MIST Effective Masquerade Attack Detection in the CloudKumar Goud
Abstract: Cloud computing promises to significantly change the way we use computers and access and store our personal and business information. With these new computing and communications paradigms arise new data security challenges. Existing data protection mechanisms such as encryption have failed in preventing data theft attacks, especially those perpetrated by an insider to the cloud provider. We propose a different approach for securing data in the cloud using offensive decoy technology. We monitor data access in the cloud and detect abnormal data access patterns. When unauthorized access is suspected and then verified using challenge questions, we launch a disinformation attack by returning large amounts of decoy information to the attacker. This protects against the misuse of the user’s real data. Experiments conducted in a local file setting provide evidence that this approach may provide unprecedented levels of user data security in a Cloud environment.
Keywords: Mist, Insider data stealing, Bait information, Lure Files, Validating user
Design and implement a new cloud security method based on multi clouds on ope...csandit
Deployment of using cloud services as a new approach to keep people's platforms,
Infrastructure and applications has become an important issue in the world of communications
technology. This is a very useful paradigm for humans to obtain their essential needs simpler,
faster ,more flexible, and safer than before. But there are many concerns about this system
challenge. Security is the most important challenge for cloud systems. In this paper we design
and explain the procedure of implementation of a new method for cloud services based on multi
clouds on our platform which supplies security and privacy more than other clouds. We
introduce some confidentiality and security methods in each layer to have a secure access to
requirements. The architecture of our method and the implementation of method on our selected
platform for each layer are introduced in this paper.
Data Stream Controller for Enterprise Cloud ApplicationIJSRD
Cloud computing is an emerging computing paradigm where computing resources are provided as services over Internet while residing in a large data center. Even though it enables us to dynamically provide servers with the ability to address a wide range of needs, this paradigm brings forth many new challenges for the data security and access control as users outsource their sensitive data to clouds, which are beyond the same trusted domain as data owners. The occupier need not be concerned with how the Paas system achieves expansion under high load.MAC systems differ as security policy is defined for the entire system, typically by administrators. Information flow control (IFC) is a MAC approach, developed originally from military information management methodologies. IFC can be used to enforce more general policies, using appropriate labeling and checking schemes. The labels can be used to manage both confidentiality and integrity concerns, tracking “secrecy†and “quality†of data, respectively. Decentralized Information Flow Control (DIFC) is an approach to security that allows application writers to control how data flow between the pieces of application and the outside world. As applied to privacy DIFC allows un trusted software to compute with private data while trusted security code controls the release of that data. As applied to integrity DIFC allows trusted code to protect un trusted software from unexpected inputs.
MIST Effective Masquerade Attack Detection in the CloudKumar Goud
Abstract: Cloud computing promises to significantly change the way we use computers and access and store our personal and business information. With these new computing and communications paradigms arise new data security challenges. Existing data protection mechanisms such as encryption have failed in preventing data theft attacks, especially those perpetrated by an insider to the cloud provider. We propose a different approach for securing data in the cloud using offensive decoy technology. We monitor data access in the cloud and detect abnormal data access patterns. When unauthorized access is suspected and then verified using challenge questions, we launch a disinformation attack by returning large amounts of decoy information to the attacker. This protects against the misuse of the user’s real data. Experiments conducted in a local file setting provide evidence that this approach may provide unprecedented levels of user data security in a Cloud environment.
Keywords: Mist, Insider data stealing, Bait information, Lure Files, Validating user
Design and implement a new cloud security method based on multi clouds on ope...csandit
Deployment of using cloud services as a new approach to keep people's platforms,
Infrastructure and applications has become an important issue in the world of communications
technology. This is a very useful paradigm for humans to obtain their essential needs simpler,
faster ,more flexible, and safer than before. But there are many concerns about this system
challenge. Security is the most important challenge for cloud systems. In this paper we design
and explain the procedure of implementation of a new method for cloud services based on multi
clouds on our platform which supplies security and privacy more than other clouds. We
introduce some confidentiality and security methods in each layer to have a secure access to
requirements. The architecture of our method and the implementation of method on our selected
platform for each layer are introduced in this paper.
Data Stream Controller for Enterprise Cloud ApplicationIJSRD
Cloud computing is an emerging computing paradigm where computing resources are provided as services over Internet while residing in a large data center. Even though it enables us to dynamically provide servers with the ability to address a wide range of needs, this paradigm brings forth many new challenges for the data security and access control as users outsource their sensitive data to clouds, which are beyond the same trusted domain as data owners. The occupier need not be concerned with how the Paas system achieves expansion under high load.MAC systems differ as security policy is defined for the entire system, typically by administrators. Information flow control (IFC) is a MAC approach, developed originally from military information management methodologies. IFC can be used to enforce more general policies, using appropriate labeling and checking schemes. The labels can be used to manage both confidentiality and integrity concerns, tracking “secrecy†and “quality†of data, respectively. Decentralized Information Flow Control (DIFC) is an approach to security that allows application writers to control how data flow between the pieces of application and the outside world. As applied to privacy DIFC allows un trusted software to compute with private data while trusted security code controls the release of that data. As applied to integrity DIFC allows trusted code to protect un trusted software from unexpected inputs.
A systematic mapping study of security, trust and privacy in cloudsjournalBEEI
Cloud computing thrives around trust and security in the relationship between cloud providers and users of their services. The objective was the conduct of a systematic mapping study of cloud computing security, trust and privacy. The research was executed using three classes of facets, namely topic, contribution, and research based on the systematic mapping process. The result shows that privacy issues and challenges on metric had 4.76% of the publications. On cloud trust in the domain of tool, the publications were 8.75%. The publications on design within the domain of model stood at 12.38%, and publications on privacy issues and challenges in the area of process were 8.57%. Furthermore, there were more articles published on privacy issues and challenges within the domain of evaluation research with 10.43%. The publications on design based on validation research made up 7.83% of the study. More papers were also published on frameworks and techniques within the domain of solution research with 5.22% each. There were more articles published on privacy issues and challenges with regards to philosophical research with 4.35%. Shortcomings in the fields of security, trust and privacy in the cloud, were identified through this study, which should motivate further research.
A survey on cloud security issues and techniquesijcsa
Today, cloud computing is an emerging way of computing in computer science. Cloud computing is a set of
resources and services that are offered by the network or internet. Cloud computing extends various
computing techniques like grid computing, distributed computing. Today cloud computing is used in both
industrial field and academic field. Cloud facilitates its users by providing virtual resources via internet. As
the field of cloud computing is spreading the new techniques are developing. This increase in cloud
computing environment also increases security challenges for cloud developers. Users of cloud save their
data in the cloud hence the lack of security in cloud can lose the user’s trust.
