An approach has been presented in this paper in order to generate a secure environment on internet Based Virtual Computing platform and also to reduce energy consumption in green cloud computing. The proposed approach constantly checks the accuracy of stored data by means of a central control service inside the network environment and also checks system security through isolating single virtual machines using a common virtual environment. This approach has been simulated on two types of Virtual Machine Manager (VMM) Quick EMUlator (Qemu), HVM (Hardware Virtual Machine) Xen and outputs of the simulation in VMInsight show that when service is getting singly used, the overhead of its performance will be increased. As a secure system, the proposed approach is able to recognize malicious behaviors and assure service security by means of operational integrity measurement. Moreover, the rate of system efficiency has been evaluated according to the amount of energy consumption on five applications (Defragmentation, Compression, Linux Boot Decompression and Kernel Boot). Therefore, this has been resulted that to secure multi-tenant environment, managers and supervisors should independently install a security monitoring system for each Virtual Machines (VMs) which will come up to have the management heavy workload of. While the proposed approach, can respond to all VM’s with just one virtual machine as a supervisor.
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...IJNSA Journal
Multi-cloud is an advanced version of cloud computing that allows its users to utilize different cloud systems from several Cloud Service Providers (CSPs) remotely. Although it is a very efficient computing
facility, threat detection, data protection, and vendor lock-in are the major security drawbacks of this infrastructure. These factors act as a catalyst in promoting serious cyber-crimes of the virtual world. Privacy and safety issues of a multi-cloud environment have been overviewed in this research paper. The
objective of this research is to analyze some logical automation and monitoring provisions, such as monitoring Cyber-physical Systems (CPS), home automation, automation in Big Data Infrastructure (BDI), Disaster Recovery (DR), and secret protection. The Results of this research investigation indicate that it is possible to avoid security snags of a multi-cloud interface by adopting these scientific solutions methodically.
IT Security Risk Mitigation Report: Virtualization SecurityBooz Allen Hamilton
Security is a major area of concern for any organization deploying a virtual environment. The introduction of VMs has created security considerations unheard of just a few years ago. This report provides insight into managing these new risks, and shows how Booz Allen’s expertise helps organizations develop comprehensive and secure virtualization solutions that comply with federal security standards.
A Multi-Level Security for Preventing DDOS Attacks in Cloud Environmentsmlaij
Incredible and amazing growths in the meadow of extranet, internet, intranet and its users have developed an innovative period of great global competition and contention. Denial of service attack by several computers is accomplished of distressing the services of competitor servers. The attack can be done for various reasons. So it is a key threat for cloud environment. Distributed-Denial of Service (DDoS) is a key intimidation to network and cloud computing security. Cloud computing Network is a group of nodes that interrelate with each other for switch over the information. So security is the major issue. There are several security attacks in cloud computing. One of the major intimidations to internet examine is DDoS attack. It is a malevolent effort to suspending or suspends services to destination node. DDoS or DoS is an effort to create network resource or the machine is busy to its intentional user. Numerous thoughts are developed for avoid the DDoS or DoS. DDoS occur in two different behaviours they may happen obviously or it may due to some attackers.
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDSIJNSA Journal
Cloud computing is a new innovative model for enterprise in which information is permanently stored on the servers and also manage how and when different resources are allocate to the requested users. It provides distributed approach through which resources are allocated dynamically to the users without investing in the infrastructure or licensing the software’s on the client side. Using the cloud makes processing of information is more commodious but it also present them with new security problems about reliability.This phenomenon introduces serious problems regarding access mechanism to any information stored in the database and resources in the cloud. For the successful implementation of cloud computing it is necessary that we must know different areas where the security is needed. For this there should also governess strategy needed for secure communication between multi-clouds located in different geographical areas or in different countries. In this paper we discuss how to safely utilizing the benefit of cloud computing through the network where data security, provide authentication, integration, recovery, IP spoofing and Virtual Servers are the most captiousfields in the cloud.
Cloud computing has changed the entire process that distributed computing used to present e.g. Grid
computing, server client computing. Cloud computing describes recent developments in many existing IT
technologies and separates application and information resources from the underlying infrastructure.
Cloud computing security is an important aspect of quality of service from cloud service providers.
Security concerns arise as soon as one begins to run applications beyond the designated firewall and move
closer towards the public domain. In violation of security in any component in the cloud can be disaster for
the organization (the customer) as well as for the provider. In this paper, we propose a cloud security
model and security framework that identifies security challenges in cloud computing.
EFFECTIVE METHOD FOR MANAGING AUTOMATION AND MONITORING IN MULTI-CLOUD COMPUT...IJNSA Journal
Multi-cloud is an advanced version of cloud computing that allows its users to utilize different cloud systems from several Cloud Service Providers (CSPs) remotely. Although it is a very efficient computing
facility, threat detection, data protection, and vendor lock-in are the major security drawbacks of this infrastructure. These factors act as a catalyst in promoting serious cyber-crimes of the virtual world. Privacy and safety issues of a multi-cloud environment have been overviewed in this research paper. The
objective of this research is to analyze some logical automation and monitoring provisions, such as monitoring Cyber-physical Systems (CPS), home automation, automation in Big Data Infrastructure (BDI), Disaster Recovery (DR), and secret protection. The Results of this research investigation indicate that it is possible to avoid security snags of a multi-cloud interface by adopting these scientific solutions methodically.
IT Security Risk Mitigation Report: Virtualization SecurityBooz Allen Hamilton
Security is a major area of concern for any organization deploying a virtual environment. The introduction of VMs has created security considerations unheard of just a few years ago. This report provides insight into managing these new risks, and shows how Booz Allen’s expertise helps organizations develop comprehensive and secure virtualization solutions that comply with federal security standards.
A Multi-Level Security for Preventing DDOS Attacks in Cloud Environmentsmlaij
Incredible and amazing growths in the meadow of extranet, internet, intranet and its users have developed an innovative period of great global competition and contention. Denial of service attack by several computers is accomplished of distressing the services of competitor servers. The attack can be done for various reasons. So it is a key threat for cloud environment. Distributed-Denial of Service (DDoS) is a key intimidation to network and cloud computing security. Cloud computing Network is a group of nodes that interrelate with each other for switch over the information. So security is the major issue. There are several security attacks in cloud computing. One of the major intimidations to internet examine is DDoS attack. It is a malevolent effort to suspending or suspends services to destination node. DDoS or DoS is an effort to create network resource or the machine is busy to its intentional user. Numerous thoughts are developed for avoid the DDoS or DoS. DDoS occur in two different behaviours they may happen obviously or it may due to some attackers.
SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDSIJNSA Journal
Cloud computing is a new innovative model for enterprise in which information is permanently stored on the servers and also manage how and when different resources are allocate to the requested users. It provides distributed approach through which resources are allocated dynamically to the users without investing in the infrastructure or licensing the software’s on the client side. Using the cloud makes processing of information is more commodious but it also present them with new security problems about reliability.This phenomenon introduces serious problems regarding access mechanism to any information stored in the database and resources in the cloud. For the successful implementation of cloud computing it is necessary that we must know different areas where the security is needed. For this there should also governess strategy needed for secure communication between multi-clouds located in different geographical areas or in different countries. In this paper we discuss how to safely utilizing the benefit of cloud computing through the network where data security, provide authentication, integration, recovery, IP spoofing and Virtual Servers are the most captiousfields in the cloud.
Cloud computing has changed the entire process that distributed computing used to present e.g. Grid
computing, server client computing. Cloud computing describes recent developments in many existing IT
technologies and separates application and information resources from the underlying infrastructure.
Cloud computing security is an important aspect of quality of service from cloud service providers.
Security concerns arise as soon as one begins to run applications beyond the designated firewall and move
closer towards the public domain. In violation of security in any component in the cloud can be disaster for
the organization (the customer) as well as for the provider. In this paper, we propose a cloud security
model and security framework that identifies security challenges in cloud computing.
Abstract: Distributed computing is a situated of IT administrations that are given to a client more than a system on a rented premise and with the capacity to scale up or down their administration necessities. Generally cloud registering administrations are conveyed by an outsider supplier who possesses the foundation. It favorable circumstances to specify yet a couple incorporate versatility, strength, adaptability, productivity and outsourcing non-center exercises. Distributed computing offers an imaginative plan of action for associations to receive IT benefits without forthright speculation. Notwithstanding the potential increases accomplished from the distributed computing, the associations are moderate in tolerating it because of security issues and difficulties connected with it. Security is one of the significant issues which hamper the development of cloud. The thought of giving over vital information to another organization is troubling; such that the shoppers should be cautious in comprehension the dangers of information breaks in this new environment. This paper presents a point by point examination of the distributed computing security issues furthermore, difficulties concentrating on the distributed computing sorts and the administration conveyance sorts.Keywords: Cloud Computing, Scalability, Infrastructure, IT.
