Cloud computing is a computing paradigm that shifts drastically from traditional computing architecture. Although this new computing paradigm brings many advantages like utility computing model but the design in not flawless and hence suffers from not only many known computer vulnerabilities but also introduces unique information confidentiality, integrity and availability risks as well due its inherent design paradigm. To provide secure and reliable services in cloud computing environment is an important issue. To counter a variety of attacks, especially large-scale coordinated attacks, a framework of Collaborative Intrusion Detection System (IDS) is proposed. The proposed system could reduce the impact of these kinds of attacks through providing timely notifications about new intrusions to Cloud users' systems. To provide such ability, IDSs in the cloud computing regions both correlate alerts from multiple elementary detectors and exchange knowledge of interconnected Clouds with each other.
Toward Continuous Cybersecurity with Network Automation
Network security is a dynamic art, with dangers appearing as fast as black hats can exploit vulnerabilities. While there are basic “golden rules” which can make life difficult for the bad guys, it remains a challenge to keep networks secure. John Chambers, Executive Chairman of Cisco, famously said “there are two types of companies: those that have been hacked, and those who don’t know they have been hacked”. The question for most organizations isn’t if they’re going to be breached, but how quickly they can isolate and mitigate the threat. In this paper, we’ll examine best practices for effective cybersecurity – from both a proactive (access hardening) and reactive (threat isolation and mitigation) perspective. We’ll address how network automation can help minimize cyberattacks by closing vulnerability gaps and how it can improve incident response times in the event of a cyberthreat. Finally, we’ll lay a vision for continuous network security, to explore how machine-to-machine automation may deliver an auto-securing and self-healing network.
Go to www.esgjrconsultinginc.com
Network infrastructures have played important part in most daily communications for business industries,
social networking, government sectors and etc. Despites the advantages that came from such
functionalities, security threats have become a daily struggle. One major security threat is hacking.
Consequently, security experts and researchers have suggested possible security solutions such as
Firewalls, Intrusion Detection Systems (IDS), Intrusion Detection and Prevention Systems (IDP) and
Honeynet. Yet, none of these solutions have proven their ability to completely address hacking. The reason
behind that, there is a few researches that examine the behavior of hackers. This paper formally and
practically examines in details the behavior of hackers and their targeted environments. Moreover, this
paper formally examines the properties of one essential pre-hacking step called scanning and highlights its
importance in developing hacking strategies. Also, it illustrates the properties of hacking that is common in
most hacking strategies to assist security experts and researchers towards minimizing the risk of hack.
Fundamentals of information systems security ( pdf drive ) chapter 1
This document discusses the growth of the internet and increased connectivity of devices beyond just computers. It notes that as internet usage has increased, issues of privacy, data security, and protecting sensitive information have become more important for both personal and business use. The document provides an overview of common security concepts and terms to help understand how to prevent cyberattacks and secure sensitive data. It also includes a table summarizing several high-profile data breaches between 2013-2015 at companies like Target, Anthem, and Sony Pictures that compromised personal and financial information for millions of customers.
Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection A...Drjabez
This document describes a proposed approach for anomaly detection in intrusion detection systems using outlier detection. It begins with background on intrusion detection systems and issues with existing approaches. It then presents the proposed two-stage approach using outlier detection: 1) Training with large normal datasets in a distributed storage environment, and 2) Testing intrusion datasets to compute an error value compared to the trained model. If the error value exceeds a threshold, the test data is flagged as anomalous. Experimental results on network packet datasets demonstrate the approach can effectively identify anomalies.
1. Cyber Ethics and Cyber Crime
2. Security in Social Media & Risk of Child Internet
3. Social media in Schools and photo privacy
4. Risk of OSNs and Security, Privacy of Facebook
5. Risk and Security of Social Networking site Facebook and Twitter
6. Risk analysis of Government and Online Transaction
Network security is a dynamic art, with dangers appearing as fast as black hats can exploit vulnerabilities. While there are basic “golden rules” which can make life difficult for the bad guys, it remains a challenge to keep networks secure. John Chambers, Executive Chairman of Cisco, famously said “there are two types of companies: those that have been hacked, and those who don’t know they have been hacked”. The question for most organizations isn’t if they’re going to be breached, but how quickly they can isolate and mitigate the threat. In this paper, we’ll examine best practices for effective cybersecurity – from both a proactive (access hardening) and reactive (threat isolation and mitigation) perspective. We’ll address how network automation can help minimize cyberattacks by closing vulnerability gaps and how it can improve incident response times in the event of a cyberthreat. Finally, we’ll lay a vision for continuous network security, to explore how machine-to-machine automation may deliver an auto-securing and self-healing network.
Go to www.esgjrconsultinginc.com
Network infrastructures have played important part in most daily communications for business industries,
social networking, government sectors and etc. Despites the advantages that came from such
functionalities, security threats have become a daily struggle. One major security threat is hacking.
Consequently, security experts and researchers have suggested possible security solutions such as
Firewalls, Intrusion Detection Systems (IDS), Intrusion Detection and Prevention Systems (IDP) and
Honeynet. Yet, none of these solutions have proven their ability to completely address hacking. The reason
behind that, there is a few researches that examine the behavior of hackers. This paper formally and
practically examines in details the behavior of hackers and their targeted environments. Moreover, this
paper formally examines the properties of one essential pre-hacking step called scanning and highlights its
importance in developing hacking strategies. Also, it illustrates the properties of hacking that is common in
most hacking strategies to assist security experts and researchers towards minimizing the risk of hack.
Fundamentals of information systems security ( pdf drive ) chapter 1newbie2019
This document discusses the growth of the internet and increased connectivity of devices beyond just computers. It notes that as internet usage has increased, issues of privacy, data security, and protecting sensitive information have become more important for both personal and business use. The document provides an overview of common security concepts and terms to help understand how to prevent cyberattacks and secure sensitive data. It also includes a table summarizing several high-profile data breaches between 2013-2015 at companies like Target, Anthem, and Sony Pictures that compromised personal and financial information for millions of customers.
Intrusion Detection System (IDS) is meant to be a software application which monitors the network or system activities and finds if any malicious operations occur. Tremendous growth and usage of internet raises concerns about how to protect and communicate the digital information in a safe manner. Nowadays, hackers use different types of attacks for getting the valuable information. Many intrusion detection techniques, methods and algorithms help to detect these attacks. This main objective of this paper
is to provide a complete study about the definition of intrusion detection, history, life cycle, types of intrusion detection methods, types of attacks, different tools and techniques, research needs, challenges and
applications.
Cyber Warfare is the current single greatest emerging threat to National Security. Network security has become an essential component of any computer network. As computer networks and systems become ever more fundamental to modern society, concerns about security has become increasingly important. There are a multitude of different applications open source and proprietary available for the protection +-system administrator, to decide on the most suitable format for their purpose requires knowledge of the available safety measures, their features and how they affect the quality of service, as well as the kind of data they will be allowing through un flagged. A majority of methods currently used to ensure the quality of a networks service are signature based. From this information, and details on the specifics of popular applications and their implementation methods, we have carried through the ideas, incorporating our own opinions, to formulate suggestions on how this could be done on a general level. The main objective was to design and develop an Intrusion Detection System. While the minor objectives were to; Design a port scanner to determine potential threats and mitigation techniques to withstand these attacks. Implement the system on a host and Run and test the designed IDS. In this project we set out to develop a Honey Pot IDS System. It would make it easy to listen on a range of ports and emulate a network protocol to track and identify any individuals trying to connect to your system. This IDS will use the following design approaches: Event correlation, Log analysis, Alerting, and policy enforcement. Intrusion Detection Systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, we have developed a methodology for testing IDSs. The methodology consists of techniques from the field of software testing which we have adapted for the specific purpose of testing IDSs. In this paper, we identify a set of general IDS performance objectives which is the basis for the methodology. We present the details of the methodology, including strategies for test-case selection and specific testing procedures. We include quantitative results from testing experiments on the Network Security Monitor (NSM), an IDS developed at UC Davis. We present an overview of the software platform that we have used to create user-simulation scripts for testing experiments. The platform consists of the UNIX tool expect and enhancements that we have developed, including mechanisms for concurrent scripts and a record-and-replay feature. We also provide background information on intrusions and IDSs to motivate our work.
This document discusses information system security. It defines information system security as collecting activities to protect information systems and stored data. It outlines four components of an IT security policy framework: policies, standards, procedures, and guidelines. It also discusses vulnerabilities, threats, attacks, and trends in attacks. Vulnerabilities refer to weaknesses, while threats use tools and scripts to launch attacks like reconnaissance, access, denial of service, and viruses/Trojans. Common attacks trends include malware, phishing, ransomware, denial of service, man-in-the-middle, cryptojacking, SQL injection, and zero-day exploits.
This paper describes the concept of implementing the network vulnerability assessment process as a web service in Eucalyptus cloud.This paper is published in one of the international conferences.I implemented the mentioned concept during my M.E. thesis.
Mobile Ad hoc Networks (MANETs) are wireless networks consisted of mobile free nodes that can move anywhere at any time without the need to any fixed infrastructure or any centralized administration. In this category of networks existing nodes must rely on each other to play the role of routers or switches instead of using central ones. The self-organized nature of such environments made MANETs vulnerable against many security threats. As a result, providing security requirements in MANETs is one of the most interesting challenges in such a network. In this group of networks, the use of cryptographic solutions is one of the most interesting security issues. The importance of this scientific area in MANETs is more drastic by considering that mentioned schemes must be lightweight enough to be appropriate for resource constrained platforms in such environment. This paper has tried to represent the position of cryptographic issues in MANETs. Moreover, security issues in mobile Ad hoc networks beside of different classes of public key cryptosystems have been introduced.