In this paper we will discuss some of the cloud security issues in various aspects like multi-tenancy,
elasticity, availability etc. the paper also discuss existing security techniques and approaches for a secure
cloud. This paper will enable researchers and professionals to know about different security threats and
models and tools proposed.
Internal & External Attacks in cloud computing Environment from confidentiali...iosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Trust based Mechanism for Secure Cloud Computing Environment: A Surveyinventionjournals
Ubiquitous computing has revolutionized interaction of humans and machines. Cloud computing has been mainly used for storing data and various computational purposes. It has changed the face of using the internet. But, as we know every technology has its pros and cons. Securing cloud environment is the most challenging issue for the researchers and developers. Main aspects which cloud security should cover are authentication, authorization, data protection etc. Establishing trust between cloud service providers (CSP) is the biggest challenge, when someone is discussing about cloud security. Trust is a critical factor which mainly depends on perception of reputation and self-assessment done by both user and CSP. The trust model can act as security strength evaluator and ranking service for cloud application and services. For establishing trust relationship between two parties, mutual trust mechanism is reliable, as it does verification from both sides. There are various trust models which mainly focuses on securing one party i.e., they validate either user or service node. In this survey paper, the study of various trust models and their various parameters are discussed.
Sections:
Introduction
Cloud Computing background
Securing the Cloud
Virtualization
Mobile Cloud Computing
User safety & energy consumption
Author’s proposal
Conclusion
In order to make cloud computing to be adopted by users and enterprises, security concerns of users should be rectified by making cloud environment trustworthy, discussed by Latif et al. in the assessment of cloud computing risks[2].
We address the questions related to:
security concerns and threats over general cloud computing,
(2) the solutions for these problems and
(3) mobile users safety in convergence with energy consumption.
Data loss prevention by using MRSH-v2 algorithm IJECEIAES
Sensitive data may be stored in different forms. Not only legal owners but also malicious people are interesting of getting sensitive data. Exposing valuable data to others leads to severe Consequences. Customers, organizations, and /or companies lose their money and reputation due to data breaches. There are many reasons for data leakages. Internal threats such as human mistakes and external threats such as DDoS attacks are two main reasons for data loss. In general, data may be categorized based into three kinds: data in use, data at rest, and data in motion. Data Loss Prevention (DLP) are good tools to identify important data. DLP can do analysis for data content and send feedback to administrators to make decision such as filtering, deleting, or encryption. Data Loss Prevention (DLP) tools are not a final solution for data breaches, but they consider good security tools to eliminate malicious activities and protect sensitive information. There are many kinds of DLP techniques, and approximation matching is one of them. Mrsh-v2 is one type of approximation matching. It is implemented and evaluated by using TS dataset and confusion matrix. Finally, Mrsh-v2 has high score of true positive and sensitivity, and it has low score of false negative.
Abstract: Cloud computing model are obtaining ubiquitous authorization due to the heterogeneous convenience they provide. Although, the
security & privacy problems are the main considerable encumbrance holding back the universal adoption of this new emerging technology.
Various researches are concentrated on enhancing the security on Software as well as Hardware levels on the cloud. But these interpretations do
not mainly furnish the complete security way and therefore the data security compute (measure) are still kept under the access control of service
provider. Trusted Computing is another research concept. In actuality, these furnish a set of tools controlled by the third party technologies to
secure the Virtual Machines from the cloud computing providers. These approaches provides the tools to its consumers to assess and monitor the
aspects of security their data, they don’t allocate the cloud consumers with high control capability. While as the new emerging DCS approach
aims to provide the security of data owners of their data. But the DCS approach concept is elucidate in many ways and there is not a
standardized framework of cloud computing environment model for applying this approach.
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDSIJNSA Journal
Cloud computing is a new innovative model for enterprise in which information is permanently stored on the servers and also manage how and when different resources are allocate to the requested users. It provides distributed approach through which resources are allocated dynamically to the users without investing in the infrastructure or licensing the software’s on the client side. Using the cloud makes processing of information is more commodious but it also present them with new security problems about reliability.This phenomenon introduces serious problems regarding access mechanism to any information stored in the database and resources in the cloud. For the successful implementation of cloud computing it is necessary that we must know different areas where the security is needed. For this there should also governess strategy needed for secure communication between multi-clouds located in different geographical areas or in different countries. In this paper we discuss how to safely utilizing the benefit of cloud computing through the network where data security, provide authentication, integration, recovery, IP spoofing and Virtual Servers are the most captiousfields in the cloud.
Appraisal of the Most Prominent Attacks due to Vulnerabilities in Cloud Compu...Salam Shah
Cloud computing has attracted users due to high speed and bandwidth of the internet. The e-commerce systems are best utilizing the cloud computing. The cloud can be accessed by a password and username and is completely dependent upon the internet. The threats to confidentiality, integrity, authentication and other vulnerabilities that are associated with the internet are also associated with cloud. The internet and cloud can be secured from threats by ensuring proper security and authorization. The channel between user and cloud server must be secured with a proper authorization mechanism. The research has been carried out and different models have been proposed by the authors to ensure the security of clouds. In this paper, we have critically analyzed the already published literature on the security and authorization of the internet and cloud.
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...cscpconf
Deployment of using cloud services as a new approach to keep people's platforms, Infrastructure and applications has become an important issue in the world of communications technology. This is a very useful paradigm for humans to obtain their essential needs simpler, faster ,more flexible, and safer than before. But there are many concerns about this system challenge. Security is the most important challenge for cloud systems. In this paper we design and explain the procedure of implementation of a new method for cloud services based on multi clouds on our platform which supplies security and privacy more than other clouds. We introduce some confidentiality and security methods in each layer to have a secure access to requirements. The architecture of our method and the implementation of method on our selected platform for each layer are introduced in this paper.
Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...AJASTJournal
Because of its accessibility and flexibility, cloud technology is among the most notable innovations in today's world. Having many service platforms, such as GoogleApps by Google, Amazon, Apple, and so on, is well accepted by large enterprises. Distributed cloud computing is a concept for enabling every-time, convenient, on-demand network access to processing resources including servers, storage devices, networks, and services that may be mutually configured. The major security risks for cloud computing as identified by the Cloud security alliance (CSA) have been examined in this study. Also, methods for resolving issues with cloud computing technology's data security and privacy protection were systematically examined
A systematic mapping study of security, trust and privacy in cloudsjournalBEEI
Cloud computing thrives around trust and security in the relationship between cloud providers and users of their services. The objective was the conduct of a systematic mapping study of cloud computing security, trust and privacy. The research was executed using three classes of facets, namely topic, contribution, and research based on the systematic mapping process. The result shows that privacy issues and challenges on metric had 4.76% of the publications. On cloud trust in the domain of tool, the publications were 8.75%. The publications on design within the domain of model stood at 12.38%, and publications on privacy issues and challenges in the area of process were 8.57%. Furthermore, there were more articles published on privacy issues and challenges within the domain of evaluation research with 10.43%. The publications on design based on validation research made up 7.83% of the study. More papers were also published on frameworks and techniques within the domain of solution research with 5.22% each. There were more articles published on privacy issues and challenges with regards to philosophical research with 4.35%. Shortcomings in the fields of security, trust and privacy in the cloud, were identified through this study, which should motivate further research.
