Abstract
In general, users often do not know which organizations or services obtain the right to use and may store, utilize, or redistribute their data when sensitive data have been released to a cloud service. The research field of usage control deals with such troubles by enforcing constraints on the usage of data after it has been revealed and is therefore principally important in the cloud environment. Usually, existing solutions apply cryptographic methods to maintain sensitive user data confidential against untrusted servers, by disclosing data decryption keys particularly to the authorized persons. In doing so, on the other hand, these solutions unavoidably bring in heavy computation overhead on the data owner for key distribution and data management when fine-grained data access control is needed and as a result do not perform well. To avoid these problems in this work, we propose customized bivariate parametric detection mechanism (cbPDM) that utilizes a sequential probability ratio test, permitting for control over the false-positive rate while examining the trade-off between detection time and strength of an anomaly and also the packet delivery rate. The method is examined using the bit-rate signal-to-noise ratio (SNR) metric, which is an effective metric for anomaly detection. This enhanced detection method does not need or try to model the full traffic patterns. First, the anomaly detection controls aggregate traffic, devoid of flow separation or deep packet inspection. After that, unlike prior anomaly detection approaches, our method computerizes training and does not require hand-tuned or hard-coded parameters. After that, we make use of both the packet rate and the sample entropy of the packet size distribution guides to guarantee robustness against false positives, consequently overcoming one of the traditional problems of anomaly detection methods. From the comparison results we can see the proposed method, which is better than existing methods due to its rate of packet delivery and bit-rate values.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
D.J. Abadi, Data management in the cloud: limitations and opportunities (2009)
F. Kelbert, Data usage control for the cloud. Technische University at Munchen (TUM)
S. Yu, C. Wang, K. Ren, W. Lou, Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing. Dept. of ECE, Illinois Institute of Technology
R. Chow, P. Golle, M. Jakobsson, R. Masuoka, J. Molina, Controlling data in the cloud: outsourcing computation without outsourcing control
M. Hausenblas, R. Grossman, A. Harth, P. Cudre-Mauroux, Large-Scale Linked Data Processing: Cloud Computing To the Rescue? University of Chicago and Open Cloud Consortium
S.P. Suryawanshi, A.M. Bagade, Secure data processing in cloud computing. Int. J. Comput. Appl. 76(5), 0975–8887 (2013)
A. Madhavapeddy, S. Singh, Reconfigurable Data Processing for Clouds (University of Cambridge, Cambridge)
S. Chakravarty, A. Stavrou, A.D. Keromytis, Traffic analysis against low-latency anonymity networks using available bandwidth estimation
J. Weinman, Network implications of cloud computing, in Technical Symposium at ITU Telecom World (ITU WT) (2011)
N. Evans, R. Dingledine, C. Grothoff, A practical congestion attack on tor using long paths, in Proceedings of the 18th USENIX Security Symposium (USENIX Security), (2009), pp. 33–50
J. Reardon, I. Goldberg, Improving tor using a TCP-over-DTLS tunnel, in Proceedings of 18th USENIX Security Symposium (2009)
I. Rish, M. Brodie, S. Ma, N. Odintsova, A. Beygelzimer, G. Grabarnik, K. Hernandez, Adaptive diagnosis in distributed systems. IEEE Trans. Neural Netw. 16, 1088–1109 (2005)
M. Natu, A.S. Seti, Efficient probing techniques for fault diagnosis, in 2nd International Conference on Internet Monitoring and Protection (ICIMP 2007) (2007) pp. 2085–2090
R. Chow, P. Golle, M. Jakobsson, E. Shi, J. Staddon, R. Masuoka, J. Molina, Controlling data in the cloud: Outsourcing computation without outsourcing control, in Proceedings of ACM Workshop on Cloud Computing Security (2009)
J. Park, R. Sandhu, Towards usage control models: Beyond traditional access control, in Proceedings of 7th ACM Symposium on Access Control Models and Technologies (2002)
A. Pretschner, M. Hilty, F. Schutz, C. Schaefer, T. Walter, Usage control enforcement: present and future. IEEE Secur. Priv. 6(4) (2008)
M. Harvan, A. Pretschner, State-based usage control enforcement with data flow tracking using system call interposition, in Proceedings of 3rd International Conference on Network and System Security (2009)
T. Wuchner, A. Pretschner, Data loss prevention based on data driven usage control, in Proceedings of 23rd IEEE International Symposium on Software Reliability Engineering (2012)
A. Pretschner, E. Lovat, M. Buchler, Representation-independent data usage control, in Proceedings of Conference on Data Privacy Management (2011)
B. Katt, X. Zhang, R. Breu, M. Hafner, J.-P. Seifert, A general obligation model and continuity-enhanced policy enforcement engine for usage control, in Proceedings of 13th ACM Symposium on Access Control Models and Technologies (2008)
P. Kumari, A. Pretschner, J. Peschla, J.-M. Kuhn, Distributed data usage control for web applications: A social network implementation, in Proceedings of 1st ACM Conference on Data and Application Security and Privacy (2011)
G. Ateniese, K. Fu, M. Green, S. Hohenberger, Improved proxy re-encryption schemes with applications to secure distributed storage, in Proceedings of NDSS’05 (2005)
S.D.C. di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, P. Samarati, Over-encryption: Management of access control evolution on outsourced data, in Proceedings of VLDB’07 (2007)
V. Goyal, O. Pandey, A. Sahai, B. Waters, Attribute-based encryption for fine-grained access control of encrypted data, in Proceedings of CCS’06 (2006)
R. Bianchini, R. Buskens, Implementation of on-line distributed system level diagnosis theory. IEEE Trans. Comput. 41(5), 616–626 (1992)
Elias Procopio Duarte Jr, Takashi Nanya, A hierarchical adaptive distributed system level diagnosis algorithm. IEEE Trans. Comput. 47(1), 34–45 (1998)
M.-S. Su, K. Thulasiraman, A. Das, Multilevel adaptive distributed fault location in a network of processors, in Proceedings of the Allerton Conference on Communication, Control and Computing (2001)
F.P. Preparata, G. Metze, R.T. Chien, On the connection assignment problem of diagnosable systems. IEEE Trans. Electr. Comput. 16, 848–854 (1967)
Acknowledgments
This paper is sponsored by the University Grants Commission of India, under the National Fellowship Program Grant no. TAM—24467.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer India
About this paper
Cite this paper
Suguna, S., Suhasini, A. (2015). A Unified Framework for Network Bandwidth and Link Latency Detector Based on Cloud Computing. In: Suresh, L., Dash, S., Panigrahi, B. (eds) Artificial Intelligence and Evolutionary Algorithms in Engineering Systems. Advances in Intelligent Systems and Computing, vol 324. Springer, New Delhi. https://doi.org/10.1007/978-81-322-2126-5_62
Download citation
DOI: https://doi.org/10.1007/978-81-322-2126-5_62
Published:
Publisher Name: Springer, New Delhi
Print ISBN: 978-81-322-2125-8
Online ISBN: 978-81-322-2126-5
eBook Packages: EngineeringEngineering (R0)