This document provides guidance for lawyers on data security issues and how to help clients meet data security standards. It discusses how lack of security knowledge is common among both personal and enterprise computer users. Various threats like viruses, worms, Trojans, bots, and spyware/adware are described. Examples of data security risks include loss of portable devices containing personal information, insecure home networks that employees access for work, and insecure disposal of physical documents and digital media. The document advises evaluating security controls and investing in tools to detect breaches and audit compliance.
This presentation delves into the many cybersecurty risks that plague the healthcare industry and how these risks can be mitigated with the help of security solutions that Seqrite offers.
IRJET- Local Security Enhancement and Intrusion Prevention in Android Dev...IRJET Journal
This document proposes a local security enhancement and intrusion prevention system for Android devices. It summarizes existing host-based intrusion detection systems and behavior-based intrusion prevention systems for Android smartphones. The proposed system uses net flow based clustering to identify anomalies and correlates with host-based features to detect malware intrusions. The goal is to provide versatile security for Android smartphones by detecting a wide range of attacks, including denial of service attacks and probing. The system aims to detect new attacks as well.
Enhanced method for intrusion detection over kdd cup 99 datasetijctet
This document discusses an enhanced method for intrusion detection using the KDD Cup 99 dataset. It aims to improve the accuracy of the dataset by analyzing the contribution of different attack classes to metrics like true positive rate and precision. The study examines these evaluation metrics for an intrusion detection system to identify which attack classes most impact recall and precision. The goal is to help improve the quality of the KDD Cup 99 dataset to achieve higher accuracy with lower false positives.
Emerging Trends in Cyber Crime discusses the growing threat of cyber crimes both globally and in India. Some key points include:
- Cyber crimes are challenging to address due to the anonymity of perpetrators, involvement of multiple countries/networks, and lack of consistent global laws.
- India faces increasing challenges from the exponential growth of internet use and interconnected systems for business and government. Emerging technologies like UID and e-governance have cybersecurity implications.
- Recent cyber incidents in India involved the use of wireless networks and public WiFi systems to plan terrorist attacks. The 2008 Mumbai terrorist attacks also demonstrated terrorists' use of technology.
- Common cyber crimes include hacking, phishing, spamming,
Computer hacking and security - Social Responsibility of IT Professional by M...Mark John Lado, MIT
Computer hacking and security - Social Responsibility of IT Professional by Mark John Lado and Franklin Lasdoce
*******
Technology is science or knowledge put into practical use to solve problems or invent useful tools. A computer is one of the examples of technology it is a programmable electronic device that accepts raw data as input and processes it with a set of instructions (a program) to produce the result as an output.
Technology is robust, where hacking is now common, there are two different types of hacking, ethical hacking, and unethical hacking.
The Same Tools Are Used By Both Hackers And Ethical Hackers. The Only Difference Is That Hackers Use Tools To Steal Or Destroy Information Whereas Ethical Hackers Use the Same Tools To Safeguard Systems From “Hackers With Malicious Intent”. Ethical Hacking Is Legal And Hacking Is Done With Permission From The Client.
Computer Security Is The Protection Of Computer Systems And Networks From Information Disclosure, Theft Of Or Damage To Their Hardware, Software, Or Electronic Data, As Well As From The Disruption Or Misdirection Of The Services They Provide.
************
At the end of this topic, you will be able to;
1. Tell the definition of Computer Hacking
2. Recognize the Ethical hacking and Unethical hacking
3. Illustrate the penetration tester do
4. Summarize the top Skills Required for Cybersecurity Jobs
5. Define Computer Security
6. Recite the different types of Computer Security
7. Describe the importance of Computer Security
8. Summarize the objectives for computer security in any organization
9. Discover in securing your Computer from Unauthorized Access
10. Relate the 15 Best practices for Computer Security and Cyber Security
11. Recognize the Social Engineering and Cyber Attacks
The document discusses several cybersecurity threats facing the public sector, including data loss, insider threats, cyber espionage, phishing, and ransomware. It provides statistics on data breaches and security incidents affecting the public sector in areas like personal data compromised, compliance issues, and responsibility for incidents. The top 5 threats are identified as ransomware, insider threats, distributed denial of service attacks, cyber espionage, and phishing. Solutions from Seqrite that can help mitigate these threats include endpoint security, unified threat management, mobile device management, and data loss prevention.
Intelligent Network Surveillance Technology for APT Attack DetectionsAM Publications,India
Recently, long-term, advanced cyber-attacks targeting a specific enterprise or organization have been occurring again. These attacks occur over a long period and bypass detection by security systems unlike the existing attack pattern. For such reason, they create problems such as delayed real-time response and detection after damages have already been incurred. This paper introduces the design of technology that applies real-time network traffic monitoring to detect unknown functional cyber-attack on the network. Specifically, the algorithm was verified and evaluated in terms of performance in an actual commercial environment. Cyber-attack detection performance is expected to be improved by enhancing the algorithm and processing large volumes of traffic
Intrusion Detection System (IDS) is meant to be a software application which monitors the network or system activities and finds if any malicious operations take place. Tremendous growth and practice of internet raises concerns about how to protect and communicate the digital data in a safe manner. Nowadays, hackers use different types of attacks for getting the valuable information. Many intrusion detection techniques, methods and algorithms assist to identify these attacks. This main objective of this paper is to provide a complete study about the description of intrusion detection, history, life cycle, types of intrusion detection methods, types of attacks, different tools and techniques, research needs, tasks and applications
Data Security Model Enhancement in Cloud Environmentijsrd.com
With the rapid developments across the information technology usage of cloud infrastructure has increased a lot. There are lots of services offered by cloud where data storages occupies the primary stand when compared to rest of the services. Data security across the cloud is the main aspect to be considered while storing the data of any organization across a remote location. There are many parameters to be considered while providing security to cloud integrity, confidentiality and availability. There was ample research done in this context where there are many security models available for all the three aspects discussed. The main aim of the proposed system is to make the cloud data server available by blocking unwanted traffic with a firewall. OPNET simulation is done to evaluate the performance of the cloud data storage and the corresponding security issues. From the overall analysis of the results it is clear that blocking the unwanted web traffic over the cloud storage security has improved a lot in terms of traffic and packet managements.
Noise Analysis on Indoor Power Line Communication Channelijsrd.com
The power line communication technology is now considered as a good alternative for the implementing communication network. Digital networks can be established using the same set of wires that is use to distribute the power signal through the power-line channel(PLC) because power line networks are excellent infrastructure for broadband data transmission however various noise exist due to stochastic change in the network load impedance. This paper is an attempt to identify different type of noise in PLC channel and investigate the performance of indoor channel of PLC system. The noise seen in the power-line channel varies with frequency, time and from line to line .in this paper we classify different type of noises its characteristics and the process to remove it from power line channel.
Design and Simulation of Radix-8 Booth Encoder Multiplier for Signed and Unsi...ijsrd.com
This paper presents the design and simulation of signed-unsigned Radix-8 Booth Encoding multiplier. The Radix-8 Booth Encoder circuit generates n/3 the partial products in parallel. By extending sign bit of the operands and generating an additional partial product the signed of unsigned Radix-8 BE multiplier is obtained. The Carry Save Adder (CSA) tree and the final Carry Look ahead (CLA) adder used to speed up the multiplier operation. Since signed and unsigned multiplication operation is performed by the same multiplier unit the required hardware and the chip area reduces and this in turn reduces power dissipation and cost of a system. The simulation is done through Verilog on xiling13.3 platform which provide diversity in calculating the various parameters.
Comparison of Wavelet Watermarking Method With & without Estimator Approachijsrd.com
1. The document compares a wavelet watermarking method with and without an estimator approach for improving robustness against noise attacks.
2. Using an M-estimator at extraction improves imperceptibility and robustness by estimating and rejecting outlier pixels caused by noise.
3. Statistical analysis on watermarked images subjected to noise attacks shows the estimator approach reduces MSE and increases PSNR and correlation, indicating superior extraction quality compared to the standard wavelet method without estimator.
To Perform SIL And PIL Testing on Fast Dynamic System using Economical AVR Co...ijsrd.com
This document describes using an economical AVR controller to perform software-in-the-loop (SIL) and processor-in-the-loop (PIL) testing on a fast dynamic system. It discusses using an Arduino board with an Atmega328 microcontroller to implement rapid control prototyping (RCP) methodology. The RCP process involves modeling a DC motor system in Simulink, designing a PI controller, and then performing SIL and PIL tests to verify the controller code functions as intended on the AVR hardware before implementation on the real system. The results show the PIL output is within acceptable limits of the SIL and model-in-the-loop simulations, demonstrating the feasibility of using low
This document discusses the need for a collaborative intrusion detection system (IDS) for cloud computing. It proposes a framework where IDSs in cloud computing regions would correlate alerts from multiple detectors and exchange knowledge with each other. This could help reduce the impact of large-scale coordinated attacks by providing timely notifications about new intrusions. The document reviews related work on cloud logging and forensic analysis, and describes an architecture for a collaborative IDS framework consisting of IDS managers, dispatchers, and elementary detectors that communicate via encrypted messages.
Simulation and Performance Analysis of Long Term Evolution (LTE) Cellular Net...ijsrd.com
In the development, standardization and implementation of LTE Networks based on Orthogonal Freq. Division Multiple Access (OFDMA), simulations are necessary to test as well as optimize algorithms and procedures before real time establishment. This can be done by both Physical Layer (Link-Level) and Network (System-Level) context. This paper proposes Network Simulator 3 (NS-3) which is capable of evaluating the performance of the Downlink Shared Channel of LTE networks and comparing it with available MatLab based LTE System Level Simulator performance.