A survey on cloud security issues and techniquesijcsa
Today, cloud computing is an emerging way of computing in computer science. Cloud computing is a set of
resources and services that are offered by the network or internet. Cloud computing extends various
computing techniques like grid computing, distributed computing. Today cloud computing is used in both
industrial field and academic field. Cloud facilitates its users by providing virtual resources via internet. As
the field of cloud computing is spreading the new techniques are developing. This increase in cloud
computing environment also increases security challenges for cloud developers. Users of cloud save their
data in the cloud hence the lack of security in cloud can lose the user’s trust.
In this paper we will discuss some of the cloud security issues in various aspects like multi-tenancy,
elasticity, availability etc. the paper also discuss existing security techniques and approaches for a secure
cloud. This paper will enable researchers and professionals to know about different security threats and
models and tools proposed.
Internal & External Attacks in cloud computing Environment from confidentiali...iosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Trust based Mechanism for Secure Cloud Computing Environment: A Surveyinventionjournals
Ubiquitous computing has revolutionized interaction of humans and machines. Cloud computing has been mainly used for storing data and various computational purposes. It has changed the face of using the internet. But, as we know every technology has its pros and cons. Securing cloud environment is the most challenging issue for the researchers and developers. Main aspects which cloud security should cover are authentication, authorization, data protection etc. Establishing trust between cloud service providers (CSP) is the biggest challenge, when someone is discussing about cloud security. Trust is a critical factor which mainly depends on perception of reputation and self-assessment done by both user and CSP. The trust model can act as security strength evaluator and ranking service for cloud application and services. For establishing trust relationship between two parties, mutual trust mechanism is reliable, as it does verification from both sides. There are various trust models which mainly focuses on securing one party i.e., they validate either user or service node. In this survey paper, the study of various trust models and their various parameters are discussed.
Sections:
Introduction
Cloud Computing background
Securing the Cloud
Virtualization
Mobile Cloud Computing
User safety & energy consumption
Author’s proposal
Conclusion
In order to make cloud computing to be adopted by users and enterprises, security concerns of users should be rectified by making cloud environment trustworthy, discussed by Latif et al. in the assessment of cloud computing risks[2].
We address the questions related to:
security concerns and threats over general cloud computing,
(2) the solutions for these problems and
(3) mobile users safety in convergence with energy consumption.
Data loss prevention by using MRSH-v2 algorithm IJECEIAES
Sensitive data may be stored in different forms. Not only legal owners but also malicious people are interesting of getting sensitive data. Exposing valuable data to others leads to severe Consequences. Customers, organizations, and /or companies lose their money and reputation due to data breaches. There are many reasons for data leakages. Internal threats such as human mistakes and external threats such as DDoS attacks are two main reasons for data loss. In general, data may be categorized based into three kinds: data in use, data at rest, and data in motion. Data Loss Prevention (DLP) are good tools to identify important data. DLP can do analysis for data content and send feedback to administrators to make decision such as filtering, deleting, or encryption. Data Loss Prevention (DLP) tools are not a final solution for data breaches, but they consider good security tools to eliminate malicious activities and protect sensitive information. There are many kinds of DLP techniques, and approximation matching is one of them. Mrsh-v2 is one type of approximation matching. It is implemented and evaluated by using TS dataset and confusion matrix. Finally, Mrsh-v2 has high score of true positive and sensitivity, and it has low score of false negative.
Abstract: Cloud computing model are obtaining ubiquitous authorization due to the heterogeneous convenience they provide. Although, the
security & privacy problems are the main considerable encumbrance holding back the universal adoption of this new emerging technology.
Various researches are concentrated on enhancing the security on Software as well as Hardware levels on the cloud. But these interpretations do
not mainly furnish the complete security way and therefore the data security compute (measure) are still kept under the access control of service
provider. Trusted Computing is another research concept. In actuality, these furnish a set of tools controlled by the third party technologies to
secure the Virtual Machines from the cloud computing providers. These approaches provides the tools to its consumers to assess and monitor the
aspects of security their data, they don’t allocate the cloud consumers with high control capability. While as the new emerging DCS approach
aims to provide the security of data owners of their data. But the DCS approach concept is elucidate in many ways and there is not a
standardized framework of cloud computing environment model for applying this approach.
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDSIJNSA Journal
Cloud computing is a new innovative model for enterprise in which information is permanently stored on the servers and also manage how and when different resources are allocate to the requested users. It provides distributed approach through which resources are allocated dynamically to the users without investing in the infrastructure or licensing the software’s on the client side. Using the cloud makes processing of information is more commodious but it also present them with new security problems about reliability.This phenomenon introduces serious problems regarding access mechanism to any information stored in the database and resources in the cloud. For the successful implementation of cloud computing it is necessary that we must know different areas where the security is needed. For this there should also governess strategy needed for secure communication between multi-clouds located in different geographical areas or in different countries. In this paper we discuss how to safely utilizing the benefit of cloud computing through the network where data security, provide authentication, integration, recovery, IP spoofing and Virtual Servers are the most captiousfields in the cloud.
Appraisal of the Most Prominent Attacks due to Vulnerabilities in Cloud Compu...Salam Shah
Cloud computing has attracted users due to high speed and bandwidth of the internet. The e-commerce systems are best utilizing the cloud computing. The cloud can be accessed by a password and username and is completely dependent upon the internet. The threats to confidentiality, integrity, authentication and other vulnerabilities that are associated with the internet are also associated with cloud. The internet and cloud can be secured from threats by ensuring proper security and authorization. The channel between user and cloud server must be secured with a proper authorization mechanism. The research has been carried out and different models have been proposed by the authors to ensure the security of clouds. In this paper, we have critically analyzed the already published literature on the security and authorization of the internet and cloud.
