A Unified Framework for Network Bandwidth and Link Latency Detector Based on Cloud Computing

Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 324)


In general, users often do not know which organizations or services obtain the right to use and may store, utilize, or redistribute their data when sensitive data have been released to a cloud service. The research field of usage control deals with such troubles by enforcing constraints on the usage of data after it has been revealed and is therefore principally important in the cloud environment. Usually, existing solutions apply cryptographic methods to maintain sensitive user data confidential against untrusted servers, by disclosing data decryption keys particularly to the authorized persons. In doing so, on the other hand, these solutions unavoidably bring in heavy computation overhead on the data owner for key distribution and data management when fine-grained data access control is needed and as a result do not perform well. To avoid these problems in this work, we propose customized bivariate parametric detection mechanism (cbPDM) that utilizes a sequential probability ratio test, permitting for control over the false-positive rate while examining the trade-off between detection time and strength of an anomaly and also the packet delivery rate. The method is examined using the bit-rate signal-to-noise ratio (SNR) metric, which is an effective metric for anomaly detection. This enhanced detection method does not need or try to model the full traffic patterns. First, the anomaly detection controls aggregate traffic, devoid of flow separation or deep packet inspection. After that, unlike prior anomaly detection approaches, our method computerizes training and does not require hand-tuned or hard-coded parameters. After that, we make use of both the packet rate and the sample entropy of the packet size distribution guides to guarantee robustness against false positives, consequently overcoming one of the traditional problems of anomaly detection methods. From the comparison results we can see the proposed method, which is better than existing methods due to its rate of packet delivery and bit-rate values.


Network bandwidth Link latency detector Bivariate parametric detection mechanism anomaly detection Customized bivariate parametric detection mechanism Cloud computing 



This paper is sponsored by the University Grants Commission of India, under the National Fellowship Program Grant no. TAM—24467.