Title: Cloud Computing Security Issues and Challenges
Author: Nishant Katiyar
ISSN 2350-1022
International Journal of Recent Research in Mathematics Computer Science and Information Technology
Paper Publications
Dhana Raj Markandu: Control System Cybersecurity - Challenges in a New Energy...Dhana Raj Markandu
Conference on Electricity Power Supply Industry (CEPSI) 2012, Bali, Indonesia
(Accepted for presentation but not published due to unforeseen withdrawal of author)
Today, in the world of communication, connected systems is growing at a rapid pace. To accommodate this growth the need for computational power and storage is also increasing at a similar rate. Companies are investing a large amount of resources in buying, maintaining and ensuring availability of the system to their customers. To mitigate these issues, cloud computing is playing a major role [1]. The underlying concept of cloud computing dates back to the ‘50s but the term entering into widespread usage can be traced to 2006 when Amazon.com announced the Elastic Compute Cloud. In this paper, we will discuss about cloud security approaches. We have used the term “CloudDrain” to define data leakage in case of security compromise.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
RAMEWORKS FOR CLOUD COMPUTING: A CRITICAL REVIEWijcsit
Cloud computing technology has experienced exponential growth over the past few years. It provides many
advantages for both individuals and organizations. However, at the same time, many issues have arisen due
to the vast growth of cloud computing. Organizations often have concerns about the migration and
utilization of cloud computing due to the loss of control over their outsourced resources and cloud
computing is vulnerable to risks. Thus, a cloud provider needs to manage the cloud computing environment
risks in order to identify, assess, and prioritize the risks in order to decrease those risks, improve security,
increase confidence in cloud services, and relieve organizations’ concerns on the issue of using a cloud
environment. Considering that a conventional risk management framework does not fit well with cloud
computing due to the complexity of its environment, research in this area has become widespread. The aim
of this paper is to review the previously proposed risk management frameworks for cloud computing and to
make a comparison between them in order to determine the strengths and weaknesses of each of them. The
review will consider the extent of the inv
The Riisk and Challllenges off Clloud ComputtiingIJERA Editor
Cloud computing is a computing technology aiming to share storage, computation, and services transparently
among a massive users. Current cloud computing systems pose serious limitation to protecting the confidentiality
of user data. Since the data share and stored is presented in unencrypted forms to remote machines owned and
operated by third party service providers despite it sensitivity (example contact address, mails), the risks of
disclosing user confidential data by service providers may be quite high and the risk of attacking cloud storage
by third party is also increasing. The purpose of this study is to review researches done on this technology,
identify the security risk and explore some techniques for protecting users‟ data from attackers in the cloud.
CARE –AN ARCHITECTURAL APPROACH FOR A MULTIMEDIA ASSISTANCE SYSTEM FOR SINGLE...IJITCA Journal
In contrast to the increasing degree of automation in the production industry, commissioning and maintenance activities will essentially be limited to manual activities. Production involves repetitive actions that are manageable and clearly defined as a process. Unlike this, commissioning and maintenance have to deal with uncontrollable, undefined, and non - standardized processes. The paper provides a
framework for a multimedia assistance system for singletons. It was found that the paradigm has to consist of five key components to provide tailored assistance to customers. These key components are Expertise, Infrastructure, Application & Platforms, Security & Privacy and Business Process & Business Model. The resulting stack and the overlaying business model are called "CaRE – Custom Assistance for Remote Employees". With possible Architectural Smells and Anti-Pattern in mind, a Microservice Architecture shall be presented which forms the backend-system of CaRE.
Internal & External Attacks in cloud computing Environment from confidentiali...iosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Virtualization is a technology that has greatly benefited businesses around the globe. The technology has a significant impact on the modern IT landscape and today plays a key role in the development and delivery of cloud computing solutions.However, the adoption of this advanced technology has major security implications on businesses
today. The adoption of Virtualization has openeddoors to a broad range of challenges for businesses in the industry. Especially, for organizations
that are PCI regulated and required to comply with PCI DSS Standards, the challenges in this area only seem to grow.
A Survey on Security Risk Management Frameworks in Cloud Computing csandit
Cloud computing technology has experienced exponential growth over the past few years. It
provides many advantages for both individuals and organizations. However, at the same time,
many issues have arisen due to the vast growth of cloud computing. Organizations often have
concerns about the migration and utilization of cloud computing due to the loss of control over
their outsourced resources and cloud computing is vulnerable to risks. Thus, a cloud provider
needs to manage the cloud computing environment risks in order to identify, assess, and
prioritize the risks in order to decrease those risks, improve security, increase confidence in
cloud services, and relieve organizations’ concerns on the issue of using a cloud environment.
Considering that a conventional risk management framework does not fit well with cloud
computing due to the complexity of its environment, research in this area has become
widespread. The aim of this paper is to review the previously proposed risk management
frameworks for cloud computing and to make a comparison between them in order to determine
the strengths and weaknesses of each of them. The review will consider the extent of the
involvement and participation of consumers in cloud computing and other issues.
Analyzing the Difference of Cluster, Grid, Utility & Cloud ComputingIOSRjournaljce
: Virtualization and cloud computing is creating a fundamental change in computer architecture,
software and tools development, in the way we store, distribute and consume information. In the recent era of
autonomic computing it comes the importance and need of basic concepts of having and sharing various
hardware and software and other resources & applications that can manage themself with high level of human
guidance. Virtualization or Autonomic computing is not a new to the world, but it developed rapidly with Cloud
computing. In this paper there give an overview of various types of computing. There will be discussion on
Cluster, Grid computing, Utility & Cloud Computing. Analysis architecture, differences between them,
characteristics , its working, advantages and disadvantages
Ant colony Optimization: A Solution of Load balancing in Cloud dannyijwest
As the cloud computing is a new style of computing over internet. It has many advantages along with some
crucial issues to be resolved in order to improve reliability of cloud environment. These issues are related
with the load management, fault tolerance and different security issues in cloud environment. In this paper
the main concern is load balancing in cloud computing. The load can be CPU load, memory capacity,
delay or network load. Load balancing is the process of distributing the load among various nodes of a
distributed system to improve both resource utilization and job response time while also avoiding a
situation where some of the nodes are heavily loaded while other nodes are idle or doing very little work.
Load balancing ensures that all the processor in the system or every node in the network does
approximately the equal amount of work at any instant of time. Many methods to resolve this problem has
been came into existence like Particle Swarm Optimization, hash method, genetic algorithms and several
scheduling based algorithms are there. In this paper we are proposing a method based on Ant Colony
optimization to resolve the problem of load balancing in cloud environment.
Abstract: Distributed computing is a situated of IT administrations that are given to a client more than a system on a rented premise and with the capacity to scale up or down their administration necessities. Generally cloud registering administrations are conveyed by an outsider supplier who possesses the foundation. It favorable circumstances to specify yet a couple incorporate versatility, strength, adaptability, productivity and outsourcing non-center exercises. Distributed computing offers an imaginative plan of action for associations to receive IT benefits without forthright speculation. Notwithstanding the potential increases accomplished from the distributed computing, the associations are moderate in tolerating it because of security issues and difficulties connected with it. Security is one of the significant issues which hamper the development of cloud. The thought of giving over vital information to another organization is troubling; such that the shoppers should be cautious in comprehension the dangers of information breaks in this new environment. This paper presents a point by point examination of the distributed computing security issues furthermore, difficulties concentrating on the distributed computing sorts and the administration conveyance sorts.Keywords: Cloud Computing, Scalability, Infrastructure, IT.
