2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)最新文献

{"title":"Reducing Complexity of Diagnostic Message Pattern Specification and Recognition on In-Bound Data Using Semantic Techniques","authors":"Gilbert Alipui, Lixin Tao, Keke Gai, Ning Jiang","doi":"10.1109/CSCloud.2016.33","DOIUrl":"https://doi.org/10.1109/CSCloud.2016.33","url":null,"abstract":"Different companies in the same line of business can have similar computer systems with built-in diagnostic routines, and the ability to regularly send error-driven or event-driven environmental diagnostic messages in XML back to the system manufacturer. The system manufacturer typically uses these to determine faults in the system. The outcome of this troubleshooting can also assist end-users and clients in solving problems, and provide the production team valuable information that can be used to improve future versions of the product. A Company merger could lead to the same team processing diagnostic messages from similar but different products, in different syntax, leading to complexity explosion of specifying and maintaining diagnostic message pattern specification and recognition for many different syntaxes. This research reduces the above complexity by extending ISO Schematron, the industry standard language for XML semantic constraints specification and validation, with conceptual rules. Pace University Knowledge Graphs are used to describe the concepts or classes relevant to the diagnostic messages of a system, and the new conceptual Schematron rules are introduced to specify diagnostic patterns on these concepts. Such conceptual diagnostic patterns are then converted automatically into concrete Schematron rules based on the syntax of the specific diagnostic messages. A complete prototype was designed and implemented to validate this new methodology.","PeriodicalId":410477,"journal":{"name":"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132028901","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"SE-ORAM: A Storage-Efficient Oblivious RAM for Privacy-Preserving Access to Cloud Storage","authors":"Qiumao Ma, Jinsheng Zhang, Yang Peng, Wensheng Zhang, D. Qiao","doi":"10.1109/CSCloud.2016.24","DOIUrl":"https://doi.org/10.1109/CSCloud.2016.24","url":null,"abstract":"Oblivious RAM (ORAM) is a security-provable approach for protecting clients' access patterns to remote cloud storage. Recently, numerous ORAM constructions have been proposed to improve the communication efficiency of the ORAM model, but little attention has been paid to the storage efficiency. The state-of-the-art ORAM constructions have the storage overhead of O(N) or O(N log N) blocks at the server, when N data blocks are hosted. To fill the blank, this paper proposes a storage-efficient ORAM (SE-ORAM) construction with configurable security parameter λ and zero storage overhead at the server. Extensive analysis has also been conducted and the results show that, SE-ORAM achieves the configured level of security, introduces zero storage overhead to the storage server (i.e., the storage server only storages N data blocks), and incurs O(log N) blocks storage overhead at the client, as long as λ ≥ 2 and each node on the storage tree stores 4 log N or more data blocks.","PeriodicalId":410477,"journal":{"name":"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)","volume":"185 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121088289","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"MongoDB NoSQL Injection Analysis and Detection","authors":"Boyu Hou, K. Qian, Lei Li, Yong Shi, Lixin Tao, Jigang Liu","doi":"10.1109/CSCloud.2016.57","DOIUrl":"https://doi.org/10.1109/CSCloud.2016.57","url":null,"abstract":"A NoSQL, also called a \"Non-Relational\" or \"Not only SQL,\" database system provides an approach to data management and database design for very large sets of distributed data and real-time web applications. A NoSQL database system is also a popular data storage for information retrieval because it supports better scalability, availability, and faster data access while comparing with traditional relational database management systems (RDBMS). What the RDBMS data needs is predictable as its data is stored in structured tables by defining the relationship between the different columns. In contrary the data in NoSQL databases does not need to be stored in a structured or fixed fashion. When performance and real-time access are more concerned than consistency, such as indexing and retrieving large numbers of records, NoSQL databases are more suitable than relational databases. With their obvious advantages in better performance, scalability, and flexibility, NoSQL databases have been adopted lately by many small businesses as they are moving their increasing business data into the clouds. However, the research on the security of a specific NoSQL database system or NoSQL database systems in general is very limited. Although there are many storage advantages in NoSQL databases, the need of quick and easy access to data has been seriously affected by the security issue of NoSQL databases. This paper examines the maturity of security measures for MongoDB, a typical NoSQL database system, with aspects in both attack and defense at the code level. The experimental testing on NoSQL injections is performed with JavaScript and PHP. After the demonstration on how a server-side JavaScript injection attack against a NoSQL database system reveals the customer's private data, two methods are discussed in preventing this type of security problems from happening. It is believed that our study will help database developers not only realizing that NoSQL database systems are not designed with security as a priority but also learning how to build a security layer to their organizations' NoSQL applications to avoid NoSQL injections.","PeriodicalId":410477,"journal":{"name":"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130314825","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Remote Backup Approach for Virtual Machine Images","authors":"Zhe Wang, Jin Zeng, Tao Lv, Bin