A Novel Management Framework for Policy Anomaly in Firewallijsrd.com
The advent of emerging technologies such as Web services, service-oriented architecture, and cloud computing has enabled us to perform business services more efficiently and effectively. However, we still suffer from unintended security leakages by unauthorized actions in business services. Firewalls are the most widely deployed security mechanism to ensure the security of private networks in most businesses and institutions. The effectiveness of security protection provided by a firewall mainly depends on the quality of policy configured in the firewall. Unfortunately, designing and managing firewall policies are often error-prone due to the complex nature of firewall configurations as well as the lack of systematic analysis mechanisms and tools. In this paper, we represent an innovative policy anomaly management framework for firewalls, adopting a rule-based segmentation technique to identify policy anomalies and derive effective anomaly resolutions. We also discuss a proof-of-concept implementation of a visualization-based firewall policy analysis tool called Firewall Anomaly Management Environment (FAME). In addition, we demonstrate how efficiently our approach can discover and resolve anomalies in firewall policies through rigorous experiments using Automatic rule generation technique.
Proactive Data Reporting of Wireless sensor Network using Wake Up Scheduling ...ijsrd.com
In Wireless Sensor Network (WSNs), gather the data by using mobile sinks has become popular. Reduce the number of messages which is used for sink location broadcasting, efficient energy data forwarding, become accustomed to unknown earthly changes are achieved by a protocol which is projected by a SinkTrail. The forecast of mobile sinks’ location are done by using logical coordinate system. When sensor nodes don’t have any data to send, at that time they switch to sleep mode to save the energy and to increase the network lifetime. And due to this reason there is a chance of the involvement of nodes that are in sleeping state between the path sources to the mobile sink which is selected by the SinkTrail protocol. Before become the fully functional and process the information, these sleeping nodes can drop the some information. Due to this reason, it is vital to wake-up the sleeping nodes on the path earlier than the sender can start transferring of sensed data. In this paper, on-demand wake-up scheduling algorithm is projected which is used to activates sleeping node on the path before data delivery. Here, in this work the multi-hop communication in WSN also considers. By incorporating wake-up scheduling algorithm to perk up the dependability and improve the performance of on-demand data forwarding extends the SinkTrail solution in our work. This projected algorithm improves the quality of service of the network by dishonesty of data or reducing the loss due to sleeping nodes. The efficiency and the effectiveness projected solution are proved by the evaluation results.
Macromodel of High Speed Interconnect using Vector Fitting Algorithmijsrd.com
At high frequency efficient macromodeling of high speed interconnects is all time challenging task. We have presented systematic methodologies to generate rational function approximations of high-speed interconnects using vector fitting technique for any type of termination conditions and construct efficient multiport model, which is easily and directly compatible with circuit simulators.
Use of Linear Regression in Machine Learning for Rankingijsrd.com
This document discusses using linear regression for ranking purposes in machine learning. It presents regression as a supervised learning technique that can be used to predict a dependent variable from independent variables. The document explores building regression models with single and multiple ranking parameters to predict ranks. It provides examples of ranking depending on a single parameter like CGPA and on multiple parameters like education, degree percentage, and gate scores. The document also discusses procedures for selecting the best ranking parameters, including analyzing individual parameter models and using techniques like backward elimination for multiple parameter models.
DESIGN OPTIMIZATION AND VALIDATION THROUGH FE ANALYSIS OF PARALLEL MOTION FENDERijsrd.com
This document summarizes research on optimizing the design of parallel motion marine fenders. Parallel motion fenders consist of a fender panel supported by arms attached to a torsion tube. The current design fails due to stresses on the torque arm from ship impacts. The researchers modeled an existing parallel motion fender and analyzed stresses from ship impacts at different angles. They then modified the design by adding a gear mechanism to distribute loads and eliminate the torque arm. Analysis of the new design found stresses below allowable limits with a safety factor of 4.42, indicating the gear mechanism achieves the goal of optimizing the parallel motion fender design.
Gesture Recognition using Wireless Signalijsrd.com
This document describes a novel gesture recognition system called WiSee that uses wireless signals like Wi-Fi to enable whole-home gesture recognition without requiring instrumentation of the human body or deployment of cameras. It works by detecting very small Doppler shifts (a few Hertz) in the wireless signals caused by human motion. It addresses challenges like extracting these minute Doppler shifts from wideband Wi-Fi signals, dealing with multiple people in the environment using MIMO capabilities, and classifying nine different whole-body gestures based on the unique Doppler patterns. The system could enable applications in home automation, healthcare, and gaming by recognizing gestures anywhere in the home using only a few wireless access points.
Implementation and Performance Analysis of a Vedic Multiplier Using Tanner ED...ijsrd.com
high density, VLSI chips have led to rapid and innovative development in low power design during the recent years .The need for low power design is becoming a major issue in high performance digital systems such as microprocessor, digital signal processor and other applications. For these applications, Multiplier is the major core block. Based on the Multiplier design, an efficient processor is designed. Power and area efficient multiplier using CMOS logic circuits for applications in various digital signal processors is designed. This multiplier is implemented using Vedic multiplication algorithms mainly the "UrdhvaTriyakBhyam sutra., which is the most generalized one Vedic multiplication algorithm [1] . A multiplier is a very important element in almost all the processors and contributes substantially to the total power consumption of the system. The novel point is the efficient use of Vedic algorithm (sutras) that reduces the number of computational steps considerably compared with any conventional method . The schematic for this multiplier is designed using TANNER TOOL. Paper presents a systematic design methodology for this improved performance digital multiplier based on Vedic mathematics.
Service Clouds are a key emerging feature of the Future Internet which will provide a basic platform through which it executes virtualized services. For effectively operating a cloud services there is a need to have a monitoring system which provides data on the actual usage and changes in the resources of the cloud and the services running in the cloud. Monitoring and managing cloud is a very different from monitoring and managing the individual servers. This paper will detail the different aspect of the monitoring and the parameters involved in monitoring of the cloud services.
Cloud computing challenges and solutionsIJCNCJournal
Cloud computing is an emerging area of computer technology that benefits form the processing power and
the computing resources of many connected, geographically distanced computers connected via Internet.
Cloud computing eliminates the need of having a complete infrastructure of hardware and software to meet
users requirements and applications. It can be thought of or considered as a complete or a partial
outsourcing of hardware and software resources. To access cloud applications, a good Internet connection
and a standard Internet browser are required. Cloud computing has its own drawback from the security
point of view; this paper aims to address most of these threats and their possible solutions.
1) The document discusses security issues in cloud computing, with a focus on vulnerabilities in the virtualization layer.
2) It proposes a secure model (SVM) using intrusion detection systems to monitor virtual machines and detect attacks. This would help virtual machines resist attacks more efficiently in cloud environments.
3) Some key virtualization vulnerabilities discussed include attacks on hypervisors, compromised isolation between virtual machines, and packet sniffing/spoofing in virtual networks. The proposed SVM model aims to address these issues and secure the virtualization layer in cloud infrastructure.
Prevention of Vulnerable Virtual Machines against DDOS.pptxNoorFathima60
The document describes the NICE model for preventing vulnerable virtual machines from DDoS attacks in the cloud. The NICE model uses a network-based intrusion detection system agent in each cloud server to monitor traffic between virtual machines. It profiles virtual machines to gather configuration details and detects attacks by constructing scenario attack graphs. When attacks are detected, the network controller can reconfigure the virtual network to mitigate the attacks.
This document summarizes a research paper that proposed and evaluated methods for mitigating denial of service (DoS) and distributed denial of service (DDoS) attacks on virtual machines. The paper implemented iptables connection limits on the host machine to prevent excessive connections from attacking IPs. It also tuned network performance by adjusting the receiving window size to maximize bandwidth utilization. The experimental results showed that the iptables security measures protected against DoS/DDoS attacks while window scaling optimization improved network performance during attacks.
Secure intrusion detection and countermeasure selection in virtual system usi...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Iaetsd cloud computing and security challengesIaetsd Iaetsd
This document summarizes security challenges in cloud computing. It discusses how the distributed nature of cloud computing introduces security risks to confidential data and resources. It outlines several types of security threats like data breaches, malware injection, and network attacks. It also examines security requirements like confidentiality, integrity, and authentication. Finally, the document notes challenges like ensuring security, managing resources, and maintaining performance and interoperability remain open issues for cloud computing.
Sections:
Introduction
Cloud Computing background
Securing the Cloud
Virtualization
Mobile Cloud Computing
User safety & energy consumption
Author’s proposal
Conclusion
In order to make cloud computing to be adopted by users and enterprises, security concerns of users should be rectified by making cloud environment trustworthy, discussed by Latif et al. in the assessment of cloud computing risks[2].
We address the questions related to:
security concerns and threats over general cloud computing,
(2) the solutions for these problems and
(3) mobile users safety in convergence with energy consumption.
Single Sign-on Authentication Model for Cloud Computing using KerberosDeepak Bagga
ABSTRACT
In today’s organizations need for several new resources and storage requirements for terabytes of data is generated every day. Cloud computing provides solution for this in a cost effective and efficient manner. Cloud computing provides on demand resources as services to clients. Cloud is highly scalable and flexible. Although it is benefiting the clients in several ways but as data is stored remotely it has many security loopholes like attacks, data lose, other security and authentication issues. In this paper we are proposing an authentication model for cloud computing based on the Kerberos protocol to provide single sign-on and to prevent against DDOS attacks. This model can benefit by filtering against unauthorized access and to reduce the burden, computation and memory usage of cloud against authentication checks for each client. It acts as a third party between cloud servers and clients to allow secure access to cloud services. In this paper we will see some of the related work for cloud security issues and attacks. Then in next section we will discuss the proposed architecture, its working and sequential process of message transmission. Next we will see how it can prevent against DDOS attacks, some benefits and how it provides single sign-on.