Title: Cloud Computing Security Issues and Challenges
Author: Nishant Katiyar
ISSN 2350-1022
International Journal of Recent Research in Mathematics Computer Science and Information Technology
Paper Publications
Dhana Raj Markandu: Control System Cybersecurity - Challenges in a New Energy...Dhana Raj Markandu
Conference on Electricity Power Supply Industry (CEPSI) 2012, Bali, Indonesia
(Accepted for presentation but not published due to unforeseen withdrawal of author)
Today, in the world of communication, connected systems is growing at a rapid pace. To accommodate this growth the need for computational power and storage is also increasing at a similar rate. Companies are investing a large amount of resources in buying, maintaining and ensuring availability of the system to their customers. To mitigate these issues, cloud computing is playing a major role [1]. The underlying concept of cloud computing dates back to the ‘50s but the term entering into widespread usage can be traced to 2006 when Amazon.com announced the Elastic Compute Cloud. In this paper, we will discuss about cloud security approaches. We have used the term “CloudDrain” to define data leakage in case of security compromise.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
RAMEWORKS FOR CLOUD COMPUTING: A CRITICAL REVIEWijcsit
Cloud computing technology has experienced exponential growth over the past few years. It provides many
advantages for both individuals and organizations. However, at the same time, many issues have arisen due
to the vast growth of cloud computing. Organizations often have concerns about the migration and
utilization of cloud computing due to the loss of control over their outsourced resources and cloud
computing is vulnerable to risks. Thus, a cloud provider needs to manage the cloud computing environment
risks in order to identify, assess, and prioritize the risks in order to decrease those risks, improve security,
increase confidence in cloud services, and relieve organizations’ concerns on the issue of using a cloud
environment. Considering that a conventional risk management framework does not fit well with cloud
computing due to the complexity of its environment, research in this area has become widespread. The aim
of this paper is to review the previously proposed risk management frameworks for cloud computing and to
make a comparison between them in order to determine the strengths and weaknesses of each of them. The
review will consider the extent of the inv
The Riisk and Challllenges off Clloud ComputtiingIJERA Editor
Cloud computing is a computing technology aiming to share storage, computation, and services transparently
among a massive users. Current cloud computing systems pose serious limitation to protecting the confidentiality
of user data. Since the data share and stored is presented in unencrypted forms to remote machines owned and
operated by third party service providers despite it sensitivity (example contact address, mails), the risks of
disclosing user confidential data by service providers may be quite high and the risk of attacking cloud storage
by third party is also increasing. The purpose of this study is to review researches done on this technology,
identify the security risk and explore some techniques for protecting users‟ data from attackers in the cloud.
CARE –AN ARCHITECTURAL APPROACH FOR A MULTIMEDIA ASSISTANCE SYSTEM FOR SINGLE...IJITCA Journal
In contrast to the increasing degree of automation in the production industry, commissioning and maintenance activities will essentially be limited to manual activities. Production involves repetitive actions that are manageable and clearly defined as a process. Unlike this, commissioning and maintenance have to deal with uncontrollable, undefined, and non - standardized processes. The paper provides a
framework for a multimedia assistance system for singletons. It was found that the paradigm has to consist of five key components to provide tailored assistance to customers. These key components are Expertise, Infrastructure, Application & Platforms, Security & Privacy and Business Process & Business Model. The resulting stack and the overlaying business model are called "CaRE – Custom Assistance for Remote Employees". With possible Architectural Smells and Anti-Pattern in mind, a Microservice Architecture shall be presented which forms the backend-system of CaRE.
Internal & External Attacks in cloud computing Environment from confidentiali...iosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Virtualization is a technology that has greatly benefited businesses around the globe. The technology has a significant impact on the modern IT landscape and today plays a key role in the development and delivery of cloud computing solutions.However, the adoption of this advanced technology has major security implications on businesses
today. The adoption of Virtualization has openeddoors to a broad range of challenges for businesses in the industry. Especially, for organizations
that are PCI regulated and required to comply with PCI DSS Standards, the challenges in this area only seem to grow.
A Survey on Security Risk Management Frameworks in Cloud Computing csandit
Cloud computing technology has experienced exponential growth over the past few years. It
provides many advantages for both individuals and organizations. However, at the same time,
many issues have arisen due to the vast growth of cloud computing. Organizations often have
concerns about the migration and utilization of cloud computing due to the loss of control over
their outsourced resources and cloud computing is vulnerable to risks. Thus, a cloud provider
needs to manage the cloud computing environment risks in order to identify, assess, and
prioritize the risks in order to decrease those risks, improve security, increase confidence in
cloud services, and relieve organizations’ concerns on the issue of using a cloud environment.
Considering that a conventional risk management framework does not fit well with cloud
computing due to the complexity of its environment, research in this area has become
widespread. The aim of this paper is to review the previously proposed risk management
frameworks for cloud computing and to make a comparison between them in order to determine
the strengths and weaknesses of each of them. The review will consider the extent of the
involvement and participation of consumers in cloud computing and other issues.
Analyzing the Difference of Cluster, Grid, Utility & Cloud ComputingIOSRjournaljce
: Virtualization and cloud computing is creating a fundamental change in computer architecture,
software and tools development, in the way we store, distribute and consume information. In the recent era of
autonomic computing it comes the importance and need of basic concepts of having and sharing various
hardware and software and other resources & applications that can manage themself with high level of human
guidance. Virtualization or Autonomic computing is not a new to the world, but it developed rapidly with Cloud
computing. In this paper there give an overview of various types of computing. There will be discussion on
Cluster, Grid computing, Utility & Cloud Computing. Analysis architecture, differences between them,
characteristics , its working, advantages and disadvantages
Ant colony Optimization: A Solution of Load balancing in Cloud dannyijwest
As the cloud computing is a new style of computing over internet. It has many advantages along with some
crucial issues to be resolved in order to improve reliability of cloud environment. These issues are related
with the load management, fault tolerance and different security issues in cloud environment. In this paper
the main concern is load balancing in cloud computing. The load can be CPU load, memory capacity,
delay or network load. Load balancing is the process of distributing the load among various nodes of a
distributed system to improve both resource utilization and job response time while also avoiding a
situation where some of the nodes are heavily loaded while other nodes are idle or doing very little work.
Load balancing ensures that all the processor in the system or every node in the network does
approximately the equal amount of work at any instant of time. Many methods to resolve this problem has
been came into existence like Particle Swarm Optimization, hash method, genetic algorithms and several
scheduling based algorithms are there. In this paper we are proposing a method based on Ant Colony
optimization to resolve the problem of load balancing in cloud environment.
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Editor IJCATR
Network Intrusion detection and Countermeasure Election in virtual network systems (NICE) are used to establish a
defense-in-depth intrusion detection framework. For better attack detection, NICE incorporates attack graph analytical procedures into
the intrusion detection processes. We must note that the design of NICE does not intend to improve any of the existing intrusion
detection algorithms; indeed, NICE employs a reconfigurable virtual networking approach to detect and counter the attempts to
compromise VMs, thus preventing zombie VMs. NICE includes two main phases: deploy a lightweight mirroring-based network
intrusion detection agent (NICE-A) on each cloud server to capture and analyze cloud traffic. A NICE-A periodically scans the virtual
system vulnerabilities within a cloud server to establish Scenario Attack Graph (SAGs), and then based on the severity of identified
vulnerability toward the collaborative attack goals, NICE will decide whether or not to put a VM in network inspection state. Once a
VM enters inspection state, Deep Packet Inspection (DPI) is applied, and/or virtual network reconfigurations can be deployed to the
inspecting VM to make the potential attack behaviors prominent.
Sections:
Introduction
Cloud Computing background
Securing the Cloud
Virtualization
Mobile Cloud Computing
User safety & energy consumption
Author’s proposal
Conclusion
In order to make cloud computing to be adopted by users and enterprises, security concerns of users should be rectified by making cloud environment trustworthy, discussed by Latif et al. in the assessment of cloud computing risks[2].
We address the questions related to:
security concerns and threats over general cloud computing,
(2) the solutions for these problems and
(3) mobile users safety in convergence with energy consumption.
A SURVEY ON SECURITY CHALLENGES OF VIRTUALIZATION TECHNOLOGY IN CLOUD COMPUTINGijcsit
Virtualization has become a widely and attractive employed technology in cloud computing environments. Sharing of a single physical machine between multiple isolated virtual machines leading to a more optimized hardware usage, as well as make the migration and management of a virtual system more efficiently than its physical counterpart. Virtualization is a fundamental technology in a cloud environment. However, the presence of an additional abstraction layer among software and hardware causes new security issues. Security issues related to virtualization technology have become a significant concern for organizations due to arising some new security challenges.