DESIGN AND IMPLEMENT A NEW CLOUD SECURITY METHOD BASED ON MULTI CLOUDS ON OPE...cscpconf
Deployment of using cloud services as a new approach to keep people's platforms, Infrastructure and applications has become an important issue in the world of communications technology. This is a very useful paradigm for humans to obtain their essential needs simpler, faster ,more flexible, and safer than before. But there are many concerns about this system challenge. Security is the most important challenge for cloud systems. In this paper we design and explain the procedure of implementation of a new method for cloud services based on multi clouds on our platform which supplies security and privacy more than other clouds. We introduce some confidentiality and security methods in each layer to have a secure access to requirements. The architecture of our method and the implementation of method on our selected platform for each layer are introduced in this paper.
Methodologies for Resolving Data Security and Privacy Protection Issues in Cl...AJASTJournal
Because of its accessibility and flexibility, cloud technology is among the most notable innovations in today's world. Having many service platforms, such as GoogleApps by Google, Amazon, Apple, and so on, is well accepted by large enterprises. Distributed cloud computing is a concept for enabling every-time, convenient, on-demand network access to processing resources including servers, storage devices, networks, and services that may be mutually configured. The major security risks for cloud computing as identified by the Cloud security alliance (CSA) have been examined in this study. Also, methods for resolving issues with cloud computing technology's data security and privacy protection were systematically examined
Because of its accessibility and flexibility, cloud technology is among the most notable innovations in today's world. Having many service platforms, such as GoogleApps by Google, Amazon, Apple, and so on, is well accepted by large enterprises. Distributed cloud computing is a concept for enabling every-time, convenient, on-demand network access to processing resources including servers, storage devices, networks, and services that may be mutually configured. The major security risks for cloud computing as identified by the Cloud security alliance (CSA) have been examined in this study. Also, methods for resolving issues with cloud computing technology's data security and privacy protection were systematically examined.
AbstractCloud computing technology has become the new fron.docxSALU18
Abstract
Cloud computing technology has become the new frontier in the computing world. The technology has massively impacted individuals and business across the world. However, the technology is faced with certain challenges. This paper provides an in-depth analysis of the security challenges associated with cloud computing, including the respective threats and vulnerabilities. Additionally, the paper addresses the benefits, solutions, and recommendations of cloud computing technology.
Cloud Computing SecurityIntroduction
Over the last half of the century, the Information and Technology field has greatly evolved. Technology is very important to the different sectors of current society. Information, communication and technology (ICT) devices are dependent on one another and when one is disrupted, the rest may also be affected. In previous years, ICT experts have expressed their concern over the protection of ICT systems and cyber-attacks which have prompted them to consider the establishment of policies for the prevention of serious cybercrimes. They expect that in the years to come, these threats to ICT systems will increase significantly and affect several organizations. Cyber security is defined as the act of providing protection to ICT systems and what is contained in them. The term is broad and ambiguous; it tends to contradict the basic nature or scope of its meaning. In some occasions, it is integrated with other concepts such as privacy, the sharing of data and information, accumulation of intelligence and surveillance. Nevertheless, cyber security can be a very vital tool in the protection of privacy and the prevention of unauthorized access and sharing of information. For instance, cyber security facilitates a secured sharing of information amongst different systems within an organization. The focus of this paper is on the theme of vulnerability analysis. It will examine recent Insecurity controls among organizations and in the ICT sector.
Cloud computing technology has sparked a lot of debate in recent years. Proponents have expressed optimism with the technology, proclaiming it as the next frontier of the internet. However, critics believe the technology is short-lived because it is founded on old technologies. Cloud computing is an information technology phenomenon where computer services are provided over the internet. Additionally, cloud computing provides a number of IT solutions for businesses and therefore, significantly improves the quality of services. Cloud computing technology can be deployed in four main models: public, private, hybrid and community models. Conversely, the technology is recognized in different models that include Software as a service (SaaS), platform as a service (PaaS) and Infrastructure as a service (IaaS). SaaS, in particular, is a cloud computing model where applications are hosted remotely by a provider and accessed via the internet on a subscription basis. This paper will identify the sec.
Security and Privacy Solutions in Cloud Computing at Openstack to Sustain Use...Zac Darcy
Cloud computing is an emerging model of service provision that has the advantage of minimizing costs
through sharing and storage of resources combined with a demand provisioning mechanism relying on
pay-per-use business model. Cloud computing features direct impact on information technology (IT)
budgeting but pose detrimental impacts on privacy and security mechanisms especially where sensitive
data is to be held offshore by third parties. Even though cloud computing environment promises new
benefits to organizations, it also presents its fair share of potential risks. It is considered as a double edge
sword considering the privacy and security standpoints. However, despite its potential to offer a low cost
security, customer organizations may increase the risks by storing their sensitive information in the cloud.
Therefore, this study focuses on privacy and security issues that pose a challenge in maintaining a level of
assurance that is sufficient enough to sustain confidence in potential users.
In this study, survey questions were sent to different non-profit and government organizations, which
assisted in collecting fundamental information. The data was acquired by conducting surveys in OpenStack
Company to identify the critical vulnerabilities in the cloud computing platform in order to provide the
recommended solutions.
So, analysis will be made on how the cloud’s characteristics such as the nature of the architecture,
attractiveness, as well as, vulnerability are tightly related to privacy and security issues. Privacy and
security are complex issues for which there is no standard and the relationship between them is necessarily
complicated. The study also highlight on the inherent challenge to data privacy because it typically results
in data to be presented in an encryption from the data owner. Thus, the study aimed at obtaining a common
goal to provide a comprehensive review of the existing security and privacy issues in cloud environments,
and identify and describe the most representative of the security and privacy attributes and present a
relationship among them.
Finally, in order to ensure that the standard measure of validity is achieved, validity test was conducted in
order to ensure that the study is free from errors. Various recommendations were provided. The study also
explored various areas that require future directions for each attribute, which comprise of multi-domain
policy integration and a secure service composition to design a comprehensive policy-based management
framework in the cloud environments.
Lastly, the recommendations will provide the potential for security and privacy approaches that can be
implemented to improve the cloud computing environment to ensure that a level of trust is achieved
SECURITY AND PRIVACY SOLUTIONS IN CLOUD COMPUTING AT OPENSTACK TO SUSTAIN USE...Zac Darcy
Cloud computing is an emerging model of service provision that has the advantage of minimizing costs
through sharing and storage of resources combined with a demand provisioning mechanism relying on
pay-per-use business model. Cloud computing features direct impact on information technology (IT)
budgeting but pose detrimental impacts on privacy and security mechanisms especially where sensitive
data is to be held offshore by third parties. Even though cloud computing environment promises new
benefits to organizations, it also presents its fair share of potential risks. It is considered as a double edge
sword considering the privacy and security standpoints. However, despite its potential to offer a low cost
security, customer organizations may increase the risks by storing their sensitive information in the cloud.
Therefore, this study focuses on privacy and security issues that pose a challenge in maintaining a level of
assurance that is sufficient enough to sustain confidence in potential users.