Challenges and Mechanisms for Securing Data in Mobile Cloud Computingijcnes
Cloud computing enables users to utilize the services of computing resources. Now days computing resources in mobile applications are being delivered with cloud computing. As there is a growing need for new mobile applications, usage of cloud computing can not be overlooked. Cloud service providers offers the services for the data request in a remote server. Virtualization aspect of cloud computing in mobile applications felicitates better utilization of resources. The industry needs to address the foremost security risk in the underlying technology. The cloud computing environment in mobile applications aggravated with various security problems. This paper addresses challenges in securing data in cloud for mobile Cloud computing and few mechanisms to overcome.
FIRECOL: A COLLABORATIVE PROTECTION NETWORK FOR THE DETECTION OF FLOODING DDO...Deenuji Loganathan
The document describes FireCol, a system for detecting distributed denial-of-service (DDoS) flooding attacks. The core of FireCol is composed of intrusion prevention systems (IPSs) located at internet service providers that form virtual protection rings around hosts. The IPSs collaborate by exchanging selected traffic information to detect DDoS attacks early. FireCol was evaluated using simulations and real data, showing its effectiveness with low overhead and support for incremental deployment.
Establishing applications on on-demand infrastructures rather of building applica-tions on fixed and rigid infrastructures was provided by cloud computing provides. By merely exploiting into the cloud, initiatives can gain fast access to business applications or infrastructure resources with decreased Capital Expenditure (CAPEX). The more and more information is placed into the cloud by someone and initiatives, security issues begins to develop and raised. This paper discusses the different security issues that rise up about how secure the mo-bile cloud computing environment.
Secure hash based distributed framework for utpc based cloud authorizationIAEME Publication
This document summarizes a research paper that proposes a secure distributed framework for cloud authorization using unit transaction permission coins (UTPCs). The framework uses hash functions like SHA and MD5 to generate unique UTPCs on Android smartphones based on device identifiers. These UTPCs are used for user authentication to access cloud services. The framework aims to provide lightweight and compatible security for real-time cloud applications. It discusses security challenges with cloud computing and sensor networks, and proposes generating UTPCs through a nested hashing process as a security token for cloud user authorization.
Secure hash based distributed framework for utpc based cloud authorizationIAEME Publication
This document discusses secure authorization for cloud computing using smartphones. It proposes a distributed framework that uses a Unit Transaction Permission Coin (UTPC) as a security token for cloud user authorization. The UTPC is generated using a hash function like SHA or MD5, making it difficult for intruders to break. The framework registers and authenticates trusted smartphone devices using their IMEI and IMSI identifiers in an untrusted computing environment. The resulting UTPC-based authorization method is lightweight and compatible with real-time cloud applications.
Encountering distributed denial of service attack utilizing federated softwar...IJECEIAES
This research defines the distributed denial of service (DDoS) problem in software-defined-networks (SDN) environments. The proposes solution uses Software defined networks capabilities to reduce risk, introduces a collaborative, distributed defense mechanism rather than server-side filtration. Our proposed network detection and prevention agent (NDPA) algorithm negotiates the maximum amount of traffic allowed to be passed to server by reconfiguring network switches and routers to reduce the ports' throughput of the network devices by the specified limit ratio. When the passed traffic is back to normal, NDPA starts network recovery to normal throughput levels, increasing ports' throughput by adding back the limit ratio gradually each time cycle. The simulation results showed that the proposed algorithms successfully detected and prevented a DDoS attack from overwhelming the targeted server. The server was able to coordinate its operations with the SDN controllers through a communication mechanism created specifically for this purpose. The system was also able to determine when the attack was over and utilize traffic engineering to improve the quality of service (QoS). The solution was designed with a sophisticated way and high level of separation of duties between components so it would not be affected by the design aspect of the network architecture.
DDOS DETECTION IN SOFTWARE-DEFINED NETWORK (SDN) USING MACHINE LEARNINGIJCI JOURNAL
In recent years, the concept of cloud computing and the software-defined network (SDN) have spread
widely. The services provided by many sectors such as medicine, education, banking, and transportation
are being replaced gradually with cloud-based applications. Consequently, the availability of these
services is critical. However, the cloud infrastructure and services are vulnerable to attackers who aim to
breach its availability. One of the major threats to any system availability is a Denial-of-Service (DoS)
attack, which is intended to deny the legitimate user from accessing cloud resources. The Distributed
Denial-of-Service attack (DDoS) is a type of DoS attack which is considerably more effective and
dangerous. A lot of efforts have been made by the research community to detect DDoS attacks, however,
there is still a need for further efforts in this germane field. In this paper, machine learning techniques are
utilized to build a model that can detect DDoS attacks in Software-Defined Networks (SDN). The used ML
algorithms have shown high performance in the earliest studies; hence they have been used in this study
along with feature selection technique. Therefore, our model utilized these algorithms to detect DDoS
attacks in network traffic. The outcome of this experiment shows the impact of feature selection in
improving the model performance. Eventually, The Random Forest classifier has achieved the highest
accuracy of 0.99 in detecting DDoS attack.
Cloud Computing Using Encryption and Intrusion Detectionijsrd.com
Cloud computing provides many benefits to the users such as accessibility and availability. As the data is available over the cloud, it can be accessed by different users. There may be sensitive data of organization. This is the one issue to provide access to authenticated users only. But the data can be accessed by the owner of the cloud. So to avoid getting data being accessed by the cloud owner, we will use the intrusion detection system to provide security to the data. The other issue is to save the data backup in other cloud in encrypted form so that load balancing can be done. This will help the user with data availability in case of failure of one cloud.
DDoS Attack Detection on Internet o Things using Unsupervised Algorithmsijfls
The increase in the deployment of IoT networks has improved productivity of humans and organisations. However, IoT networks are increasingly becoming platforms for launching DDoS attacks due to inherent weaker security and resource-constrained nature of IoT devices. This paper focusses on detecting DDoS attack in IoT networks by classifying incoming network packets on the transport layer as either “Suspicious” or “Benign” using unsupervised machine learning algorithms. In this work, two deep learning algorithms and two clustering algorithms were independently trained for mitigating DDoS attacks. We lay emphasis on exploitation based DDOS attacks which include TCP SYN-Flood attacks and UDP-Lag attacks. We use Mirai, BASHLITE and CICDDoS2019 dataset in training the algorithms during the experimentation phase. The accuracy score and normalized-mutual-information score are used to quantify the classification performance of the four algorithms. Our results show that the autoencoder performed overall best with the highest accuracy across all the datasets.
DDOS ATTACK DETECTION ON INTERNET OF THINGS USING UNSUPERVISED ALGORITHMSijfls
The increase in the deployment of IoT networks has improved productivity of humans and organisations.
However, IoT networks are increasingly becoming platforms for launching DDoS attacks due to inherent
weaker security and resource-constrained nature of IoT devices. This paper focusses on detecting DDoS
attack in IoT networks by classifying incoming network packets on the transport layer as either
“Suspicious” or “Benign” using unsupervised machine learning algorithms. In this work, two deep
learning algorithms and two clustering algorithms were independently trained for mitigating DDoS
attacks. We lay emphasis on exploitation based DDOS attacks which include TCP SYN-Flood attacks and
UDP-Lag attacks. We use Mirai, BASHLITE and CICDDoS2019 dataset in training the algorithms during
the experimentation phase. The accuracy score and normalized-mutual-information score are used to
quantify the classification performance of the four algorithms. Our results show that the autoencoder
performed overall best with the highest accuracy across all the datasets.
This document discusses security issues in grid computing and proposes an enhanced amalgam encryption approach. It begins with an overview of distributed, cloud, and grid computing. Grid computing involves coordinating shared resources across distributed, heterogeneous environments. Major security issues in grid computing include integration with existing security systems, interoperability across domains, and establishing trust relationships. The document then discusses cryptography approaches used to provide security, including symmetric and asymmetric encryption. It proposes a hybrid encryption solution combining AES and RC4 algorithms to address overhead limitations of previous approaches for large distributed networks like smart grids.
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...IJNSA Journal
Intrusion Detection and/or Prevention Systems (IDPS) represent an important line of defence against a variety of attacks that can compromise the security and proper functioning of an enterprise information system. Along with the widespread evolution of new emerging services, the quantity and impact of attacks have continuously increased, attackers continuously find vulnerabilities at various levels, from the network itself to operating system and applications, exploit them to crack system and services. Network defence and network monitoring has become an essential component of computer security to predict and prevent attacks. Unlike traditional Intrusion Detection System (IDS), Intrusion Detection and Prevention System (IDPS) have additional features to secure computer networks.
In this paper, we present a detailed study of how deployment of an IDPS plays a key role in its performance and the ability to detect and prevent known as well as unknown attacks. We categorize IDPS based on deployment as Network-based, host-based, and Perimeter-based and Hybrid. A detailed comparison is shown in this paper and finally we justify our proposed solution, which deploys agents at host-level to give better performance in terms of reduced rate of false positives and accurate detection and prevention.
Similar to A Collaborative Intrusion Detection System for Cloud Computing (20)
Due to availability of internet and evolution of embedded devices, Internet of things can be useful to contribute in energy domain. The Internet of Things (IoT) will deliver a smarter grid to enable more information and connectivity throughout the infrastructure and to homes. Through the IoT, consumers, manufacturers and utility providers will come across new ways to manage devices and ultimately conserve resources and save money by using smart meters, home gateways, smart plugs and connected appliances. The future smart home, various devices will be able to measure and share their energy consumption, and actively participate in house-wide or building wide energy management systems. This paper discusses the different approaches being taken worldwide to connect the smart grid. Full system solutions can be developed by combining hardware and software to address some of the challenges in building a smarter and more connected smart grid.