  1. 1.
    D.J. Abadi, Data management in the cloud: limitations and opportunities (2009)Google Scholar
  2. 2.
    F. Kelbert, Data usage control for the cloud. Technische University at Munchen (TUM)Google Scholar
  3. 3.
    S. Yu, C. Wang, K. Ren, W. Lou, Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing. Dept. of ECE, Illinois Institute of TechnologyGoogle Scholar
  4. 4.
    R. Chow, P. Golle, M. Jakobsson, R. Masuoka, J. Molina, Controlling data in the cloud: outsourcing computation without outsourcing controlGoogle Scholar
  5. 5.
    M. Hausenblas, R. Grossman, A. Harth, P. Cudre-Mauroux, Large-Scale Linked Data Processing: Cloud Computing To the Rescue? University of Chicago and Open Cloud ConsortiumGoogle Scholar
  6. 6.
    S.P. Suryawanshi, A.M. Bagade, Secure data processing in cloud computing. Int. J. Comput. Appl. 76(5), 0975–8887 (2013)Google Scholar
  7. 7.
    A. Madhavapeddy, S. Singh, Reconfigurable Data Processing for Clouds (University of Cambridge, Cambridge)Google Scholar
  8. 8.
    S. Chakravarty, A. Stavrou, A.D. Keromytis, Traffic analysis against low-latency anonymity networks using available bandwidth estimationGoogle Scholar
  9. 9.
    J. Weinman, Network implications of cloud computing, in Technical Symposium at ITU Telecom World (ITU WT) (2011)Google Scholar
  10. 10.
    N. Evans, R. Dingledine, C. Grothoff, A practical congestion attack on tor using long paths, in Proceedings of the 18th USENIX Security Symposium (USENIX Security), (2009), pp. 33–50Google Scholar
  11. 11.
    J. Reardon, I. Goldberg, Improving tor using a TCP-over-DTLS tunnel, in Proceedings of 18th USENIX Security Symposium (2009)Google Scholar
  12. 12.
    I. Rish, M. Brodie, S. Ma, N. Odintsova, A. Beygelzimer, G. Grabarnik, K. Hernandez, Adaptive diagnosis in distributed systems. IEEE Trans. Neural Netw. 16, 1088–1109 (2005)CrossRefGoogle Scholar
  13. 13.
    M. Natu, A.S. Seti, Efficient probing techniques for fault diagnosis, in 2nd International Conference on Internet Monitoring and Protection (ICIMP 2007) (2007) pp. 2085–2090Google Scholar
  14. 14.
    R. Chow, P. Golle, M. Jakobsson, E. Shi, J. Staddon, R. Masuoka, J. Molina, Controlling data in the cloud: Outsourcing computation without outsourcing control, in Proceedings of ACM Workshop on Cloud Computing Security (2009)Google Scholar
  15. 15.
    J. Park, R. Sandhu, Towards usage control models: Beyond traditional access control, in Proceedings of 7th ACM Symposium on Access Control Models and Technologies (2002)Google Scholar
  16. 16.
    A. Pretschner, M. Hilty, F. Schutz, C. Schaefer, T. Walter, Usage control enforcement: present and future. IEEE Secur. Priv. 6(4) (2008)Google Scholar
  17. 17.
    M. Harvan, A. Pretschner, State-based usage control enforcement with data flow tracking using system call interposition, in Proceedings of 3rd International Conference on Network and System Security (2009)Google Scholar
  18. 18.
    T. Wuchner, A. Pretschner, Data loss prevention based on data driven usage control, in Proceedings of 23rd IEEE International Symposium on Software Reliability Engineering (2012)Google Scholar
  19. 19.
    A. Pretschner, E. Lovat, M. Buchler, Representation-independent data usage control, in Proceedings of Conference on Data Privacy Management (2011)Google Scholar
  20. 20.
    B. Katt, X. Zhang, R. Breu, M. Hafner, J.-P. Seifert, A general obligation model and continuity-enhanced policy enforcement engine for usage control, in Proceedings of 13th ACM Symposium on Access Control Models and Technologies (2008)Google Scholar
  21. 21.
    P. Kumari, A. Pretschner, J. Peschla, J.-M. Kuhn, Distributed data usage control for web applications: A social network implementation, in Proceedings of 1st ACM Conference on Data and Application Security and Privacy (2011)Google Scholar
  22. 22.
    G. Ateniese, K. Fu, M. Green, S. Hohenberger, Improved proxy re-encryption schemes with applications to secure distributed storage, in Proceedings of NDSS’05 (2005)Google Scholar
  23. 23.
    S.D.C. di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, P. Samarati, Over-encryption: Management of access control evolution on outsourced data, in Proceedings of VLDB’07 (2007)Google Scholar
  24. 24.
    V. Goyal, O. Pandey, A. Sahai, B. Waters, Attribute-based encryption for fine-grained access control of encrypted data, in Proceedings of CCS’06 (2006)Google Scholar
  25. 25.
    R. Bianchini, R. Buskens, Implementation of on-line distributed system level diagnosis theory. IEEE Trans. Comput. 41(5), 616–626 (1992)CrossRefGoogle Scholar
  26. 26.
    Elias Procopio Duarte Jr, Takashi Nanya, A hierarchical adaptive distributed system level diagnosis algorithm. IEEE Trans. Comput. 47(1), 34–45 (1998)CrossRefGoogle Scholar
  27. 27.
    M.-S. Su, K. Thulasiraman, A. Das, Multilevel adaptive distributed fault location in a network of processors, in Proceedings of the Allerton Conference on Communication, Control and Computing (2001)Google Scholar
  28. 28.
    F.P. Preparata, G. Metze, R.T. Chien, On the connection assignment problem of diagnosable systems. IEEE Trans. Electr. Comput. 16, 848–854 (1967)Google Scholar

Copyright information

© Springer India 2015

Authors and Affiliations

  1. 1.Department of Computer Science and EngineeringAnnamalai UniversityChidambaramIndia

Personalised recommendations