Public Key Encryption algorithms Enabling Efficiency Using SaaS in Cloud Comp...Editor IJMTER
The Most great challenging in Cloud computing is Security. Here Security plays key role
in this paper proposed concept mainly deals with security at the end user access. While coming to the
end user access that are connected through the public networks. Here the end user wants to access his
application or services protected by the unauthorized persons. In this area if we want to apply
encryption or decryption methods such as RSA, 3DES, MD5, Blow fish. Etc.,
Whereas we can utilize these services at the end user access in cloud computing. Here there is
problem of encryption and decryption of the messages, services and applications. They are is lot of
time to take encrypt as well as decrypt and more number of processing capabilities are needed to use
the mechanism. For that problem we are introducing to use of cloud computing in SaaS model. i.e.,
scalable is applicable in this area so whenever it requires we can utilize the SaaS model.
In Cloud computing use of computing resources (hardware and software) that are delivered as a
service over Internet network. In advance earlier there is problem of using key size in various
algorithm like 64 bit it take some long period to encrypt the data.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
An efficient and secure data storage in cloud computing using modified RSA pu...IJECEIAES
Cloud Computing is the ability to improve the utility or train new human resources without investing in new infrastructure, or add capabilities to existence without the latest software licensing. It expanded the capabilities of Information Technology (IT). From the past few years, cloud computing has developed from a good business concept in the best rising sectors of the IT industry. But more information on individuals and companies was put in the cloud, and concerns began to think about how secure the cloud environment was. Despite cloud surrounding structures, enterprise users still do not want to expand their business in the cloud. Security reduces the growth of cloud computing and continues to spread the market with complexity with data privacy and data protection. The security of cloud computing has constantly been an significant aspect of improved quality of service from cloud service providers. Data storage in the cloud has a problem related to data security. However, cloud computing construct many new security challenges which have not been well examine. In order to ensure that the user's data in the cloud is secure, we have proposed an effective mechanism with a distinctive feature of data integrity and privacy. This paper focusing on problems relating to the cloud data storage techniques and security in virtual environment. We recommend a method for providing data storage and security in cloud using public key Cryptosystem, which uses the concept of the modified RSA algorithm to provide better security for the data stored in the cloud.
Cloud computing is set of resources and services offered through the Internet. Cloud
services are delivered from data centers located throughout the world. Cloud computing
facilitates its consumers by providing virtual resources via internet. The biggest challenge in
cloud computing is the security and privacy problems caused by its multi-tenancy nature and the
outsourcing of infrastructure, sensitive data and critical applications. Enterprises are rapidly adopting
cloud services for their businesses, measures need to be developed so that organizations can be assured
of security in their businesses and can choose a suitable vendor for their computing needs. Cloud
computing depends on the internet as a medium for users to access the required services at any time on
pay-per-use pattern. However this technology is still in its initial stages of development, as it suffers
from threats and vulnerabilities that prevent the users from trusting it. Various malicious activities
from illegal users have threatened this technology such as data misuse, inflexible access control and
limited monitoring. The occurrence of these threats may result into damaging or illegal access of
critical and confidential data of users. In this paper we identify the most vulnerable security
threats/attacks in cloud computing, which will enable both end users and vendors to know a bout
the k ey security threats associated with cloud computing and propose relevant solution directives to
strengthen security in the Cloud environment. We also propose secure cloud architecture for
organizations to strengthen the security.
Study on Fog Computing and Data Concurrency in IoT. Includes an analysis of different data concurrency techniques, their principle and some recent developments in the area. Also covers the topic of Fog Computing and its development and application in IoT.
Texture based feature extraction and object trackingPriyanka Goswami
The project involved developing and implementing different texture analysis based extraction techniques like Local Binary Pattern (LBP), Local Derivative Pattern (LDP) and Local Ternary Pattern (LTP) in MATLAB and carrying out a comparative study by analyzing the effectiveness of each technique using a standard set of images (Yale data set). The most optimum technique is then applied to identify cloud patterns and track their motion (in pixel position changes) in time series images (acquired from weather satellites like GOES) using the Chi-Square Difference method.
The project involved studying some of the popular filters and prediction algorithms used for stock market analysis. Based on that Moving Average Filter, Adaptive Kalman Filter, Multiple Linear Regression Filter, Bollinger Bands, and Chaikin Oscillator were developed and implemented in MATLAB. For carrying out the analysis, daily stock market data of 10 popular companies, over a period of 1 year was used. The overall project developed can be used as a complete package to carry out accurate and efficient stock market analysis and trend study.
The paper includes a study of the most recent prefetching techniques developed for modern day processors, classifying them based on different criteria and performing a qualitative and quantitative evaluation of their performance. It also includes evaluation of the performance of compiler based data prefetching scheme using the built-in prefetcher of gcc compiler.
Data Acquisition System
Topics:Need of Data Acquisition System, DAQ Module, Sensors, Signal conditioning, DAQ hardware, DAQ software, DAQ processors, Advantages & Disadvantages.
Biomedical Image Processing
Topics covered: Biomedical imaging, Need of image processing in medicine, Principles of image processing, Components of image processing, Application of image processing in different medical imaging systems
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECTjpsjournal1
The rivalry between prominent international actors for dominance over Central Asia's hydrocarbon
reserves and the ancient silk trade route, along with China's diplomatic endeavours in the area, has been
referred to as the "New Great Game." This research centres on the power struggle, considering
geopolitical, geostrategic, and geoeconomic variables. Topics including trade, political hegemony, oil
politics, and conventional and nontraditional security are all explored and explained by the researcher.
Using Mackinder's Heartland, Spykman Rimland, and Hegemonic Stability theories, examines China's role
in Central Asia. This study adheres to the empirical epistemological method and has taken care of
objectivity. This study analyze primary and secondary research documents critically to elaborate role of
china’s geo economic outreach in central Asian countries and its future prospect. China is thriving in trade,
pipeline politics, and winning states, according to this study, thanks to important instruments like the
Shanghai Cooperation Organisation and the Belt and Road Economic Initiative. According to this study,
China is seeing significant success in commerce, pipeline politics, and gaining influence on other
governments. This success may be attributed to the effective utilisation of key tools such as the Shanghai
Cooperation Organisation and the Belt and Road Economic Initiative.
Online aptitude test management system project report.pdfKamal Acharya
The purpose of on-line aptitude test system is to take online test in an efficient manner and no time wasting for checking the paper. The main objective of on-line aptitude test system is to efficiently evaluate the candidate thoroughly through a fully automated system that not only saves lot of time but also gives fast results. For students they give papers according to their convenience and time and there is no need of using extra thing like paper, pen etc. This can be used in educational institutions as well as in corporate world. Can be used anywhere any time as it is a web based application (user Location doesn’t matter). No restriction that examiner has to be present when the candidate takes the test.