A Survey Report on : Security & Challenges in Internet of Thingsijsrd.com
In the era of computing technology, Internet of Things (IoT) devices are now popular in each and every domains like e-governance, e-Health, e-Home, e-Commerce, and e-Trafficking etc. Iot is spreading from small to large applications in all fields like Smart Cities, Smart Grids, Smart Transportation. As on one side IoT provide facilities and services for the society. On the other hand, IoT security is also a crucial issues.IoT security is an area which totally concerned for giving security to connected devices and networks in the IoT .As, IoT is vast area with usability, performance, security, and reliability as a major challenges in it. The growth of the IoT is exponentially increases as driven by market pressures, which proportionally increases the security threats involved in IoT The relationship between the security and billions of devices connecting to the Internet cannot be described with existing mathematical methods. In this paper, we explore the opportunities possible in the IoT with security threats and challenges associated with it.
In today’s emerging world of Internet, each and every thing is supposed to be in connected mode with the help of billions of smart devices. By connecting all the devises used in our day to day life, make our life trouble less and easy. We are incorporated in a world where we are used to have smart phones, smart cars, smart gadgets, smart homes and smart cities. Different institutes and researchers are working for creating a smart world for us but real question which we need to emphasis on is how to make dumb devises talk with uncommon hardware and communication technology. For the same what kind of mechanism to use with various protocols and less human interaction. The purpose is to provide the key area for application of IoT and a platform on which various devices having different mechanism and protocols can communicate with an integrated architecture.
Study on Issues in Managing and Protecting Data of IOTijsrd.com
This paper discusses variety of issues for preserving and managing data produced by IoT. Every second large amount of data are added or updated in the IoT databases across the heterogeneous environment. While managing the data each phase of data processing for IoT data is exigent like storing data, querying, indexing, transaction management and failure handling. We also refer to the problem of data integration and protection as data requires to be fit in single layout and travel securely as they arrive in the pool from diversified sources in different structure. Finally, we confer a standardized pathway to manage and to defend data in consistent manner.
Interactive Technologies for Improving Quality of Education to Build Collabor...ijsrd.com
Today with advancement in Information Communication Technology (ICT) the way the education is being delivered is seeing a paradigm shift from boring classroom lectures to interactive applications such as 2-D and 3-D learning content, animations, live videos, response systems, interactive panels, education games, virtual laboratories and collaborative research (data gathering and analysis) etc. Engineering is emerging with more innovative solutions in the field of education and bringing out their innovative products to improve education delivery. The academic institutes which were once hesitant to use such technology are now looking forward to such innovations. They are adopting the new ways as they are realizing the vast benefits of using such methods and technology. The benefits are better comprehensibility, improved learning efficiency of students, and access to vast knowledge resources, geographical reach, quick feedback, accountability and quality research. This paper focuses on how engineering can leverage the latest technology and build a collaborative learning environment which can then be integrated with the national e-learning grid.
Internet of Things - Paradigm Shift of Future Internet Application for Specia...ijsrd.com
In the world more than 15% people are living with disability that also include children below age of 10 years. Due to lack of independent support services specially abled (handicap) people overly rely on other people for their basic needs, that excludes them from being financially and socially active. The Internet of Things (IoT) can give support system and a better quality of life as well as participation in routine and day to day life. For this purpose, the future solutions for current problems has been introduced in this paper. Daunting challenges have been considered as future research and glimpse of the IoT for specially abled person is given in the paper.
A Study of the Adverse Effects of IoT on Student's Lifeijsrd.com
Internet of things (IoT) is the most powerful invention and if used in the positive direction, internet can prove to be very productive. But, now a days, due to the social networking sites such as Face book, WhatsApp, twitter, hike etc. internet is producing adverse effects on the student life, especially those students studying at college Level. As it is rightly said, something which has some positive effects also has some of the negative effects on the other hand. In this article, we are discussing some adverse effects of IoT on student’s life.
Pedagogy for Effective use of ICT in English Language Learningijsrd.com
The use of information and communications technology (ICT) in education is a relatively new phenomenon and it has been the educational researchers' focus of attention for more than two decades. Educators and researchers examine the challenges of using ICT and think of new ways to integrate ICT into the curriculum. However, there are some barriers for the teachers that prevent them to use ICT in the classroom and develop supporting materials through ICT. The purpose of this study is to examine the high school English teachers’ perceptions of the factors discouraging teachers to use ICT in the classroom.
In recent years usage of private vehicles create urban traffic more and more crowded. As result traffic becomes one of the important problems in big cities in all over the world. Some of the traffic concerns are traffic jam and accidents which have caused a huge waste of time, more fuel consumption and more pollution. Time is very important parameter in routine life. The main problem faced by the people is real time routing. Our solution Virtual Eye will provide the current updates as in the real time scenario of the specific route. This research paper presents smart traffic navigation system, based on Internet of Things, which is featured by low cost, high compatibility, easy to upgrade, to replace traditional traffic management system and the proposed system can improve road traffic tremendously.
Ontological Model of Educational Programs in Computer Science (Bachelor and M...ijsrd.com
In this work there is illustrated an ontological model of educational programs in computer science for bachelor and master degrees in Computer science and for master educational program “Computer science as second competence†by Tempus project PROMIS.
Understanding IoT Management for Smart Refrigeratorijsrd.com
1) The document discusses a proposed design for an intelligent refrigerator that leverages sensor technology and wireless communication to identify food items and order more through an internet connection when supplies are low.
2) Key aspects of the proposal include using RFID to uniquely identify each food item, storing item and usage data in an XML database, monitoring usage patterns to determine reordering needs, and executing orders through an online retailer using stored payment details.
3) Security and privacy concerns with such an internet-connected refrigerator are discussed, such as potential hacking of personal information or unauthorized device control. The proposal aims to minimize human interaction for household management.
DESIGN AND ANALYSIS OF DOUBLE WISHBONE SUSPENSION SYSTEM USING FINITE ELEMENT...ijsrd.com
Double wishbone designs allow the engineer to carefully control the motion of the wheel throughout suspension travel. 3-D model of the Lower Wishbone Arm is prepared by using CAD software for modal and stress analysis. The forces and moments are used as the boundary conditions for finite element model of the wishbone arm. By using these boundary conditions static analysis is carried out. Then making the load as a function of time; quasi-static analysis of the wishbone arm is carried out. A finite element based optimization is used to optimize the design of lower wishbone arm. Topology optimization and material optimization techniques are used to optimize lower wishbone arm design.
A Review: Microwave Energy for materials processingijsrd.com
Microwave energy is a latest largest growing technique for material processing. This paper presents a review of microwave technologies used for material processing and its use for industrial applications. Advantages in using microwave energy for processing material include rapid heating, high heating efficiency, heating uniformity and clean energy. The microwave heating has various characteristics and due to which it has been become popular for heating low temperature applications to high temperature applications. In recent years this novel technique has been successfully utilized for the processing of metallic materials. Many researchers have reported microwave energy for sintering, joining and cladding of metallic materials. The aim of this paper is to show the use of microwave energy not only for non-metallic materials but also the metallic materials. The ability to process metals with microwave could assist in the manufacturing of high performance metal parts desired in many industries, for example in automotive and aeronautical industries.
Web Usage Mining: A Survey on User's Navigation Pattern from Web Logsijsrd.com
With an expontial growth of World Wide Web, there are so many information overloaded and it became hard to find out data according to need. Web usage mining is a part of web mining, which deal with automatic discovery of user navigation pattern from web log. This paper presents an overview of web mining and also provide navigation pattern from classification and clustering algorithm for web usage mining. Web usage mining contain three important task namely data preprocessing, pattern discovery and pattern analysis based on discovered pattern. And also contain the comparative study of web mining techniques.
APPLICATION OF STATCOM to IMPROVED DYNAMIC PERFORMANCE OF POWER SYSTEMijsrd.com
Application of FACTS controller called Static Synchronous Compensator STATCOM to improve the performance of power grid with Wind Farms is investigated .The essential feature of the STATCOM is that it has the ability to absorb or inject fastly the reactive power with power grid . Therefore the voltage regulation of the power grid with STATCOM FACTS device is achieved. Moreover restoring the stability of the power system having wind farm after occurring severe disturbance such as faults or wind farm mechanical power variation is obtained with STATCOM controller . The dynamic model of the power system having wind farm controlled by proposed STATCOM is developed . To validate the powerful of the STATCOM FACTS controller, the studied power system is simulated and subjected to different severe disturbances. The results prove the effectiveness of the proposed STATCOM controller in terms of fast damping the power system oscillations and restoring the power system stability.
Making model of dual axis solar tracking with Maximum Power Point Trackingijsrd.com
Now a days solar harvesting is more popular. As the popularity become higher the material quality and solar tracking methods are more improved. There are several factors affecting the solar system. Major influence on solar cell, intensity of source radiation and storage techniques The materials used in solar cell manufacturing limit the efficiency of solar cell. This makes it particularly difficult to make considerable improvements in the performance of the cell, and hence restricts the efficiency of the overall collection process. Therefore, the most attainable maximum power point tracking method of improving the performance of solar power collection is to increase the mean intensity of radiation received from the source used. The purposed of tracking system controls elevation and orientation angles of solar panels such that the panels always maintain perpendicular to the sunlight. The measured variables of our automatic system were compared with those of a fixed angle PV system. As a result of the experiment, the voltage generated by the proposed tracking system has an overall of about 28.11% more than the fixed angle PV system. There are three major approaches for maximizing power extraction in medium and large scale systems. They are sun tracking, maximum power point (MPP) tracking or both.