Virtualization has become a widely and attractive employed technology in cloud computing environments. Sharing of a single physical machine between multiple isolated virtual machines leading to a more optimized hardware usage, as well as make the migration and management of a virtual system more efficiently than its physical counterpart. Virtualization is a fundamental technology in a cloud environment. However, the presence of an additional abstraction layer among software and hardware causes new security issues. Security issues related to virtualization technology have become a significant concern for organizations due to arising some new security challenges. This paper aims to identify the main challenges and risks of virtualization in cloud computing environments. Furthermore, it focuses on some common virtual-related threats and attacks affect the security of cloud computing. The survey was conducted to obtain the views of the cloud stakeholders on virtualization vulnerabilities, threats, and approaches that can be used to overcome them. Finally, we propose recommendations for improving security, and mitigating risks encounter virtualization that necessary to adopt secure cloud computing.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
Cloud computing is a progressive innovation that has achieved new extravagances in the field of
Information Technology. It gives a wellspring of information and application programming stockpiling as
colossal server farms called 'mists', which can be gotten to with the assistance of a system association.
These mists boost the capacities of undertakings with no additional set-up, faculty or permitting costs.
Mists are for the most part sent utilizing Public, Private or Hybrid models relying on the necessities of the
client. In this paper, we have explored the distributed computing engineering, concentrating on the
elements of the Public, Private and Hybrid cloud models. There is a dire need to examine the performance
of a cloud environment on several metrics and enhance its usability and capability. This paper aims at
highlighting important contributions of various researchers in domains like computational power,
performance provisioning, Load balancing and SLAs.
A traditional computing environment requires a costly
infrastructure to offer a better service to users. The introduction
of cloud computing has changed the working environment from
traditional to virtual. A larger number of IT companies are
utilizing the cloud. On the one hand, the cloud attracts more
number of consumers by offering services with minimized
capital cost and virtual infrastructure. On the other hand, there
are a risk and security challenges in cloud computing that
makes the user not to move completely towards it. The cloud
environment is more vulnerable to security breaches and data
theft. Moreover, insider attacks are more frequent in larger
enterprises. An unauthenticated user can cause more damage
to company reputation. The cloud service providers are trying
to provide a secure work environment for users. However,
there is a lack of global standards and policies to invoke
security measures in cloud computing. This study aims to
highlight and classify security challenges and trust issues in the
cloud environment.
The survey was conducted in various institutions and
governmental organizations in Saudi Arabia to study the
opinions of stakeholders on cloud computing security
challenges and risks.
Links:
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
Virtualized Web Desktop Towards A Faster Web Cloud Operating Systemijbuiiir1
All Operating Systems provide interface to users and inherent applications running on a system. Today with the advancement in the field of cloud computing, its services are in high demand. The Cloud is becoming an active paradigm of computation through services. However, such services do not prove to be very efficient in slow networks. Thus, the paper intends to achieve faster response of services provided by the Cloud infrastructure through the use of a new mechanism of servicing client requests. The focus of the paper is to realize most operating system functions at the client side over the Cloud infrastructure using the virtualization technique. It also proposes to overcome the issues present in the current infrastructure service and resulting in a faster service
SECURITY AND PRIVACY OF SENSITIVE DATA IN CLOUD COMPUTING: A SURVEY OF RECENT...cscpconf
Cloud computing is revolutionizing many ecosystems by providing organizations with computing resources featuring easy deployment, connectivity, configuration, automation and scalability. This paradigm shift raises a broad range of security and privacy issues that must be taken into consideration. Multi-tenancy, loss of control, and trust are key challenges in cloud computing environments. This paper reviews the existing technologies and a wide array of both earlier and state-of-the-art projects on cloud security and privacy. We categorize the existing research according to the cloud reference architecture orchestration, resource control, physical resource, and cloud service management layers, in addition to reviewing the existing developments in privacy-preserving sensitive data approaches in cloud computing such as privacy threat modeling and privacy enhancing protocols and solutions.
Similar to Using Virtualization Technique to Increase Security and Reduce Energy Consumption in Cloud Computing (20)
Help the Genetic Algorithm to Minimize the Urban Traffic on IntersectionsIJORCS
Control of traffic lights at the intersections of the main issues is the optimal traffic. Intersections to regulate traffic flow of vehicles and eliminate conflicting traffic flows are used. Modeling and simulation of traffic are widely used in industry. In fact, the modeling and simulation of an industrial system is studied before creating economically and when it is affordable. The aim of this article is a smart way to control traffic. The first stage of the project with the objective of collecting statistical data (cycle time of each of the intersection of the lights of vehicles is waiting for a red light) steps where the data collection found optimal amounts next it is. Introduced by genetic algorithm optimization of parameters is performed. GA begin with coding step as a binary variable (the range specified by the initial data set is obtained) will start with an initial population and then a new generation of genetic operators mutation and crossover and will Finally, the members of the optimal fitness values are selected as the solution set. The optimal output of Petri nets CPN TOOLS modeling and software have been implemented. The results indicate that the performance improvement project in intersections traffic control systems. It is known that other data collected and enforced intersections of evolutionary methods such as genetic algorithms to reduce the waiting time for traffic lights behind the red lights and to determine the appropriate cycle.
Welcoming the research scholars, scientists around the globe in the Open Access Dimension, IJORCS is now accepting manuscripts for its next issue (Volume 4, Issue 4). Authors are encouraged to contribute to the research community by submitting to IJORCS, articles that clarify new research results, projects, surveying works and industrial experiences that describe significant advances in field of computer science.
All paper submissions (http://www.ijorcs.org/submit-paper) are received and managed electronically by IJORCS Team. Detailed instructions about the submission procedure are available on IJORCS website (http://www.ijorcs.org/author-guidelines)
License plate recognition system is one of the core technologies in intelligent traffic control. In this paper, a new and tunable algorithm which can detect multiple license plates in high resolution applications is proposed. The algorithm aims at investigation into and identification of the novel Iranian and some European countries plate, characterized by both inclusion of blue area on it and its geometric shape. Obviously, the suggested algorithm contains suitable velocity due to not making use of heavy pre-processing operation such as image-improving filters, edge-detection operation and omission of noise at the beginning stages. So, the recommended method of ours is compatible with model-adaptation, i.e., the very blue section of the plate so that the present method indicated the fact that if several plates are included in the image, the method can successfully manage to detect it. We evaluated our method on the two Persian single vehicle license plate data set that we obtained 99.33, 99% correct recognition rate respectively. Further we tested our algorithm on the Persian multiple vehicle license plate data set and we achieved 98% accuracy rate. Also we obtained approximately 99% accuracy in character recognition stage.
FPGA Implementation of FIR Filter using Various Algorithms: A RetrospectiveIJORCS
This Paper is a review study of FPGA implementation of Finite Impulse response (FIR) with low cost and high performance. The key observation of this paper is an elaborate analysis about hardware implementations of FIR filters using different algorithm i.e., Distributed Arithmetic (DA), DA-Offset Binary Coding (DA-OBC), Common Sub-expression Elimination (CSE) and sum-of-power-of-two (SOPOT) with less resources and without affecting the performance of the original FIR Filter.
Algebraic Fault Attack on the SHA-256 Compression FunctionIJORCS
The cryptographic hash function SHA-256 is one member of the SHA-2 hash family, which was proposed in 2000 and was standardized by NIST in 2002 as a successor of SHA-1. Although the differential fault attack on SHA-1compression function has been proposed, it seems hard to be directly adapted to SHA-256. In this paper, an efficient algebraic fault attack on SHA-256 compression function is proposed under the word-oriented random fault model. During the attack, an automatic tool STP is exploited, which constructs binary expressions for the word-based operations in SHA-256 compression function and then invokes a SAT solver to solve the equations. The simulation of the new attack needs about 65 fault injections to recover the chaining value and the input message block with about 200 seconds on average. Moreover, based on the attack on SHA-256 compression function, an almost universal forgery attack on HMAC-SHA-256 is presented. Our algebraic fault analysis is generic, automatic and can be applied to other ARX-based primitives.
Enhancement of DES Algorithm with Multi State LogicIJORCS
The principal goal to design any encryption algorithm must be the security against unauthorized access or attacks. Data Encryption Standard algorithm is a symmetric key algorithm and it is used to secure the data. Enhanced DES algorithm works on increasing the key length or complex S-BOX design or increased the number of states in which the information is to be represented or combination of above criteria. By increasing the key length, the number of combinations for key will increase which is hard for the intruder to do the brute force attack. As the S-BOX design will become the complex there will be a good avalanche effect. As the number of states increases in which the information is represented, it is hard for the intruder to crack the actual information. Proposed algorithm replace the predefined XOR operation applied during the 16 round of the standard algorithm by a new operation called “Hash function” depends on using two keys. One key used in “F” function and another key consists of a combination of 16 states (0,1,2…13,14,15) instead of the ordinary 2 state key (0, 1). This replacement adds a new level of protection strength and more robustness against breaking methods.
