to the scrutiny server, which then uses the signature database to verify
malware presence or otherwise and then informs the in-VM agent of the results. CloudAV, a cloud-based
malware detection system featuring multiple antivirus engines, employs in-VM and outside-VM interworking
approach to protect the guest VMs against attacks [4]. Apparently the effectiveness of this scheme depends on
the frequency at which the virus signatures are updated by the antivirus vendors. The in-VM and outside-VM
interworking approach is also used by CuckooDroid, to detect mobile malware presence on Android devices [5].
It consists of an in-device agent which scans executables on the device and sends any suspicious executable to a
remote scrunity server which runs a hybrid of anomaly-based and signature-based malware detectors. The
scheme first extracts malware features by using static as well as dynamic analysis on malware apps. The
obtained features are then used to train a one-class SVM (Support Vector Machine) classifier for anomaly-based
detection. Implemented on an emulated Android platform, CuckooDroid achieved a detection accuracy of 98.84
%.
Hypervisor-assisted malware detection
Hypervisor-assisted malware detection, on the other hand, uses the underlying hypervisor to detect malware
within
the guest VMs. A hypervisor-assisted malware detection scheme is designed in [6] to detect botnet activity
within the guest VMs. The scheme installs a network sniffer on the hypervisor to monitor external traffic as well
as inter-VM traffic. Implemented on Xen, it is able to detect the presence of the Zeus botnet on the guest VMs.
A hypervisor-assisted detection scheme is proposed in [7] using guest application and network flow
characteristics. This scheme first uses LibVMI to extract key process features from the processes running within
VMs and then uses tcpdump together with the CoralReef network packet analysis tool from CAIDA (Center for
Applied Internet Data Analysis) to extract network flow features. The obtained features are then used to train
one-class SVM classifiers to detect malware presence within guest VMs. Implemented on KVM, the scheme is
able to detect well-known DDoS (Distributed Denial of Service) and botnet attacks such as LOIC (Low Orbit
Ion Cannon) and Zeus. The hypervisor-assisted detection is also used in Access- Miner [8]. Implemented as a
custom hypervisor, Access- Miner monitors normal user behavior within the system and creates access activity
models which are used for anomalybased malware detection. To ensure that the underlying hardware is
protected, it intercepts the guest system call requests and uses a policy checker module to determine if it should
access the system resource.
Security Analytics
Security Analytics refers to the application of analytics in the context of cybersecurity [9]. Based on a variety of
datacollected from different points within an enterprise network, security analytics aims to detect previously
undiscovered threats by use of analytic techniques. Common techniques of security analytics include clustering
and graph-based event correlation.
Clustering for security analytics
Clustering organises data items in an unlabeled dataset into groups based on their feature similarities [10]. For
security analytics, clustering finds a pattern which generalises the characteristics of data items, ensuring that it is
well generalized to detect unknown attacks. Examples of clusterbased classifiers include K-means clustering
and k-nearest neighbors, which are used in both intrusion detection and malware detection. Clustering is used
for security analytics for industrial control systems [11] in an NCI (networked critical infrastructure)
environment. First, data outputs from various network sensors are arranged as vectors and K-means clustering is
applied to group the vectors into clusters. The MapReduce model is then applied to the grouped clusters to find
groupings of possible attack behaviour, thus allowing the detection to be carried out efficiently. In [12] an
“attack pyramid” -based scheme is proposed to detect APTs (advanced persistent threats) in a large enterprise
network environment. Based on threat tree modeling, different planes (namely hardware, user, network,
application)
3. www.jst.org.in 44 | Page
Journal of Science and Technology
to which an attack may be launched are placed hierarchically with the end goal placed at the top. First, outputs
from all available sensors in the network (e.g., network logs, execution traces, etc) are put into contexts. Then,
in terms of the contexts various suspicious activities detected at each attack plane are correlated in a MapReduce
model, which takes in all the sensor outputs and generates an event set describing potential APTs. Finally, an
alert system determines attack presence by calculating the confidence levels of each correlated event. SINBAPT
(Security Intelligence techNology for Blocking APT) [13] uses big data processing such as HDFS and
MapReduce together to detect the presence of APTs in an enterprise network environment. Used for anomaly-
based detection, the scheme collects log data from different sources (e.g., Netflow, application logs, etc) and
applies a MapReduce model for feature extraction. Once organized into clusters, the data is then used to
determine attack presence according to pre-defined rules.