A REVIEW PAPER ON PERFORMANCE AND EMISSION TEST OF 4 STROKE DIESEL ENGINE USI...ijsrd.com
This document summarizes a review paper on performance and emission testing of a 4-stroke diesel engine using ethanol-diesel blends at different pressures. The paper reviews several previous studies that tested blends of 5-30% ethanol mixed with diesel fuel. The studies found that a 10-20% ethanol blend can improve brake thermal efficiency compared to pure diesel, while also reducing emissions like NOx and smoke. Higher ethanol blends required advancing the injection timing to allow the engine to run. Ethanol-diesel blends were found to have lower density, viscosity, pour point and higher flash point compared to pure diesel. Overall, ethanol shows potential as a renewable fuel to improve engine performance and reduce emissions when blended with diesel
Study and Review on Various Current Comparatorsijsrd.com
This paper presents study and review on various current comparators. It also describes low voltage current comparator using flipped voltage follower (FVF) to obtain the single supply voltage. This circuit has short propagation delay and occupies a small chip area as compare to other current comparators. The results of this circuit has obtained using PSpice simulator for 0.18 μm CMOS technology and a comparison has been performed with its non FVF counterpart to contrast its effectiveness, simplicity, compactness and low power consumption.
Reducing Silicon Real Estate and Switching Activity Using Low Power Test Patt...ijsrd.com
Power dissipation is a challenging problem for today's system-on-chip design and test. This paper presents a novel architecture which generates the test patterns with reduced switching activities; it has the advantage of low test power and low hardware overhead. The proposed LP-TPG (test pattern generator) structure consists of modified low power linear feedback shift register (LP-LFSR), m-bit counter, gray counter, NOR-gate structure and XOR-array. The seed generated from LP-LFSR is EXCLUSIVE-OR ed with the data generated from gray code generator. The XOR result of the sequence is single input changing (SIC) sequence, in turn reduces the switching activity and so power dissipation will be very less. The proposed architecture is simulated using Modelsim and synthesized using Xilinx ISE9.2.The Xilinx chip scope tool will be used to test the logic running on FPGA.
Defending Reactive Jammers in WSN using a Trigger Identification Service.ijsrd.com
In the last decade, the greatest threat to the wireless sensor network has been Reactive Jamming Attack because it is difficult to be disclosed and defend as well as due to its mass destruction to legitimate sensor communications. As discussed above about the Reactive Jammers Nodes, a new scheme to deactivate them efficiently is by identifying all trigger nodes, where transmissions invoke the jammer nodes, which has been proposed and developed. Due to this identification mechanism, many existing reactive jamming defending schemes can be benefited. This Trigger Identification can also work as an application layer .In this paper, on one side we provide the several optimization problems to provide complete trigger identification service framework for unreliable wireless sensor networks and on the other side we also provide an improved algorithm with regard to two sophisticated jamming models, in order to enhance its robustness for various network scenarios.
An Internet Protocol address (IP address) is a logical numeric address that is assigned to every single computer, printer, switch, router, tablets, smartphones or any other device that is part of a TCP/IP-based network.
Types of IP address-
Dynamic means "constantly changing “ .dynamic IP addresses aren't more powerful, but they can change.
Static means staying the same. Static. Stand. Stable. Yes, static IP addresses don't change.
Most IP addresses assigned today by Internet Service Providers are dynamic IP addresses. It's more cost effective for the ISP and you.
Software Engineering and Project Management - Introduction to Project ManagementPrakhyath Rai
Introduction to Project Management: Introduction, Project and Importance of Project Management, Contract Management, Activities Covered by Software Project Management, Plans, Methods and Methodologies, some ways of categorizing Software Projects, Stakeholders, Setting Objectives, Business Case, Project Success and Failure, Management and Management Control, Project Management life cycle, Traditional versus Modern Project Management Practices.
Social media management system project report.pdfKamal Acharya
The project "Social Media Platform in Object-Oriented Modeling" aims to design
and model a robust and scalable social media platform using object-oriented
modeling principles. In the age of digital communication, social media platforms
have become indispensable for connecting people, sharing content, and fostering
online communities. However, their complex nature requires meticulous planning
and organization.This project addresses the challenge of creating a feature-rich and
user-friendly social media platform by applying key object-oriented modeling
concepts. It entails the identification and definition of essential objects such as
"User," "Post," "Comment," and "Notification," each encapsulating specific
attributes and behaviors. Relationships between these objects, such as friendships,
content interactions, and notifications, are meticulously established.The project
emphasizes encapsulation to maintain data integrity, inheritance for shared behaviors
among objects, and polymorphism for flexible content handling. Use case diagrams
depict user interactions, while sequence diagrams showcase the flow of interactions
during critical scenarios. Class diagrams provide an overarching view of the system's
architecture, including classes, attributes, and methods .By undertaking this project,
we aim to create a modular, maintainable, and user-centric social media platform that
adheres to best practices in object-oriented modeling. Such a platform will offer users
a seamless and secure online social experience while facilitating future enhancements
and adaptability to changing user needs.
OCS Training Institute is pleased to co-operate with
a Global provider of Rig Inspection/Audits,
Commission-ing, Compliance & Acceptance as well as
& Engineering for Offshore Drilling Rigs, to deliver
Drilling Rig Inspec-tion Workshops (RIW) which
teaches the inspection & maintenance procedures
required to ensure equipment integrity. Candidates
learn to implement the relevant standards &
understand industry requirements so that they can
verify the condition of a rig’s equipment & improve
safety, thus reducing the number of accidents and
protecting the asset.
Development of Chatbot Using AI/ML Technologiesmaisnampibarel
The rapid advancements in artificial intelligence and natural language processing have significantly transformed human-computer interactions. This thesis presents the design, development, and evaluation of an intelligent chatbot capable of engaging in natural and meaningful conversations with users. The chatbot leverages state-of-the-art deep learning techniques, including transformer-based architectures, to understand and generate human-like responses.
Key contributions of this research include the implementation of a context- aware conversational model that can maintain coherent dialogue over extended interactions. The chatbot's performance is evaluated through both automated metrics and user studies, demonstrating its effectiveness in various applications such as customer service, mental health support, and educational assistance. Additionally, ethical considerations and potential biases in chatbot responses are examined to ensure the responsible deployment of this technology.
The findings of this thesis highlight the potential of intelligent chatbots to enhance user experience and provide valuable insights for future developments in conversational AI.
Natural Is The Best: Model-Agnostic Code Simplification for Pre-trained Large...YanKing2
Pre-trained Large Language Models (LLM) have achieved remarkable successes in several domains. However, code-oriented LLMs are often heavy in computational complexity, and quadratically with the length of the input code sequence. Toward simplifying the input program of an LLM, the state-of-the-art approach has the strategies to filter the input code tokens based on the attention scores given by the LLM. The decision to simplify the input program should not rely on the attention patterns of an LLM, as these patterns are influenced by both the model architecture and the pre-training dataset. Since the model and dataset are part of the solution domain, not the problem domain where the input program belongs, the outcome may differ when the model is trained on a different dataset. We propose SlimCode, a model-agnostic code simplification solution for LLMs that depends on the nature of input code tokens. As an empirical study on the LLMs including CodeBERT, CodeT5, and GPT-4 for two main tasks: code search and summarization. We reported that 1) the reduction ratio of code has a linear-like relation with the saving ratio on training time, 2) the impact of categorized tokens on code simplification can vary significantly, 3) the impact of categorized tokens on code simplification is task-specific but model-agnostic, and 4) the above findings hold for the paradigm–prompt engineering and interactive in-context learning and this study can save reduce the cost of invoking GPT-4 by 24%per API query. Importantly, SlimCode simplifies the input code with its greedy strategy and can obtain at most 133 times faster than the state-of-the-art technique with a significant improvement. This paper calls for a new direction on code-based, model-agnostic code simplification solutions to further empower LLMs.
Best Practices of Clothing Businesses in Talavera, Nueva Ecija, A Foundation ...IJAEMSJORNAL
This study primarily aimed to determine the best practices of clothing businesses to use it as a foundation of strategic business advancements. Moreover, the frequency with which the business's best practices are tracked, which best practices are the most targeted of the apparel firms to be retained, and how does best practices can be used as strategic business advancement. The respondents of the study is the owners of clothing businesses in Talavera, Nueva Ecija. Data were collected and analyzed using a quantitative approach and utilizing a descriptive research design. Unveiling best practices of clothing businesses as a foundation for strategic business advancement through statistical analysis: frequency and percentage, and weighted means analyzing the data in terms of identifying the most to the least important performance indicators of the businesses among all of the variables. Based on the survey conducted on clothing businesses in Talavera, Nueva Ecija, several best practices emerge across different areas of business operations. These practices are categorized into three main sections, section one being the Business Profile and Legal Requirements, followed by the tracking of indicators in terms of Product, Place, Promotion, and Price, and Key Performance Indicators (KPIs) covering finance, marketing, production, technical, and distribution aspects. The research study delved into identifying the core best practices of clothing businesses, serving as a strategic guide for their advancement. Through meticulous analysis, several key findings emerged. Firstly, prioritizing product factors, such as maintaining optimal stock levels and maximizing customer satisfaction, was deemed essential for driving sales and fostering loyalty. Additionally, selecting the right store location was crucial for visibility and accessibility, directly impacting footfall and sales. Vigilance towards competitors and demographic shifts was highlighted as essential for maintaining relevance. Understanding the relationship between marketing spend and customer acquisition proved pivotal for optimizing budgets and achieving a higher ROI. Strategic analysis of profit margins across clothing items emerged as crucial for maximizing profitability and revenue. Creating a positive customer experience, investing in employee training, and implementing effective inventory management practices were also identified as critical success factors. In essence, these findings underscored the holistic approach needed for sustainable growth in the clothing business, emphasizing the importance of product management, marketing strategies, customer experience, and operational efficiency.
A brief introduction to quadcopter (drone) working. It provides an overview of flight stability, dynamics, general control system block diagram, and the electronic hardware.
20CDE09- INFORMATION DESIGN
UNIT I INCEPTION OF INFORMATION DESIGN
Introduction and Definition
History of Information Design
Need of Information Design
Types of Information Design
Identifying audience
Defining the audience and their needs
Inclusivity and Visual impairment
Case study.