Hybrid Simulated Annealing and Nelder-Mead Algorithm for Solving Large-Scale ...IJORCS
This paper presents a new algorithm for solving large scale global optimization problems based on hybridization of simulated annealing and Nelder-Mead algorithm. The new algorithm is called simulated Nelder-Mead algorithm with random variables updating (SNMRVU). SNMRVU starts with an initial solution, which is generated randomly and then the solution is divided into partitions. The neighborhood zone is generated, random number of partitions are selected and variables updating process is starting in order to generate a trail neighbor solutions. This process helps the SNMRVU algorithm to explore the region around a current iterate solution. The Nelder- Mead algorithm is used in the final stage in order to improve the best solution found so far and accelerates the convergence in the final stage. The performance of the SNMRVU algorithm is evaluated using 27 scalable benchmark functions and compared with four algorithms. The results show that the SNMRVU algorithm is promising and produces high quality solutions with low computational costs.
Welcoming the research scholars, scientists around the globe in the Open Access Dimension, IJORCS is now accepting manuscripts for its next issue (Volume 4, Issue 2). Authors are encouraged to contribute to the research community by submitting to IJORCS, articles that clarify new research results, projects, surveying works and industrial experiences that describe significant advances in field of computer science.
To view complete list of topics coverage of IJORCS, Aim & Scope, please visit, www.ijorcs.org/scope
Welcoming the research scholars, scientists around the globe in the Open Access Dimension, IJORCS is now accepting manuscripts for its next issue (Volume 4, Issue 1). Authors are encouraged to contribute to the research community by submitting to IJORCS, articles that clarify new research results, projects, surveying works and industrial experiences that describe significant advances in field of computer science.
Voice Recognition System using Template MatchingIJORCS
It is easy for human to recognize familiar voice but using computer programs to identify a voice when compared with others is a herculean task. This is due to the problem that is encountered when developing the algorithm to recognize human voice. It is impossible to say a word the same way in two different occasions. Human speech analysis by computer gives different interpretation based on varying speed of speech delivery. This research paper gives detail description of the process behind implementation of an effective voice recognition algorithm. The algorithm utilize discrete Fourier transform to compare the frequency spectra of two voice samples because it remained unchanged as speech is slightly varied. Chebyshev inequality is then used to determine whether the two voices came from the same person. The algorithm is implemented and tested using MATLAB.
Channel Aware Mac Protocol for Maximizing Throughput and FairnessIJORCS
The proper channel utilization and the queue length aware routing protocol is a challenging task in MANET. To overcome this drawback we are extending the previous work by improving the MAC protocol to maximize the Throughput and Fairness. In this work we are estimating the channel condition and Contention for a channel aware packet scheduling and the queue length is also calculated for the routing protocol which is aware of the queue length. The channel is scheduled based on the channel condition and the routing is carried out by considering the queue length. This queue length will provide a measurement of traffic load at the mobile node itself. Depending upon this load the node with the lesser load will be selected for the routing; this will effectively balance the load and improve the throughput of the ad hoc network.
A Review and Analysis on Mobile Application Development Processes using Agile...IJORCS
Over a last decade, mobile telecommunication industry has observed a rapid growth, proved to be highly competitive, uncertain and dynamic environment. Besides its advancement, it has also raised number of questions and gained concern both in industry and research. The development process of mobile application differs from traditional softwares as the users expect same features similar to their desktop computer applications with additional mobile specific functionalities. Advanced mobile applications require assimilation with existing enterprise computing systems such as databases, legacy applications and Web services. In addition, the lifecycle of a mobile application moves much faster than that of a traditional Web application and therefore the lifecycle management associated therein must be adjusted accordingly. The Security and application testing are more stimulating and interesting in mobile application than in Web applications since the technology in mobile devices progresses rapidly and developers must stay in touch with the latest developments, news and trends in their area of work. With the rising competence of software market, researchers are seeking more flexible methods that can adjust to dynamic situations where software system requirements are changing over time, producing valuable software in short duration and within low budget. The intrinsic uncertainty and complexity in any software project therefore requires an iterative developmental plan to cope with uncertainty and a large number of unknown variables. Agile Methodologies were thus introduced to meet the new requirements of the software development companies. The agile methodologies aim at facilitating software development processes where changes are acceptable at any stage and provide a structure for highly collaborative software development. Therefore, the present paper aims in reviewing and analysing different prevalent methodologies utilizing agile techniques that are currently in use for the development of mobile applications. This paper provides a detailed review and analysis on the use of agile methodologies in the proposed processes associated with mobile application skills and highlights its benefit and constraints. In addition, based on this analysis, future research needs are identified and discussed.
Congestion Prediction and Adaptive Rate Adjustment Technique for Wireless Sen...IJORCS
In general, nodes in Wireless Sensor Networks (WSNs) are equipped with limited battery and computation capabilities but the occurrence of congestion consumes more energy and computation power by retransmitting the data packets. Thus, congestion should be regulated to improve network performance. In this paper, we propose a congestion prediction and adaptive rate adjustment technique for Wireless Sensor Networks. This technique predicts congestion level using fuzzy logic system. Node degree, data arrival rate and queue length are taken as inputs to the fuzzy system and congestion level is obtained as an outcome. When the congestion level is amidst moderate and maximum ranges, adaptive rate adjustment technique is triggered. Our technique prevents congestion by controlling data sending rate and also avoids unsolicited packet losses. By simulation, we prove the proficiency our technique. It increases system throughput and network performance significantly.
A Study of Routing Techniques in Intermittently Connected MANETsIJORCS
A Mobile Ad hoc Network (MANET) is a self-configuring infrastructure less network of mobile devices connected by wireless. These are a kind of wireless Ad hoc Networks that usually has a routable networking environment on top of a Link Layer Ad hoc Network. The routing approach in MANET includes mainly three categories viz., Reactive Protocols, Proactive Protocols and Hybrid Protocols. These traditional routing schemes are not pertinent to the so called Intermittently Connected Mobile Ad hoc Network (ICMANET). ICMANET is a form of Delay Tolerant Network, where there never exists a complete end – to – end path between two nodes wishing to communicate. The intermittent connectivity araise when network is sparse or highly mobile. Routing in such a spasmodic environment is arduous. In this paper, we put forward the indication of prevailing routing approaches for ICMANET with their benefits and detriments
Improving the Efficiency of Spectral Subtraction Method by Combining it with ...IJORCS
In the field of speech signal processing, Spectral subtraction method (SSM) has been successfully implemented to suppress the noise that is added acoustically. SSM does reduce the noise at satisfactory level but musical noise is a major drawback of this method. To implement spectral subtraction method, transformation of speech signal from time domain to frequency domain is required. On the other hand, Wavelet transform displays another aspect of speech signal. In this paper we have applied a new approach in which SSM is cascaded with wavelet thresholding technique (WTT) for improving the quality of speech signal by removing the problem of musical noise to a great extent. Results of this proposed system have been simulated on MATLAB.
An Adaptive Load Sharing Algorithm for Heterogeneous Distributed SystemIJORCS
Due to the restriction of designing faster and faster computers, one has to find the ways to maximize the performance of the available hardware. A distributed system consists of several autonomous nodes, where some nodes are busy with processing, while some nodes are idle without any processing. To make better utilization of the hardware, the tasks or load of the overloaded node will be sent to the under loaded node that has less processing weight to minimize the response time of the tasks. Load balancing is a tool used effectively for balancing the load among the systems. Dynamic load balancing takes into account of the current system state for migration of the tasks from heavily loaded nodes to the lightly loaded nodes. In this paper, we devised an adaptive load-sharing algorithm to balance the load by taking into consideration of connectivity among the nodes, processing capacity of each node and link capacity.
The Design of Cognitive Social Simulation Framework using Statistical Methodo...IJORCS
Modeling the behavior of the cognitive architecture in the context of social simulation using statistical methodologies is currently a growing research area. Normally, a cognitive architecture for an intelligent agent involves artificial computational process which exemplifies theories of cognition in computer algorithms under the consideration of state space. More specifically, for such cognitive system with large state space the problem like large tables and data sparsity are faced. Hence in this paper, we have proposed a method using a value iterative approach based on Q-learning algorithm, with function approximation technique to handle the cognitive systems with large state space. From the experimental results in the application domain of academic science it has been verified that the proposed approach has better performance compared to its existing approaches.