Every time when lecturers/professors need to conduct examinations they have to sit down think about the questions and then create a whole new set of questions for each and every exam. In some cases the professor may want to give an open book online exam that is the student can take the exam any time anywhere, but the student might have to answer the questions in a limited time period. The professor may want to change the sequence of questions for every student. The problem that a student has is whenever a date for the exam is declared the student has to take it and there is no way he can take it at some other time. This project will create an interface for the examiner to create and store questions in a repository. It will also create an interface for the student to take examinations at his convenience and the questions and/or exams may be timed. Thereby creating an application which can be used by examiners and examinee’s simultaneously.
Examination System is very useful for Teachers/Professors. As in the teaching profession, you are responsible for writing question papers. In the conventional method, you write the question paper on paper, keep question papers separate from answers and all this information you have to keep in a locker to avoid unauthorized access. Using the Examination System you can create a question paper and everything will be written to a single exam file in encrypted format. You can set the General and Administrator password to avoid unauthorized access to your question paper. Every time you start the examination, the program shuffles all the questions and selects them randomly from the database, which reduces the chances of memorizing the questions.
Water billing management system project report.pdfKamal Acharya
Our project entitled “Water Billing Management System” aims is to generate Water bill with all the charges and penalty. Manual system that is employed is extremely laborious and quite inadequate. It only makes the process more difficult and hard.
The aim of our project is to develop a system that is meant to partially computerize the work performed in the Water Board like generating monthly Water bill, record of consuming unit of water, store record of the customer and previous unpaid record.
We used HTML/PHP as front end and MYSQL as back end for developing our project. HTML is primarily a visual design environment. We can create a android application by designing the form and that make up the user interface. Adding android application code to the form and the objects such as buttons and text boxes on them and adding any required support code in additional modular.
MySQL is free open source database that facilitates the effective management of the databases by connecting them to the software. It is a stable ,reliable and the powerful solution with the advanced features and advantages which are as follows: Data Security.MySQL is free open source database that facilitates the effective management of the databases by connecting them to the software.
ACEP Magazine edition 4th launched on 05.06.2024Rahul
This document provides information about the third edition of the magazine "Sthapatya" published by the Association of Civil Engineers (Practicing) Aurangabad. It includes messages from current and past presidents of ACEP, memories and photos from past ACEP events, information on life time achievement awards given by ACEP, and a technical article on concrete maintenance, repairs and strengthening. The document highlights activities of ACEP and provides a technical educational article for members.
Tutorial for 16S rRNA Gene Analysis with QIIME2.pdf
Project 3
1. Study and Analysis of SecurityTechniques for Cloud
Computing
Priyanka Goswami
Electrical and Computer Engineering
The University of Arizona
Tucson, USA
priyankag@email.arizona.edu
Ganesh Raikhelkar
Electrical and Computer Engineering
The University of Arizona
Tucson, USA
ganeshraikhelkar@email.arizona.edu
Abstract— Although Cloud Computing started developing in
the early 1970s, even today it is evolving and developing. With
more people and organizations using the cloud and its services
(SaaS, PaaS and IaaS) for everyday computation needs like data
storage, analysis and management, application development,
working on different platforms and operating systems and
accessing an shared pool of resources, Cloud has become
vulnerable to malicious attacks targeting user information, data
theft, denial of service, data corruption and privacy and
confidentiality issues. This is also due to the reason that there is
lack of standardization in cloud and service providers often do
not provide complete security solutions to the users, thus leaving
them vulnerable to attack. The paper aims to address all the
above issues. Also two possible solutions that address security in
cloud network have been reviewed and compared, with possible
modifications that can be made to make the proposed methods
more immune to possible threats.
Keywords—cloud; security;honeypots;service;network
I. INTRODUCTION
The concept of Cloud Computing, was first explored
in the 1970s, when the cloud symbol was used to
represent an aggregation of computing equipments, in
the ARPANET and then by the CSNET. Over the years,
cloud has evolved by adopting and modifying the
existing technology of Internet and has emerged as a
platform that provides its users services like storage,
data analytics, softwares and various services at optimal
cost. A standard definition for cloud computing was
given by National Institute of Standards and Technology
(NIST) in 2011, as “an model for enabling ubiquitous/
omnipresent convenient, on-demand network access to a
shared pool of configurable computing resources that
can be rapidly provisioned and released with minimal
management effort or service provider interaction [1].
Some of the essential characteristics of cloud, as listed
by NIST, are on-demand self service, wide,
geographically and device independent standard network
access, resource pooling, rapid elasticity to adapt to
changes and metering of resources by the consumer and
the service provider, like pay-per-use. The main services
that are provided by the cloud can be briefly categorized
as follows [1]:
Software as a Service – Also called SaaS, it basically
allows multiple users to access applications,
simultaneously on their devices like laptops or smart
phones, through a network like the Internet, on
different platform like a web browser or user
interface.
Platform as a Service – Also called PaaS, this allows
user to use libraries, tools, languages and softwares
made available by the providers for creating
applications on the cloud.
Infrastructure as a Service – Also called IaaS, this
allows user to store their data on virtual storage space
(the cloud) and access it anywhere and on any device
via the network. Besides storage, users can also
access different operating systems, deploy and run
softwares on different platforms, etc.
With the incorporation of cloud with the Internet of
Things (IoT), many other services like DBaaS
(Database as a Service), SaaS (Sensor as a Service or
Sensor Cloud). SAaaS (Sensing and Actuation as a
Service) and IPMaaS (Identity and Policy
Management as a Service)
With increase in smart phones and wearable
technology and more people getting connected to the
Internet, the no. of service provided by the cloud will
keep increasing and becoming more diverse. According
to the Cisco Global Cloud Index [2], it is predicted by
2020, 90% of all data will be processed in cloud centers,
with the global cloud IP traffic reaching 14.1 ZB and
major part of this traffic (74%), will be targeted for
Software-as-a-Service (SaaS). Additionally, Public cloud
and Community cloud will have an increase in the no. of
user compared to Private cloud.
But with the growth of cloud and an increase in users
with all the services being connected and accessible via
2. network like Internet, Cloud faces many security issues
that maybe similar to the security threats faced by
computers or smart devices connected to the net or
specific to some services provided by cloud like stealing
of confidential data stored on cloud, or denial of service,
that affects not only the Quality of Service but also has
monetary affects, and so in the recent years researchers
and security providers have focused on the different
security issues that affect cloud and possible solutions to
prevent them, which is the focus of this paper. In the
following sections, we will summarize some of the main
security threats that affect cloud and review and compare
possible solutions that can prevent attacks on the cloud.