Graph-based event correlation
While clustering determines attack presence through grouping common attack characteristics, it is limited in
establishing an accurate correlation which may exist between events. This makes it difficult to accurately
identify the sequences of events leading to the presence of an attack within the network, as well as the entry
point of the attack. Graph-based event correlation overcomes this limitation by representing the events from the
logs obtained as sequences in a graph. Given a collection of logs from different points within the network (e.g.,
firewall logs, web server logs, etc.), these events are correlated in a graph with the event features (e.g.,
timestamp, source and destination IP, etc.) represented as vertices and their correlations as edges. This enables
the accurate identification of the entry point which an attack enters, as well as the sequences of events which the
attack undertakes. Graphs-based event correlation is used in BotCloud, a botnet detection system for large
enterprise environments [14]. Based on the Netflow data which describe the various network traffic flows
between clients, the scheme represents the network flow between clients in the form of a dependency graph. The
graph is then input into a MapReduce model to identify network IP associations using PageRank algorithm.
Graphs-based event correlation is presented in the security framework designed to detect attacks within critical
infrastructures [15]. The scheme collects events from different sources within the network, and generates a
temporal graph model to derive different event correlations for threat detection.
IV. PROPOSED APPROACH
3.1 Overall Framework
The basic idea of our proposed approach is to detect in realtime any malware and rookit attacks via holistic
efficientuse of all possible information obtained from the virtualized infrastructure, e.g., various network and
user application logs. Our proposed approach is a big data problem for the following characteristics of the
network and user application logs collected from a virtualized infrastructure: _ Volume: Depending on the
number of guest VMs and the size of the network, the amount of the network and user application logs to be
collected can range from approximately 500 MB to 1 GB an hour; _ Velocity: The network and user application
logs are collected in real-time, in order to detect the presence of malware and rootkit attacks, accordingly the
collected data containing its behavior needs to be processed as soon as possible;
_ Veracity: Due to the “low and slow” approach that malware and rootkit take in hiding their presence within
the guest VMs, data analysis has to rely upon event correlation and advanced analytics. The design principles,
which are integral in the development of our BDSA approach to protecting virtualized infrastructures, can be
elaborated as follows.
_ Design Principle # 1 - Unsupervised classification: The attack detection system should be able to classify
potential attack presence based on the data collected from the virtualized infrastructure over time.
Design Principle # 2 - Holistic prediction: The attack detection system should be able to identify potential
attacks by correlating events on the data collected from multiple sources in the virtualized infrastructure.
_ Design Principle # 3 - Real-time: The attack detection system should be able to ascertain attack presence as
immediately as possible so as for the appropriate countermeasures to be taken immediately.
_ Design Principle # 4 - Efficiency: The attack detection system should be able to detect attack presence at a
high computational efficiency, i.e., with as little performance overhead as possible.
_ Design Principle # 5 - Deployability: The attack detection system should be readily deployable in production
environment with minimal change required to common production environments.
Figure 1 illustrates the overall conceptual framework of our proposed big data based security analytics (BDSA)
approach, with the different components highlighted in blue. Our BDSA approach consists of two main phases,
namely
_ Extraction of attack features through graph-based event correlation and MapReduce parser based identification
of potential attack paths, and Determination of attack presence via two-step machine learning, namely logistic
regression and belief propagation.
4. www.jst.org.in 45 | Page
Journal of Science and Technology
Fig. 1: Conceptual framework of the proposed big data based security analytics (BDSA) approach
Prior to the online detection of attacks, there is actually a system initialization, in which offline
training of the logistic regression classifiers is carried out, that is, the stored features are loaded from the
Cassandra database to train the logistic regression classifiers. Specifically, wellknown malicious as well as
benign port numbers are loaded to train a logistic regression classifier to determine if the incoming/outgoing
connections are indicative of an attack presence. Likewise, well-known malware and legitimate applications
together with their associated ports are loaded to train a logistic regression classifier to determine if the behavior
of an application running within the guest VM is indicative of an attack presence. These trained logistic
regression classifiers are ready for online use, upon the extraction of new attack features, to determine if the
potential attack paths are indicative of attack presence.
In the Extraction of Attack Features phase, first, it carries out Graph-Based Event Correlation. Periodically
collected from the guest VMs, network and user application logs are stored in the HDFS. By assembling the
information contained in these two logs, the Correlation Graph Assembler (CGA) forms correlation
graphs.Then, it carries out the Identification of Potential Attack Paths. A MapReduce model is used to parse the
correlation graphs and identify the potential attack paths i.e., the most frequently occurring graph paths in terms
of the guest VMs‟ IP addresses. This is based on the observation that a compromised guest VM tends to
generate more traffic flows as it tries to establish communication with an attacker. In the Determination of
Attack Presence phase, two-step machine learning is employed, namely logistic regression and belief
propagation are used. While the former is used to calculate attack‟s conditional probabilities with respect to
individual attributes, the latter is used to calculate the belief of an attack presence given these conditional
attributes. From the potential attack paths, the monitored features are sorted out and passed into their logistic
regression classifiers to calculate attack‟s conditional probabilities with respect to individual attributes. The
conditional probabilities with respect to individual attributes are passed into belief propagation to calculate the
belief of attack presence. Once attack presence is ascertained, the administrator is alarmed of the attack.