An Enhanced Framework for Improving Spatio-Temporal Queries for Global Positi...IJORCS
To efficiently process continuous spatio-temporal queries, we need to efficiently and effectively handle large number of moving objects and continuous updates on these queries. In this paper, we propose a framework that employs a new indexing algorithm that is built on top of SQL Server 2008 and avoid the overhead related to R-Tree indexing. To answer range queries, we utilize dynamic materialized view concept to efficiently handle update queries. We propose an adaptive safe region to reduce communication costs between the client and the server and to minimize position update load. Caching of results was utilized to enhance the overall performance of the framework. To handle concurrent spatio-temporal queries, we utilize publish/subscribe paradigm to group similar queries and efficiently process these requests. Experiments show that the overall proposed framework performance was able to outperform R-Tree index and produce promising and satisfactory results.
A PSO-Based Subtractive Data Clustering AlgorithmIJORCS
There is a tremendous proliferation in the amount of information available on the largest shared information source, the World Wide Web. Fast and high-quality clustering algorithms play an important role in helping users to effectively navigate, summarize, and organize the information. Recent studies have shown that partitional clustering algorithms such as the k-means algorithm are the most popular algorithms for clustering large datasets. The major problem with partitional clustering algorithms is that they are sensitive to the selection of the initial partitions and are prone to premature converge to local optima. Subtractive clustering is a fast, one-pass algorithm for estimating the number of clusters and cluster centers for any given set of data. The cluster estimates can be used to initialize iterative optimization-based clustering methods and model identification methods. In this paper, we present a hybrid Particle Swarm Optimization, Subtractive + (PSO) clustering algorithm that performs fast clustering. For comparison purpose, we applied the Subtractive + (PSO) clustering algorithm, PSO, and the Subtractive clustering algorithms on three different datasets. The results illustrate that the Subtractive + (PSO) clustering algorithm can generate the most compact clustering results as compared to other algorithms.
Multi-source connectivity as the driver of solar wind variability in the heli...Sérgio Sacani
The ambient solar wind that flls the heliosphere originates from multiple
sources in the solar corona and is highly structured. It is often described
as high-speed, relatively homogeneous, plasma streams from coronal
holes and slow-speed, highly variable, streams whose source regions are
under debate. A key goal of ESA/NASA’s Solar Orbiter mission is to identify
solar wind sources and understand what drives the complexity seen in the
heliosphere. By combining magnetic feld modelling and spectroscopic
techniques with high-resolution observations and measurements, we show
that the solar wind variability detected in situ by Solar Orbiter in March
2022 is driven by spatio-temporal changes in the magnetic connectivity to
multiple sources in the solar atmosphere. The magnetic feld footpoints
connected to the spacecraft moved from the boundaries of a coronal hole
to one active region (12961) and then across to another region (12957). This
is refected in the in situ measurements, which show the transition from fast
to highly Alfvénic then to slow solar wind that is disrupted by the arrival of
a coronal mass ejection. Our results describe solar wind variability at 0.5 au
but are applicable to near-Earth observatories.
Professional air quality monitoring systems provide immediate, on-site data for analysis, compliance, and decision-making.
Monitor common gases, weather parameters, particulates.
Nutraceutical market, scope and growth: Herbal drug technologyLokesh Patil
As consumer awareness of health and wellness rises, the nutraceutical market—which includes goods like functional meals, drinks, and dietary supplements that provide health advantages beyond basic nutrition—is growing significantly. As healthcare expenses rise, the population ages, and people want natural and preventative health solutions more and more, this industry is increasing quickly. Further driving market expansion are product formulation innovations and the use of cutting-edge technology for customized nutrition. With its worldwide reach, the nutraceutical industry is expected to keep growing and provide significant chances for research and investment in a number of categories, including vitamins, minerals, probiotics, and herbal supplements.
Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...Sérgio Sacani
We characterize the earliest galaxy population in the JADES Origins Field (JOF), the deepest
imaging field observed with JWST. We make use of the ancillary Hubble optical images (5 filters
spanning 0.4−0.9µm) and novel JWST images with 14 filters spanning 0.8−5µm, including 7 mediumband filters, and reaching total exposure times of up to 46 hours per filter. We combine all our data
at > 2.3µm to construct an ultradeep image, reaching as deep as ≈ 31.4 AB mag in the stack and
30.3-31.0 AB mag (5σ, r = 0.1” circular aperture) in individual filters. We measure photometric
redshifts and use robust selection criteria to identify a sample of eight galaxy candidates at redshifts
z = 11.5 − 15. These objects show compact half-light radii of R1/2 ∼ 50 − 200pc, stellar masses of
M⋆ ∼ 107−108M⊙, and star-formation rates of SFR ∼ 0.1−1 M⊙ yr−1
. Our search finds no candidates
at 15 < z < 20, placing upper limits at these redshifts. We develop a forward modeling approach to
infer the properties of the evolving luminosity function without binning in redshift or luminosity that
marginalizes over the photometric redshift uncertainty of our candidate galaxies and incorporates the
impact of non-detections. We find a z = 12 luminosity function in good agreement with prior results,
and that the luminosity function normalization and UV luminosity density decline by a factor of ∼ 2.5
from z = 12 to z = 14. We discuss the possible implications of our results in the context of theoretical
models for evolution of the dark matter halo mass function.
This pdf is about the Schizophrenia.
For more details visit on YouTube; @SELF-EXPLANATORY;
https://www.youtube.com/channel/UCAiarMZDNhe1A3Rnpr_WkzA/videos
Thanks...!
Using Virtualization Technique to Increase Security and Reduce Energy Consumption in Cloud Computing
1. International Journal of Research in Computer Science
eISSN 2249-8265 Volume 4 Issue 2 (2014) pp. 25-30
www.ijorcs.org, A Unit of White Globe Publications
doi: 10.7815/ijorcs.42.2014.082
www.ijorcs.org
USING VIRTUALIZATION TECHNIQUE TO INCREASE
SECURITY AND REDUCE ENERGY CONSUMPTION IN
CLOUD COMPUTING
Hamid Banirostam1
, Alireza Hedayati2
, Ahmad Khadem Zadeh3
1
Department of Computer Engineering, Science and Research Branch Guilan, Islamic Azad University, Rasht,
IRAN
Email: h.banirostam@yahoo.com
2Department of Computer Engineering, Islamic Azad University, Central Tehran Branch, Tehran, IRAN
Email: hedayati@iauctb.ac.ir
3Research Institute Information & Communication Technology, Tehran, IRAN
Email: zadeh@itrc.ac.ir
Abstract: An approach has been presented in this
paper in order to generate a secure environment on
internet Based Virtual Computing platform and also to
reduce energy consumption in green cloud computing.
The proposed approach constantly checks the
accuracy of stored data by means of a central control
service inside the network environment and also
checks system security through isolating single virtual
machines using a common virtual environment. This
approach has been simulated on two types of Virtual
Machine Manager (VMM) Quick EMUlator (Qemu),
HVM (Hardware Virtual Machine) Xen and outputs of
the simulation in VMInsight show that when service is
getting singly used, the overhead of its performance
will be increased. As a secure system, the proposed
approach is able to recognize malicious behaviors and
assure service security by means of operational
integrity measurement. Moreover, the rate of system
efficiency has been evaluated according to the amount
of energy consumption on five applications
(Defragmentation, Compression, Linux Boot
Decompression and Kernel Boot). Therefore, this has
been resulted that to secure multi-tenant environment,
managers and supervisors should independently
install a security monitoring system for each Virtual
Machines (VMs) which will come up to have the
management heavy workload of. While the proposed
approach, can respond to all VM’s with just one
virtual machine as a supervisor.
Keywords: Green Cloud Computing, Multi- tenancy,
Virtualization, Data integrity.
I. INTRODUCTION
Cloud computing can be considered as the result of
natural development of virtualization technology so
that physical resources can be used optimally by
deployment cloud computing through virtualization
and applications under network with the least energy
and also by sharing resources within their
environment. In recent years, great amount of using
PCs has led us to face a significant energy loss
because the lack of usage in the most hours of the day.
Relying on virtualization, this possibility can be
provided to set various services on a single physical
machine which could result in optimizing energy and
minimizing machines' idle time [1].
Through the abilities of rapid expansion and
deploying common virtual resources, green cloud
processing will have a great impact on energy
reduction. One kind of developed cloud platforms is
internet Based Virtual Computing (iVIC) [2] which
enables users to generate a dynamic, ordered, and
scalable environment of VMs which is allowed to
have a rapid deployment of the operating system and
software under network through browser based
interface.