II. SECURITY ISSUES IN CLOUD COMPUTING
Compared to the traditional Internet based application
and services, Cloud faces higher security threats and is
more prone to attack because first it is still in its initial
developing stage with, no standardization and second
features of cloud like virtualization, location
independence and multiple users with no authentication
makes cloud vulnerable to deception. Security risks like
data loss, denial of service, lack of privacy and assurance
of data integrity is prevalent in the cloud environment
because every cloud service provider will have a
different type of security system, and there is a chance it
may not cover all the aspects. Attackers can use this
weak spot and launch an automated attack on the, using
devices like botnets. This is especially possible if the
cloud is used for static data storage [3].
A major challenge faced by cloud is the threat posed
by “bad repositories” or “Bar”, where services like IaaS
and PaaS are used by attackers, to develop malicious
applications that can compromise the security, data and
privacy of other users [4]. The main reason, for this, as
stated in [4] is the refusal of service providers to scan
user repositories without consent due to privacy policy
and ethical reasons, which causes the attackers to
develop malicious application and softwares undetected,
the lack of transparency to outside security providing
services and observers and different hosting strategies
and security services provided by different cloud service
providers (lack off standard framework). Even if hosts
were able to scan repositories, it is extremely difficult to
detect malicious activities if it is random and
unconnected
Another issue faced on the cloud is ensuring the
privacy of user data, or preventing data theft. With
massive amount of data getting generated every day (big
data), most of it is being stored on the cloud. Some of
the causes of data theft and loss of data integrity,
highlighted in [5] are first users can operate on the data
only remotely but the data may be spread over different
clouds belonging to un-trusted third party organizations
thus compromising data privacy and integrity, second
cloud is a dynamic environment with new data and
services continuously getting stored and old data being
moved around, thus exposing sensitive data to attackers
and third hosts allow services and applications to be run
on the platform, without scanning them. Another issue
with data storage on cloud is breach of confidentiality
and privacy. This can be in the form of some malicious
attack aiming to compromise data integrity and steal
information, or from government agencies
Also most of the current security techniques, which
have been designed keeping the traditional network
framework in mind work on the "fault tolerance
mechanism" [6]. They try to stop an attack, after it has
happened and been detected, i.e. they respond to an
attack. But sometimes there is no attack. An intruder
may simply observe the traffic, keeping track of which
service the user is requesting or type of data the user is
storing in the cloud. With many organizations using
cloud for their everyday transactions and storage, this
information can be critical and is a breach of user
privacy and confidentiality. There are certain techniques
like implementing firewalls and obfuscation based
systems, but they consume resources and also increase
system latency. This cannot be tolerated for resource
intensive applications like using cloud for IoT systems
like smart vehicles and medicine (wearable heart
monitor), where both confidentiality and latency play
critical roles.
Another issue, which is especially relevant to
applications and services being provided on the public
cloud, is authorization and user authentication. In cloud
most SaaS applications require users to authenticate
using user name and password. In the present scenario,
with numerous developers and companies developing
and providing different applications on the cloud, and at
an extremely fast pace, the authentication job is sourced
out to different third party cloud services like Auth0 and
Amazon EC2 [7]. The problem with this scenario is that
if, for example, Amazon EC2 is attacked the user ID and
authentication of a large no. of users are compromised,
irrespective of which application they are using. Also
most developers do not have an in-depth knowledge
about cryptography techniques and network security,
and may create applications that are vulnerable to attack.
3. In this paper we will be focusing on techniques that
address the security issues faced by the network that
connects the user to the cloud (cloud network) and is
used to provide services like SaaS and IaaS. In the
following sections, we will review two possible
solutions, to counter security threats affecting the cloud
network, underlying assumptions, results and the overall
effectiveness of the techniques to handle security threats.
Figure 2. Deployment of decoys, in response to attackers using the active deception model [3] [Source: A. Brzeczko, A.
Uluagac, R. Beyah, J. Copeland, “Active Deception Model for Securing Cloud Infrastructure”, INFOCOM WKSHPS, May
2014]
III. POSSIBLE SOLUTIONS FOR CLOUD SECURITY
There are many varied security measures that are
currently employed by different cloud service providers.
But these techniques are based on the traditional network
structure and do not give the best possible protection
against attackers. Hence there have been many new
methods proposed in the recent years, that are designed
considering the needs and structure of cloud and cloud
based services. In this section we review two such
techniques.
A. Solution 1 – Active Deception Model
The first solution is an active deception model
developed using the underlying principle of honeypots,
by A. Brzeczko, A. Uluagac, R. Beyah, J. Copeland
as described in [3] and is used to counter automated
attacks that target the cloud SaaS which can cause issues
like denial of service and latency. Honeypots/honeynets
have no production value and don't provide any services.
Hence legitimate users will not interact with them, but
intruders will attack every host, without considering if
they provide actual service and in an attack, honeypots
will see sudden increase in traffic, alert the system about
it and since it has no value, the attackers will be allowed
to attack so that more information can be gained from it.
But the problem with using honeypots is they have large
overhead and consume resources like memory and IP
space, which is inefficient. Also they have to be
designed and deployed very carefully into the system
because if the integration is not seamless, attackers will
identify them and avoid them to target the actual services
The method is based on the fact that the cloud is
dynamic since new devices and services are added to it
all the time and this can be used to deceive potential
attackers. In the proposed technique unused resources
like network/IP space, bandwidth, etc. are used to set up
decoys. Attacks are classified and according to the
priority, corresponding no. of decoys are employed. As
the attackers will assume that the decoys are part of the
network, they will continue interacting with the decoys
and this will help the system to collect intelligence about
it and use it for training, assigning priority and future
reference. Hence in the future, if the system encounters a
similar attack, it will identify the malicious host and
direct it away from the main services and production [3].
Figure 2 shows the algorithm and structure of the
technique developed:
The main assumptions made in this method are as
follows:
Decoys are deployed only when demand of resources
on the cloud is less
Because the actual network devices change at a very
fast rate (assuming mobile devices like smart
phones), attackers cannot use a similar technique
every time, unlike in fixed networks.
The decoy coordinator will control the firewall, but
cannot generate content that will affect production.
4. Also production/ actual services will have no role in
the generation of decoys.