Furthermore, the Cassandra database is updated with the newly-identified attack features versus the class
ascertained (i.e., attack or benign), which are then used to retrain the logistic regression classifiers.
V. CONCLUSION
In this paper, we have put forward a novel big data based security analytics (BDSA) approach to
protecting virtualized infrastructures in cloud computing against advanced attacks. Our BDSA approach
constitutes a three phase framework for detecting advanced attacks in real-time. First, the guest VMs‟s network
logs as well as user application logs are periodically collected from the guest VMs and stored in the HDFS.
Then, attack features are extracted through correlation graph and MapReduce parser. Finally, two-step machine
learning is utilized to ascertain attack presence. Logistic regression is applied to calculate attack‟s conditional
probabilities with respect to individual attributes. Furthermore, belief propagation is applied to calculate the
overall belief of an attack presence. From the second phase to the third, the extraction of attack features is
further strengthened towards the determination of attack presence by the two-step machine learning. The use of
logistic regression enables the fast calculation of attack‟s conditional probabilities. More importantly, logistic
regression also enables the retraining of the individual logistic regression classifiers using the new attack
features TABLE 6: Comparison of security approaches
5. www.jst.org.in 46 | Page
Journal of Science and Technology
REFERENCES
[1] D. Fisher, “‟venom‟ flaw in virtualization software could lead to vm escapes, data theft,”
https://threatpost.com/venomflaw- in-virtualization-software-could-lead-to-vm-escapes-datatheft/ 112772/,
2015, accessed: 2015-05-20.
[2] Z. Durumeric, J. Kasten, D. Adrian, J. A. Halderman, M. Bailey, F. Li, N.Weaver, J. Amann, J. Beekman,
M. Payer et al., “The matter of heartbleed,” in Proceedings of the 2014 Conference on Internet Measurement
Conference. Vancouver, BC, Canada: ACM, 2014, pp. 475–488.
[3] K. Cabaj, K. Grochowski, and P. Gawkowski, “Practical problems of internet threats analyses,” in Theory
and Engineering of Complex Systems and Dependability. Springer, 2015, pp. 87–96.
[4] J. Oberheide, E. Cooke, and F. Jahanian, “Cloudav: N-version antivirus in the network cloud.” in USENIX
Security Symposium, San Jose, California, USA, 2008, pp. 91–106.
[5] X. Wang, Y. Yang, and Y. Zeng, “Accurate mobile malware detection and classification in the cloud,”
SpringerPlus, vol. 4, no. 1, pp. 1–23, 2015.
[6] P. K. Chouhan, M. Hagan, G. McWilliams, and S. Sezer, “Network based malware detection within
virtualised environments,” in Euro-Par 2014: Parallel Processing Workshops. Porto, Portugal: Springer, 2014,
pp. 335–346.
[7] M. Watson, A. Marnerides, A. Mauthe, D. Hutchison et al., “Malware detection in cloud computing
infrastructures,” IEEE Transactions on Dependable and Secure Computing, pp. 192 –205, 2015.
[8] A. Fattori, A. Lanzi, D. Balzarotti, and E. Kirda, “Hypervisorbased malware protection with accessminer,”
Computers & Security, vol. 52, pp. 33–50, 2015.
[9] T. Mahmood and U. Afzal, “Security analytics: big data analytics for cybersecurity: a review of trends,
techniques and tools,” in Information assurance (ncia), 2013 2nd national conference on. Rawalpindi, Pakistan:
IEEE, 2013, pp. 129–134.
[10] C.-T. Lu, A. P. Boedihardjo, and P. Manalwar, “Exploiting efficient data mining techniques to enhance
intrusion detection systems,” in Information Reuse and Integration, Conf, 2005. IRI-2005 IEEE International
Conference on. Las Vegas, Nevada, USA: IEEE, 2005, pp. 512–517.
[11] I. Kiss, B. Genge, P. Haller, and G. Sebestyen, “Data clusteringbased anomaly detection in industrial
control systems,” in Intelligent Computer Communication and Processing (ICCP), 2014 IEEE International
Conference on. Cluj-Napoca, Romania: IEEE, 2014, pp. 275–281.
[12] P. Giura and W. Wang, “Using large scale distributed computing to unveil advanced persistent threats,”
Science J, vol. 1, no. 3, pp. 93–105, 2012.