A Collaborative Intrusion Detection System for Cloud Computing
1. IJSRD - International Journal for Scientific Research & Development| Vol. 1, Issue 4, 2013 | ISSN (online): 2321-0613
All rights reserved by www.ijsrd.com 880
Abstract— Cloud computing is a computing paradigm that
shifts drastically from traditional computing architecture.
Although this new computing paradigm brings many
advantages like utility computing model but the design in
not flawless and hence suffers from not only many known
computer vulnerabilities but also introduces unique
information confidentiality, integrity and availability risks as
well due its inherent design paradigm. To provide secure
and reliable services in cloud computing environment is an
important issue. To counter a variety of attacks, especially
large-scale coordinated attacks, a framework of
Collaborative Intrusion Detection System (IDS) is proposed.
The proposed system could reduce the impact of these kinds
of attacks through providing timely notifications about new
intrusions to Cloud users’ systems. To provide such ability,
IDSs in the cloud computing regions both correlate alerts
from multiple elementary detectors and exchange
knowledge of interconnected Clouds with each other.
Keywords: Intrusion Detection System, Cloud Computing,
Collaborative IDS, Collaborative IDS for Cloud
I. INTRODUCTION
Cloud computing is the use of computing resources
(hardware and software) that are delivered as a service over
a network (typically the Internet)[1]
. As per NIST definition,
cloud model is composed of five essential characteristics as
On-demand self-service, Broad network access, Resource
pooling, Rapid elasticity, Measured service, three service
models like Software as a Service (SaaS), Platform as a
Service (PaaS), Infrastructure as a Service (IaaS), and four
deployment models like Private cloud, Community cloud,
Public cloud, Hybrid cloud[2]
.
Intrusion Detection System [5]
is software that
automates the process of monitoring the events occurring in
a computer system or network, analyzing them for signs of
possible incidents, which are violations of security policies.
For, this research work we are mainly concentrating on
Large-scale coordinated attacks, such as stealthy scans,
worms and DDoS are powerful tools to assist attackers to
achieve monetary gain. These attacks can occur in multiple
network domains simultaneously, which makes prompt
detection an extremely difficult task [6]
.
During the large-scale stealthy scans, there is one
source (attacking host) that is responsible for numerous
scans. Similarly, there is one source (infected host) that
begins to connect to numerous hosts in order to spread itself
during the worm outbreak. In contrast, the attack topology
of a DDoS attack is many to one, namely, all the attack
traffic is forwarded to one destination (the target system),
although in a distributed reflector DDoS attack, part of the
attack topology may appear as one to many [5]
. Therefore, in
order to detect the source address of a stealthy scan or worm
outbreak, we need to correlate suspicious source addresses
from incoming traffic across multiple network domains.
Similarly, to detect and filter DDoS traffic we either need to
correlate traffic at its source based on a common destination
address, or correlate traffic at the reflectors based on a
common source address. Moreover, given that the attack
rate is high; this correlation of attack evidence must be done
in a timely manner. The combination of complementary
IDSs to build a Collaborative IDS (CIDS) is a promising
technique that can be used to obtain a precise and
comprehensive view of suspicious events.
A CIDS framework [4]
is a mechanism to solve
these issues as by correlating suspicious evidence and attack
signatures from different sources of IDS. CIDSs provide the
efficiency of detecting intrusions over a large-scale
environment is improved. They have the potential to reduce
computational costs by sharing ID resources between
networks. The number of false alarms and irrelevant alerts
that would be generated by individual IDSs can be reduced.
The alarms raised by different IDSs produce more
comprehensive information about intrusion attempts than
that using a single IDS technique. The knowledge synthesis
from distributed IDSs in all interconnect Cloud regions
about intrusions, suspicious behaviors, blacklisted attackers
or compromised VMs to enhance the efficiency and rate of
intrusion detection.
II. LITERATURE SURVEY
A. Need for Cloud Log management
Now, when we have confronted various problems[7]
and
limitations[8]
of cloud computing, have come to know that in
each service model basic challenge occurred is Cloud log
management. Cloud Log Management can manage any
volume of data over any span of time. To Solve the cloud
logging problems, a log management solution or
architecture to support the following list of features[9]
needs
to be addressed: Centralization of all logs, Scalable log
storage, Fast data access and retrieval, Support for any log
format, Running data analysis jobs, Retention of log records,
Archival of old logs and restoring on demand, Segregated
data access through access control, Preservation of log
integrity, Audit trail for access to logs.
A log management system[10]
is the basis for enabling
log analysis and solving the goals introduced in the previous
sections. For Cloud Log Management, some Architecture
and guidelines should be followed. Setting up a logging
framework involves the following steps:
1) Enable logging in each infrastructure and
application component
2) Setup and configure log transport
A Collaborative Intrusion Detection System for Cloud Computing
Ms. Riddhi Mistry1
Mr. Krunal Kantharia2
Mr. Sandip Chauhan3
1
Computer Engineering 2
Network Engineer 3
Assistant Professor
1
GTU, Ahmedabad 2
KPTIT, Viramgam 3
KITRC, Kalol, Gujarat
S.P.B.Patel Engineering College, Mehsana, Gujarat
2. A Collaborative Intrusion Detection System for Cloud Computing
(IJSRD/Vol. 1/Issue 4/2013/0019)
All rights reserved by www.ijsrd.com 881
3) Tune logging configurations
Guidelines for log management provide information about
when to log, what to log, how to log, etc.
Making the decision when to write log records
needs to be driven by use-cases. These use-cases in cloud
applications surface in four areas: Business relevant logging,
Operations based logging, Security related logging,
Regulatory and standards mandates
What to log defines which parameters must be
logged for detailed log management. At a minimum, the
following fields need to be present in every log record:
Timestamp, Application, User, Session ID, Severity,
Reason, and Categorization.
The following is a syntax recommendation that is
based on standard work and the study of many existing
logging standards which is Common event expression
(CEE). This information gives answer to how to log.
Time = 2010-05-13 13:03:47.123231PDT, session_id =
08BaswoAAQgAADVDG3IAAAAD, severity = ERROR,
user = pixlcloud_zrlram, object = customer, action = delete,
status = failure, reason = does not exist
B. Eucalyptus Logs for Forensics
In [11], http based DoS/DDoS attack had been implemented
where attacker has used VB script on host physical Win XP
machine and Bash script on Linux machine to start multiple
Firefox with multiple tabs to send stream of randomized http
requests to Eucalyptus Cloud Controller node to exhaust its
communication channel or bandwidth resources.
The virtual Eucalyptus Cloud Controller’s (CC)
Bandwidth usage under normal conditions shows that during
normal conditions normal total traffic in/out rate is 39.1
Kbps. Similarly processor usage under normal condition is
5.6% After executing VB script and Bash script means after
implementing http based DOS attack, Virtual Eucalyptus
Cloud Controller’s (CC) total bandwidth usage has risen to 6
Mbps during attack condition which is far above under
normal attack conditions rate which was 39.1 Kbps. The
bandwidth resources can be sharply consumed by opening
more attack windows on client side and it reached as high as
16 Mbps when one more Firefox window with 50 tabs was
opened in physical host WinXP client machine of virtual
Eucalyptus cloud. Similarly Eucalyptus Cloud Controller’s
(CC) processor usage has risen to 83.1% under attack
conditions compared to 5.6% under normal conditions.
Finally the relevant logs were identified in
“/var/eucalyptus/jetty-request-05-09-xx” file on Cloud
Controller (CC) machine which shows attacking machine
IP, browser type and content requested. Now, here I have
observed that logs can be maintained in a systematic manner
by detailed procedure. But we need to differentiate them,
correlate them and use them in a specific order to implement
CIDS is the most important issue.
C. Architecture of Collaborative IDS Framework
In [4], each Cloud Provider (CP)’s infrastructure in a
Collaborative Cloud Computing model is considered as a
Cloud region while each physical machine residing at a
Cloud region is called a node for convenience. This
framework consists of three main components; namely, IDS
Manager, which resides at the management region of a
Collaborative Cloud, IDS Dispatcher, which is built inside
each Cloud region, and Elementary Detector, which is
distributed to monitor each VM and generates alarms for a
detected anomaly. For communication among components,
messages containing data and necessary information are
created and encrypted at each component before being
exchanged. Messages use TCP as the data transport. Two
kinds of Database servers, Global and Local, reside at
Management region and each element region, respectively.
Fig (1): Communication between components in
collaborative IDS Framework
1) Elementary Detector
Elementary Detector (ED) is a specialized IDS distributed to
monitor each VM in the system. Based on the service
models that Cloud users chose from the initialization phase,
the default functions are assigned to each EDs to collect and
analyze data about network traffic, memory, file systems,
logs, etc. to find potential intrusions in the monitored hosts.
Alerts generated by EDs are called raw alerts and sent to
IDS Dispatcher to alert aggregation and correlation from
other EDs for reducing the number of false raw alerts and
generating higher level alerts about large-scale coordinated
or multi-step attacks.