However it results in reduction of energy cost and
saving energy, it would also face issues such as
preventing malicious programs to enter VMs, the
possibility of using security systems under network
within virtual cloud environment, and applying
comprehensive measurement system of the
environment's current situation under critical
circumstances and several kinds of control systems not
to receipt unidentified individuals requests [3].
Continuing related work is studied in the second
section. Third section includes presenting mechanism
of the proposed approach and checks for data integrity
and after that, the results of the surveys and
2. 26 Hamid Banirostam, Alireza Hedayati, Ahmad Khadem Zadeh
www.ijorcs.org
simulations will be reviewed and ultimately
conclusions will be displayed.
II. RELATED WORK
Virtual Machines (VM) have been generated in the
midst of 1970s. VM is a logical process managed by
control program simulating hardware. In fact, VMs are
executing on a large computer in order to represent
sharing resources and isolation. Some of VM systems
such as VMware and Xen have been embedded in
large companies [4]. VMM simultaneously acquires
execution permission of a number of VMs and
resources transparent distribution among them and
isolation of VMs to prevent access to memory or disc
space. Operating system executed inside a VM is
traditionally considered as a guest operating system so
that running programs on this system is mentioned as
guest applications.
A. VM Monitoring
VM monitoring can be classified into two groups.
The first kind of VMM can be run directly on physical
hardware and there is no operating system on that.
Therefore, this VMM is completely responsible for
scheduling and allocating system resources among
VMs. ESX and Xen are both considered to be in this
group. The second kind of VMM is to be run as an
ordinary operating system which controls actual
hardware resources and is usually a host operating
system. Since host operating system has no knowledge
of the second kind VMM, it behaves just as any other
process within the system. GSX, VMware, UML, and
FAU machine are some in the second group of VMMs
[5]. Host operating system of this group is heavier
than the first group’s and it is also more prone for
security vulnerabilities. Therefore, the first kind VMM
is generally considered to be more secure than the
second kind [6].
B. VM Based Service Architecture
While having different features, VM based security
systems have common architecture. This has been
demonstrated in Figure 1 that security systems can be
noticed as a part of VM monitoring or getting
embedded within an assigned VM. Some security
systems also may run their components within the
guest operating system. Although components are
guests in the operating systems, they are often only
responsible to generate security system requests within
VMM or assigning a secure VM to implement the
policy. Security policies are rarely implemented inside
the guest operating system because of the risk of
security systems there. Security in VM based services
is based on this assumption that the Trusted
Computing Base (TCB) is also secured. In the first
kind, VM is to be the VM supervisor. Some of
services in VM are assigned to the secure VM as a
part of TCB [7].
Figure 1. Architecture cloud-based security services
C. Security Services
Honeypot: This security service has been recently
become a popular tool to recognize large scale attacks
on internet. Generally Honeypots are categorized in
two groups: low interaction and high interaction.
However low interaction Honeypot accepts network
messages but still they can give just a minimized
answer and the behavior of a high interaction [8].
Security: Three phases of secure isolation, confident
upload, and monitoring should be considered in secure
application software running environment. In fact, the
main motivation in secure isolation came up by the
advent of IBM VM/370 and VMM technology.
Through generating a number of VMs, VMM will
cause monitoring on independent operating systems
within the physical machines [8]. Yan Wen presented
isolation model based on the hardware abstract layer
called SVEE [9]. Flume system also was represented
at the University of MIT in order to control
information stream management and checking data
integrity [9]. "Confident upload" as the second phase
of security is in fact saving system integrity and
accuracy against the intrusion of malicious
applications which means assuring a software to be
non- malicious while it is uploading [10]. Finally, the
third phase is to be "Monitoring". Garfinkel has
represented some solutions to control accuracy by
presenting Honeypot system able to monitor VMM
[10].
Data accuracy: there are different approaches in
measuring data accuracy and different embedded
software in process environment such as Prima,
Tripwire, and IMA [11]. A secure system has to be
generated through isolation mechanism in order to
deploy applications and data in various presented
services. Inside a physical network, common methods
of isolation can perform filtering operation just like a
3. Using Virtualization Technique to Increase Security and Reduce Energy Consumption in Cloud Computing 27
www.ijorcs.org
firewall, so this can be mentioned as another challenge
in virtual networks path [12]. One of the solutions for
this challenge is Snort. Factually Snort is an Intrusion
Prevention System (IPS) able to analyse real time
traffic and sign in packs to the system on IP of
networks. This ability can contain analysis protocol,
searching for context (query), and adapting them to
detect various threats such as buffer overflow, hidden
port scan, CGI (Common Gateway Interface) attacks,
SMB (Server Message Blocker) attacks, and
fingerprinting operating system. But Snort mechanism
also meets some limitations such as high start-up cost
of the intrusion detection system, and confined
capability to measure network traffic which ends up in
some CPU cycles use [12].
D. Green Cloud Computing
Whereas, there has always been energy loss in idle
systems, energy consumption has been constantly
increasing in information centers. The amount of
usage in idle servers is almost two times more than
active ones. Considering this problem and also in
order to optimization, David Meisner et al. has
represented Powernap [13]. This solution provides
optimizing energy through making active system
migrate to idle system. Then in 2009, Francis and
Richardson represented a model for virtualization by
optimal use of energy [14]. IBM researchers also
minimized task volume in servers based on a policy to
turn on/off servers in particular conditions which
eventually led in minimizing energy consumption. A
solution will be proposed in this paper in order to
optimizing energy of implementing green cloud
computing also by virtualization.
III. THE PROPOSED APPROACH
Proposed approach of this paper has been
implemented on iVIC platform. The main capability of
this approach is VM resource management and
providing operation security on this platform. It can
make monitoring possible on running processes in
order to ensure service security for operational
accuracy measurement and preparing performance
reports. This monitoring would become possible by
VM Insight software which is a virtualization software
based on the process of security monitoring system. At
the beginning of execution in this approach, the
systems approach to information provides a backup
file of system's initiative situation. After that, all
monitoring operations including comparison of
system's initiative situation with its current situation
will be performed dynamically.
Within this dynamic comparison, invalid changes
which can lead to the lack of integrity will be
identified. Then intrusion detection in network and
also the network traffic will be dynamically checked
by Snort. In the proposed approach, authentication and
users' access method are recognized by a central
supervising section which has control policies. Within
the cloud multi-tenant shared environment, resource
storages should be also considered because of using
shared resource storages together with isolating users'
access method with different goals. This is assumed in
the proposed approach that VMs have been
dynamically established inside the system and after
verification, they would have access to the resources.
Figure 2 illustrates the proposed model action and
reaction against malicious intrusions.
Figure 2. The Proposed model against malicious intrusion
First in the proposed approach, a VM with various
goals enters virtual network and after that, it sends
different requests including receiving virtual resources
(hardware, software, storage, and etc.) to the system
supervisor. At first system supervisor temporarily
disconnects all entering VMs from the system to check
up entering machine’s behaviour. After that, it checks
machine’s characteristics to analyse its behaviour.
This results in distinguishing malicious machine
identification from non- malicious one. In order to
recognize attacks or detect malicious software which
might lead to accuracy violation of system integrity, a
new pattern of machine behaviour will enter the
system and will be compared to the patterns stored in
the system database from before. In fact, malicious
software has been already simulated on the noticed
system and also intrusion results have been evaluated
too. At last, if considering predefined patterns as
attack and intrusion to the network, the behaviour has
been recognized to be malicious, it will be
disconnected from the system and also as an invalid
4. 28 Hamid Banirostam, Alireza Hedayati, Ahmad Khadem Zadeh
www.ijorcs.org
identity, it will not get the permission of access to the
resources. But if it is recognized as a valid identity
then its characteristics will be registered within the
comprehensive information database relevant to the
virtual network system. This method will guarantee
system security through avoiding invalid identity and
on the other hand, since the operation of resource
assignment would be available to a valid identity only
by supervisor system confirming that, it will provide
isolation operation inside shared environment of cloud
resource storages.
- The Proposed Approach Algorithm
Since each various physical machine independently
manages several VMs, security of the environment in
accessing shared resources is the most important
priority in the storage of multi-tenant resource
environment. Proposed method securely manages
access to VMs shared resources through verifying user
identity and determining control policies.
- 12 steps of the Proposed Algorithm
1. VM (guest VM) entrance to the system which is
shared resources storage.