Decoys and the actual production hosts are placed on
separate subnets and there is no form of
communication between them
The method was implemented in Canonical’s Juju
framework since it is compatible with most of the
current cloud based APIs [3]. For the testing phase the
authors employed 20% of the resources for setting up
decoys and used an automatic deployment strategy to
respond to threats on N most frequently attacked public
subnet points. The prototype of the method was
developed in python and deployed in a Linux
environment. Testing was carried out on IPv4 subnet
addresses in academic network and the technique was
able to detect 1255 attacks and divert 97.5% of the
malicious traffic, while maintaining communication with
the attacker, in order to collect information, to classify
and prevent similar future attacks, and train the system
further. Figure 3 shows the results of the live setup in
which the decoy library was relegated to Kippo (SSH),
Glastopf (Web) and Dionaea (numerous protocols).
Figure 3. Results of the live test for the active deception
model [3] [Source: A. Brzeczko, A. Uluagac, R. Beyah, J.
Copeland, “Active Deception Model for Securing Cloud
Infrastructure”, INFOCOM WKSHPS, May 2014]
B. Solution 2 – Security Based on Defense in Depth
The second solution is a multilayered system based
on defense in depth, developed by T. Mavroeidakos, A.
Michalas and D. D. Vergados [8]. In the proposed method the
cloud infrastructure is divided into separate defensive zones,
based on the type of data with the proposed security
architecture being deployed in each zone. The actual
architecture will consist of different layers like the perimeter
defense layer, deceptive layer, detection layer and the
cryptography layer, as shown in Figure 4. Along with the
above proposed security architecture, for each defensive
zone separate firewalls and honeynets are also deployed
to prevent attackers from targeting the actual hosts.
Figure 4. Different layers of the proposed security system
architecture in [8] [Source: T. Mavroeidakos, A. Michalas and
D. D. Vergados, "Security architecture based on defense in
depth for Cloud Computing environment," INFOCOM
WKSHPS. 2016]
The model is deployed in the network layer of the
cloud computing environment of OpenStack and consists
of the controller, compute, network, block and object
nodes and implemented on Ubuntu 14.04. The
evaluation was performed using automated tools like
DDOSim, R-U-Dead-Yet (RUDY), LOIC, Nmap,
Nessus and Tcpdump [8] and Table 1 shows the
response of the proposed system to the attacks:
Table 1. Response time of the proposed system in [8] to
simulated attacks [Source: T. Mavroeidakos, A. Michalas and
D. D. Vergados, "Security architecture based on defense in
depth for Cloud Computing environment," INFOCOM
WKSHPS. 2016]
5. C. Analysis of the two proposed solutions
The first solution proposed in [3], the decoys
developed overcome the disadvantages of using
honeypots and also utilise less resources. But since
decoys are developed only when network resources
are free, cloud services will be vulnerable to attack
during periods of high user traffic and resource
utilisation. Also the technique is based on the
assumption that the cloud structure keeps changing.
Hence this feature of variability in cloud is used to
assume that the attacker will probably encounter a
decoy host. So this technique will not be equally
effective for static cloud service like data storage.
The second solution proposed in [8], because of the
deployment of honeypots along with the developed
security system, resources will be used and this will
lower the efficiency of the cloud network. Also by
dividing the cloud in different zones, the load on the
system will be less, and it can fend of different types
of attack. But this arrangement is possible only for
IaaS based storage services. In case of SaaS and
PaaS, the division of cloud cannot be done easily and
for such cases this security architecture will not work.
Also in the simulation result of the second method, it
takes close to 30 min to detect some form of the
attacks. If employed in an real time environment, a
large amount of data and users may be affected even
before the attack is detected and steps are taken to
stop it. Hence there is a need of much more robust
system that prevents the attack from occurring, rather
than take measures, after the attack has occured
One possible solution is to incorporate parts of both
the above techniques together. For example in the
second technique, instead of using honeypots, decoys
developed in the first method can be incorporated to
reduce the resource consumption.
CONCLUSION
Cloud Computing is still evolving and its integration
with other developing technologies like the Internet of
Things, has lead to new services and applications getting
incorporated every day. One of the main reasons for the
popularity of the cloud with application developers and
new users is the ease of access and but this is also the
main reason which leaves cloud exposed to attacks that
target data and user information and also affect the
Quality of Service. Because of the lack of a fixed
security structure, every cloud service provider offers
different set of security measure and this leaves them
exposed to attackers. Also lack of user authentication
and scanning of data and application on the cloud
increases the security risks. Although the above
discussed techniques provide a robust and resource
efficient solution to prevent attacks, still they operate
under assumptions that may not hold true in the real
environment. Although the above techniques provide
robust and effective solutions, they target specific
services of the cloud. In the future there is need of an
standardised security model that can be used effectively
for all types of services provided on the cloud and also
uses minimum network and cloud resources. Also with
IoT devices using cloud for data storage, analysis and
retrieval, security methods have to be designed keeping
in mind the services like SAaaS and DBaaS.
REFERENCES
[1].P. Mell, T. Grance,”The NIST Definition of Cloud
Computing (Technical report)”, National Institute of
Standards and Technology: U.S. Department of
Commerce, doi:10.6028/NIST.SP.800-145, Special
publication 800-145, September 2011
[2]. “Cisco Global Cloud Index: Forecast and
Methodology, 2015-2020 White Paper”, [online]:
www.cisco.com/c/dam/en/us/solutions/...cloud-
index.../white-paper-c11-738085.pdf
[3]. A. Brzeczko, A. S. Uluagac, R. Beyah and J.
Copeland, "Active deception model for securing cloud
infrastructure," 2014 IEEE Conference on Computer
Communications Workshops (INFOCOM WKSHPS),
Toronto, ON, 2014, pp. 535-540.
[4]. X Liao, S Alrwais, K Yuan, L Xing, XF Wang, S
Hao, R. Beyah, ‘Lurking Malice in the Cloud:
Understanding and Detecting Cloud Repository as a
Malicious Service’,Proceedings of the 2016 ACM
SIGSAC Conference on Computer and Communications
Security, Pages 1541-1552, October 2016
[5]. P. Li, S, Guo, T, Miyazaki, M. Xie, J. HU, W.
Zhuang, “Privacy-Preserving Access to Big Data in the
Cloud”, IEEE Cloud Computing, Vol 3, Issue 5, Pages
34-42. Sept.-Oct. 2016
[6]. R. Padilha, F. Pedone, "Confidentiality in the
cloud", Security Privacy IEEE, vol. 13, no. 1, pp. 57-60,
Jan 2015
6. [7]. J. Margulies, “Securing Cloud-Based Applications,
Part 1”, IEEE Security & Privacy Vol. 13, Issue 5,pages
96-98, Sept.-Oct. 2015
[8]. T. Mavroeidakos, A. Michalas and D. D. Vergados,
"Security architecture based on defense in depth for
Cloud Computing environment," 2016 IEEE Conference
on Computer Communications Workshops (INFOCOM
WKSHPS), San Francisco, CA, 2016, pp. 334-339