2) IDS Dispatcher
IDS Dispatcher is built in a secured independent node at
each Cloud region and responsible for either generating
distributed EDs or processing raw alerts which are sent from
all EDs. It’s considered as the parent node in the hierarchical
CIDS model for aggregating and correlating all raw alerts
from EDs into hyper alerts and analyzing them to detect
large-scale coordinated attacks. IDS Dispatcher consists of
three modules: IDS Generator, Translation Engine and Alert
Correlation.
a) IDS Generator
IDS Generator (IDSGen) is responsible for generating and
configuring EDs to monitor each virtual host. First, IDSGen
receives user’s information that is specified by Cloud users
from IDS Manager. In addition, a blacklist from IDS
Manager, which consists of information about suspicious
attackers, intrusions detected by IDSs of other Cloud
regions, is also used to update IDS configurations.
b) Translation Engine
After receiving raw alerts which are generated by all EDs
located in all nodes of a cloud region or hyper alerts from
Alert Correlation module, Translation Engine (TransEng)
3. A Collaborative Intrusion Detection System for Cloud Computing
(IJSRD/Vol. 1/Issue 4/2013/0019)
All rights reserved by www.ijsrd.com 882
takes charge of storing them in Local Database. Due to the
diversification of alerts which are built in different formats,
TransEng translates received alerts into a common format,
IDMEF [13]
, before extracting necessary data and storing
them into Local Database.
c) Alert Correlation
Alert Correlation is used to correlate alerts based on logical
relationships among the alerts. This function will provide
the system security operator with great insight into where
the initial attacks come from and where they actually end
up. It can also be used to find patterns among series of
attacks. After the alert correlation, high-level alerts
providing an overall view of the attacks will be presented to
the system security operators and Cloud users. In addition,
correlating raw alerts from different function of IDSs also
helps to verify whether a certain attack is successful or
failed to have appropriate responses.
Three key steps to correlate raw alerts into hyper
alerts are alert aggregation, alert verification and alert
correlation. Alert aggregating is the grouping of alerts that
both are close in time and have similar features. Alert
verification is to take a single alert and determine the
success of the attack that corresponds to this alert. Finally,
Alert correlation discovers the relationships between
individual alerts raised by security incident detection
systems and other security systems. In particular, when a
new raw alert is stored into the Local Database by
TransEng, Alert Correlation is simultaneously notified.
3) IDS Manager
IDS Manager is considered as the central management
component of the CIDS framework and an intermediate to
exchange information between Cloud’s users and EDs. It
also takes charge of gathering all events related to intrusions
and sending notifications to users via one single interface for
all cloud regions. There are four modules in IDS Manager;
namely, User Configuration, Notification, Alert Collector
and Alert Processor.
a) User Configuration
User Configuration (UserCfg) is built to collect users’ IDS
configurations and transfer them to other related
components in our proposed CIDS framework. Through a
single web-based user interface, Cloud users can specify
monitoring functions, alert settings and thresholds which are
considered as parameters for building and configuring their
EDs. This interface is only sent to Cloud users after they are
verified as legitimate users of Cloud. Based on the list of
Cloud regions and VM locations, UserCfg relays messages
containing users’ IDS configurations to IDS Generator
module of corresponding IDS Dispatchers.
b) Notification
Notification directly interacts with Cloud users to notify
detected intrusions which affect their own resources
allocated from CPs. It does queries to Global Database to
get new alerts which are stored into Database by Alert
Collector and alarms to Cloud users. In this context, Global
Database stores information about intrusions to resources of
all users of all Cloud regions belonging to the Collaborative
Cloud environment.
c) Alert Collector
Alert Collector takes charge of receiving hyper alerts from
Cloud regions and updating them to Global Database for
being processed by Alert Processor later. Because of the
Internet-based nature of Cloud Computing, handling
services and allocated resources of Cloud users is processed
through a request–response model like an ordinary web
client–server. Therefore, Cloud users’ requests to Access
Control component also needs to be monitored by the Cloud
IDS framework as a source for anomaly detection. As usual,
Access Control will assess the validation of all requests
from Cloud users before determining to reject these requests
or forward them to appropriate processing components in
Cloud systems.
d) Alert Processor
Alert Processor is the module which processes hyper alerts
at the highest level in the hierarchical Collaborative IDS
framework. The main goal of Alert Processor is to analyze
lower-level alerts stored in the Global Database, extract
information and generate a blacklist of compromised VMs,
identification of suspicious attackers, and details of
recognized attacks.
4) Collaborative IDS Framework Workload
Step 1.1: After being authenticated and choosing appropriate
services, users send IDS configurations to proposed IDS
framework for generating new IDSs for their allocated
systems.
Step 1.2: These users’ IDS configurations are stored in
Global Database before having been transferred to IDS
Dispatcher in each Cloud region.
Step 1.3: At each Cloud region, all configurations are used
to generate and configure new IDSs which are used to
monitor user’s virtual hosts.
Step 2.1: As an intrusion is detected by EDs, a raw alert is
generated and sent to IDS Dispatcher node on the same
Cloud region.
Step 2.2: This alert is converted into the common format
(IDMEF) and stored in the Local Database.
Step 2.3: This alert is aggregated with other alerts to create
hyper alerts.
Step 2.4: Hyper alerts are forwarded to IDS Manager on the
Management region of this federated Cloud.
Step 2.5: After receiving new alerts, through a user
interface, IDS framework notifies users about a threat to
their system and requires a response.
Fig (2): Collaborative IDS framework Workload
4. A Collaborative Intrusion Detection System for Cloud Computing
(IJSRD/Vol. 1/Issue 4/2013/0019)
All rights reserved by www.ijsrd.com 883
III. PROPOSED SYSTEM
Step: 1 Initially Logs from the all nodes will be generated.
Step: 2 These Logs will be sent to ED and ED will generate
raw alert.
Step: 3 Raw alert will be sent to IDS Dispatcher where IDS
generator will checks user information that user has
got ED or Not. If new user has arrived, IDS Gen will
verify user and then allocate ED to new user.
Step: 4 Raw alert will be then sent to alert correlation, where
alerts will be co-related by queries from the Local
DB. Here, it will check alert type whether alert is
successful or failed.
Step: 5 Successful alerts which are known as hyper alert will
be then sent to TransEng where alerts will be
converted in IDMEF format and stored in local DB.
Step: 6 Hyper alert will be sent to IDS Manager, where it
user configuration will be determined, alerts are
collected, processed for further use and stored in
Global DB.
Step: 7 IDS Manager will notify Cloud Controller as well as
user for processed alerts.
Here in [4], Alert correlation algorithm is provided as shown
below, but we modify it by adding parameters such as
bandwidth usage, memory usage, CPU usage as we have
seen earlier in [11] that by using certain programming, we
can come to know that attack has happened in particular
system.
Correlation Algorithm
A: list of raw alerts
r : Correlation threshold
s : Correlation sensitivity
for all each alert ai in A
for all hyper alerts in H
find an hyper alert hj containing an alert aj
such that
the correlation probability of ai and aj is
maximum
m this maximum correlation probability
if m> r
then for each alert ak in hj
if m - (probability between ak and ai) < s
then connect ai with ak
else
create a new hyper-alert
put ai in new hyper-alert
initialize hyper alert list H
IV. CONCLUSION
Thus, we have seen that logs can be maintained at the single
machine i.e Cloud Controller’s machine. These Logs are
randomly generated by any event occurred on the cloud
infrastructure. Here, I have implemented scripts which can
fetch this log files, collect those logs of the cloud
infrastructure, analyze them, correlate them and provide
alert in form of notification to the Cloud controller and the
client if any unknown or unfaithful event occurs.
Thus, Collaborative IDS framework for a
Collaborative Cloud Computing model builds multiple
anomaly-based elementary detectors and a hierarchical
architecture for combination of their alerts to make more
accurate determination of intrusions. Here blacklist users
have been tackled in a way that is considered as either
notification to each interconnected Cloud or additional
knowledge to increase efficiency of intrusion detection
progress. So, I have implemented Collaborative IDS by
using Collaborative IDS framework and got result from the
same.
This framework needs to be concentrated on the
security area as well as time duration taken. Here, analysis
of some basic attacks mainly DDOS attack has been
experienced. So, evaluation of the system by experimenting
different attacks remains yet.
REFERENCES
[1] http://en.wikipedia.org/wiki/Cloud_computing
[2] Peter Mell, Timothy Grance, “The NIST Definition of
Cloud Computing”, Special Publication 800-145,
National Institute of Standards and Technology, U.S.
Department of Commerce.
[3] Furht B, Chapter 1, Handbook of cloud computing.
[4] N. D. Man (&) _ E.-N., “A Collaborative Intrusion
Detection System Framework for Cloud Computing” in
Proceedings of the International Conference on IT
Convergence and Security 2011.
[5] Guide to Intrusion Detection and Prevention Systems
(IDPS), Recommendations of the National Institute of
Standards and Technology, NIST Special Publication
800-94, February 2007.
[6] Chenfeng Vincent Zhou, Shanika Karunasekera, and
Christopher Leckie, “A survey of coordinated attacks
and collaborative intrusion detection”, Computer Science
and Security, Volume 29, Issue 1, February 2010, Pages
124–140, available at www.sciencedirect.com.
[7] Scott Zimmerman and Dominick Glavach,, "Cyber
Forensics in the Cloud", IAnewsletter. Vol.14-No 1,
2011.
[8] Mohsen Damshenas, Ali Dehghantanha, Ramlan
Mahmoud, Solahuddin bin Shamsuddin, “Forensics
Investigation Challenges in Cloud Computing
Environments”, in Cyber Security, Cyber Warfare and
Digital Forensic (CyberSec), 2012 International
Conference on 26-28 June 2012.
[9] Stephen Mason, Esther George, “Digital evidence and
‘cloud’ computing”, computer law & security review
27(2011) 524 – 528, available at www.sciencedirect.com
[10] Raffael Marty, “Cloud Application Logging for
Forensics”, Loggly Inc.
[11] Zafarullah, Faiza Anwar, Zahid Anwar, “Digital
Forensics for Eucalyptus”, In IEEE, 2011 Frontiers of
Information Technology.
[12] Tal Garfinkel Mendel Rosenblum, “A Virtual Machine
Introspection Based Architecture for Intrusion
Detection” Proceedings 10th symposium, Network and
Distributed System Security (NDSS 03), Internet
Society, pp 191–206
[13] Intrusion detection message exchange format available
at http://www.ietf.org/rfc/rfc4765.txt