2. Sending request to system supervisor.
3. Start-up the operation of new VM identification
through comparing with the behaviours of
software already stored as malicious behaviour in
system bank.
4. Checking whether or not a new identity has been
recognized to be valid. If yes then go to line 5,
unless go to line 12.
5. Verifying new VM identity.
6. Determining control policies to limit the access to
common resource pool such as VM likely to Full,
Write, Read and Access.
7. Granting a certificate or VM authentication.
8. Allocating a physical machine to VM in order to
receive and run requested resources and also to
have remote access to resources.
9. Running scheduling mechanisms to allocate
resources and eliminate allocated resources
available to VM.
10. Releasing the resource after the task is finished.
11. If user requests for a new resource, go to line 8,
unless go to the next line.
12. End.
Behaviour patterns of recognized malicious
identities are stored in a file. Now, to achieve such
patterns in this paper, simulation has been performed
on two kinds of VM: Qemu and HVM Xen. Through
this simulation, some samples of malicious software
have been directly run within VM insight environment
and then results have been applied on the proposed
approach to detect and discover its behaviours. Results
of this software are demonstrated in Table 1.
Table 1. Behavior tracing and detection model
Trust Route
Bytes
Recei_ved
Bytes
Sent
CPU
Stat_us
Server or
applica_tion
No parent
recess
No parent
process
Yes /user/sbin/acpid 3 14343 0% acpid 1592 1593
Yes /user/sbin/Apache 0 0 0% Apach_e 1631 1632
Yes bin/login 177 18083 0% Login 1683 1752
No /user/bin/ ls 0 0 0% Is 1752 2845
According to Table 1, the proposed approach can
discover malicious software which cause violation of
system integrity through comparing network's sent or
received number of bytes.
Five established applications including
Compression, Defragmentation, Linux Boot,
Decompression and Kernel Boot in the environment
have been used to achieve evaluation results in order
to evaluate the amount of energy consumption in VM
insight hardware in Qemu and HVM Xen. Qemu
evaluation results are shown in Figure 3 and
VMInsight evaluation results together with HVM Xen
have been presented in Figure 4 by using the proposed
approach.
Considering the comparison between Figures 3 and
4, it can be perceived that when a service is being used
separately, the overhead of its performance grows
about 12%. So this can be concluded that the proposed
approach can be considered as a secure system able to
detect threatening behaviour too. After that, the results
of Figure 5 shows the amount of system efficiency
regarding to the amount of energy consumption by
simulating five applications of Defragmentation,
Compression, Linux Boot, Decompression and Kernel
Boot..
5. Using Virtualization Technique to Increase Security and Reduce Energy Consumption in Cloud Computing 29
www.ijorcs.org
Figure 3. Runtime Overhead of VM insight on Qemu
Figure 4. Runtime Overhead of VM insight on HVMXEN
Figure 5, in fact, is an energy comparison between
Qume VM physical machine and the proposed
approach. Considering this figure, it can be observed
that if each of three mentioned infrastructures is
applied singly and separately to run the applications,
the amount of e-consumption will be high because
using the proposed approach to secure the
environment and Qume will be followed by a
significant amount of overhead in energy and cost.
Factually to secure a multi-tenant environment,
managers and supervisors should install a supervision
security system independently for every VM which
leads to a heavy management workload. Furthermore,
because of extra energy consumption for each VM
monitoring system, the cost of energy consumption
and energy loss will be increased. Besides, installing
virtual secure monitoring on independent operating
systems of every physical machine will also increase
energy consumption significantly because each
physical machine is allowed to run 20 VM in average
while the proposed approach can response all VMs
only by one supervisor VM.
Figure 5. Energy consumed by different applications in
different machines
IV. CONCLUSIONS
In this paper, an approach was proposed on iVIC
platform. Performance of the proposed approach in
management of VM resources facilitates security of
performed operations on the platform. This approach
also examines noticed machine behavior and
distinguishes between identities of malicious and
non- malicious machines. This paper showed
simulations of two kinds of VMMs (Qume, and HVM
Xen) and according to the comparison between these
simulations, this was resulted that when a service is
singly used, its performance overhead grows about
12%. So this can be concluded that the proposed
approach can be considered as a secure system which
is also able to detect threatening behaviors. Moreover,
the rate of system efficiency was evaluated according
to the amount of energy consumption on five
applications including Compression, Defragmentation,
Linux Boot, Decompression and Kernel Boot. Results
of this paper showed that if each of three mentioned
infrastructures were applying separately, the amount
of energy consumption will be high because using the
proposed approach to secure the environment and
Qume will be followed by energy and cost overhead.
In fact, to secure a multi-tenant environment,
managers and supervisors should independently install
a security monitoring system for every VM which
leads to have a heavy management workload. Also
because of extra energy consumption for each VM
monitoring system, the cost of both energy
consumption and energy loss are to be increased while
the proposed approach is able to respond all VMs by
having only one VM supervisor.
6. 30 Hamid Banirostam, Alireza Hedayati, Ahmad Khadem Zadeh
www.ijorcs.org
V. REFERENCES
[1] Celesti Francesco, A., Villari, M.T and Puliafito, A.,
“Improving Virtual Machine Migration in Federated
Cloud Environments”, Second International Conference
on Evolving Internet, 20-25 September 2010., pp. 61-
67. doi: 10.1109/INTERNET.2010.20
[2] Chen, Y., Wo, T. and Li, J., “An efficient resource
management system for on-line virtual cluster
provision”, IEEE ICC, 2009 , pp.72–79. doi:
10.1109/CLOUD.2009.64
[3] Shwetha,B. and Balagoni,Y., “Secure Data Storage In
Cloud Computing”, International Journal of Research
in Computer Science, vol.1, 2011, pp.63-73. doi:
10.7815/ijorcs.11.2011.006
[4] Mateescu, G., Gentzsch , W.and J. Ribbens, C.,
“Hybrid computingwhere HPC meets grid and cloud
computing”, ELSEVIER FGCS, 2011, pp. 440–453.
doi: 10.1016/j.future.2010.11.003
[5] Zissis, D.and Lekkas,D., “Addressing cloud computing
security issues”, ELSEVIER FGCS, 2011, pp. 583-592.
doi: 10.1016/j.future.2010.12.006
[6] Li, J., Huai, J., Hu, C. and Zhu, Y., “A Secure
Collaboration Service for Dynamic Virtual
Organizations”, IS Elsevier, vol. 180, issue 17, 2010,
pp. 3086–3107. doi: 10.1016/j.ins.2010.05.014
[7] Ray, S. and De Sarkar, A., “Execution Analysis of
Load Balancing Algorithms in Cloud Computing
Environment”, IJCCSA, Vol.2, No.5, 2012, pp. 1-13.
[8] Suakanto, S., H.Supangkat, S. and Saragih, R,
“Performance Measurment of Cloud Computing
Services”, IJCCSA, Vol.2, No.2, 2012, pp. 9-20.
[9] M. Azab, A., Ning, P., C. Sezer, E. and Zhang, X,
“HIMA: a hypervisor based integrity measurement
agent”, IEEE Computer Society , 2009,pp. 461-470.
doi: 10.1109/ACSAC.2009.50
[10] Zhao, X., Borders, K. and Prakash, A., “Virtual
machine security system”, ACSE, 2009, pp. 339-365.
[11] Lombardi, F. and Di Pierto, R., (2009), “KvmSec: a
security extension for Linux kernel virtual machines”,
ACM SAC, March 8-12, pp. 2029-2034. doi:
10.1145/1529282.1529733
[12] Beloglazov, A. and Buyya, R., “Energy Efficient
Allocation of Virtual Machines in Cloud Data Centers",
IEEE/ACM ISCluster, 2009, pp. 557-578. doi:
10.1109/CCGRID.2010.45
[13] Meisner, D., T. Gold, B. and F. Wenisch, T.,
“PowerNap: eliminating server idle power”, ASPLOS
2009,7-11 March, pp. 205–216.
[14] Alam, M., “Cloud Algebra for Handling Unstructured
Data in Cloud Database Managements System”,
IJCCSA, Vol.2, 2012, pp. 35-42. doi:
10.1145/2393216.2393221
How to cite
Hamid Banirostam, Alireza Hedayati, Ahmad Khadem Zadeh, “Using Virtualization Technique to Increase Security
and Reduce Energy Consumption in Cloud Computing”. International Journal of Research in Computer Science, 4 (2):
pp. 25-30, March 2014. doi: 10.7815/ijorcs.42.2014.082