Shi, B. Li","doi":"10.1109/CSCloud.2016.41","DOIUrl":"https://doi.org/10.1109/CSCloud.2016.41","url":null,"abstract":"Recent years witness the successful application of Cloud computing. Virtualization plays a key role in cloud computing and greatly facilitates application deployment and migration. Tenants' applications are hosted by virtual machines. The security and safety of user applications receive much attention from academia and industry. However, fault tolerance and availability issues of cloud applications are overlooked. In this paper, we focus on the high availability issue of virtual machines. We propose a remote backup approach, named LiveRB, for saving the running states of virtual machines in an online manner. The backup process operates in background and is transparent to the applications hosted in virtual machines. Live migration technique is used to save the running states of virtual machines. A virtual block device is designed to cache I/O operations in memory and save incremental virtual disk data of the virtual machine to a remote server. We implement LiveRB on KVM virtualization platform. We evaluate the effectiveness and efficiency of LiveRB through comprehensive experiments. The results show that LiveRB can lively backup a virtual machine to a remote server with only slight performance penalty.","PeriodicalId":410477,"journal":{"name":"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123498652","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Framework Research of Power Grid Knowledge Recommendation and Situation Reasoning Based on Cloud Computing and CEP","authors":"Jian Su, Yu Huang, Guangxian Lv, Haitao Liu, Peng Jin","doi":"10.1109/CSCloud.2016.14","DOIUrl":"https://doi.org/10.1109/CSCloud.2016.14","url":null,"abstract":"Modern power grid can produce a large amount of data at run time which shows a feature of fragmentation and disordering. Using the method of cloud-based knowledge management to achieve grid data, information retrieval, situation deducing and disaster warning, are important thoughts to be implemented. To solve the challenge, we put forward a software framework including knowledge recommendation and situation inference based on cloud computing and CEP(Complex Event Process). The framework can realize Large-scale analysis and intelligent recommendation for power grid and build reduction rules and models of power grid accident to implement disaster warning through CEP. Also, we show the prototype system.","PeriodicalId":410477,"journal":{"name":"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)","volume":"84 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121444972","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"On-demand Pseudonym Systems in Geo-Distributed Mobile Cloud Computing","authors":"Jiawen Kang, Rong Yu, Xumin Huang, Sabita Maharjan, Yan Zhang","doi":"10.1109/CSCloud.2016.31","DOIUrl":"https://doi.org/10.1109/CSCloud.2016.31","url":null,"abstract":"Geo-distributed mobile cloud computing (GMCC) integrates location information into mobile cloud computing, that has high potential for a large variety of applications. In a vehicular environment, a GMCC provides a large number of resources to vehicles that are geographically close to them. However, there are few studies that focus on security and privacy issues in a GMCC scenario. Vehicles need sufficient pseudonyms to periodically change for privacy preservation. In this paper, we focus on pseudonym management in GMCC system for vehicular environment. We design a three-layer on-demand pseudonym system to manage the pseudonyms. Moreover, we propose a secure pseudonym distribution scheme for secure communication among vehicles. As the number of demanded pseudonyms varies with traffic loads in different clouds, we use a newsvendor model to address the optimal on-demand pseudonym distribution problem. Numerical results indicate our proposed schemes not only improve utility of the clouds, but also maximize utilization of the pseudonyms.","PeriodicalId":410477,"journal":{"name":"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)","volume":"65 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126201009","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Review of Intrusion Detection in 802.15.4-Based Wireless Sensor Networks","authors":"M. Khanafer, Youssef Gahi, M. Guennoun, H. Mouftah","doi":"10.1109/CSCloud.2016.32","DOIUrl":"https://doi.org/10.1109/CSCloud.2016.32","url":null,"abstract":"The widespread deployment of wireless sensor networks (WSNs) in diverse types of applications motivated the development of strong security measures to protect these networks. The main challenge against deploying strong security algorithms is that WSNs suffer from major constraints in terms of power and computing resources. WSNs impose a primary condition on the design stage that requires any protocol or algorithm to be power-efficient. This means that strong cryptography techniques cannot be used and we need another layer of defence to protect the WSN. This makes intrusion detection systems (IDSs) an essential option in these networks. IDSs can capture malicious misbehaviour that manages to penetrate the first layer of defence (i.e., cryptography and authentication). In this paper we highlight the challenges encountered while designing an efficient intrusion detection framework in WSNs, and provide a review of important contributions in this area. Finally, we propose a new approach that aids in detecting and confining intrusive behaviour in the network.","PeriodicalId":410477,"journal":{"name":"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128988765","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Toward a Big Data Architecture for Security Events Analytic","authors":"L. Fetjah, Karim Benzidane, Hassan El Alloussi, Othman El Warrak, Said Jai-Andaloussi, A. Sekkaki","doi":"10.1109/CSCloud.2016.53","DOIUrl":"https://doi.org/10.1109/CSCloud.2016.53","url":null,"abstract":"Cloud Computing did come up with so many attractive advantages such as scalability, flexibility, accessibility, rapid application deployment, and user self service. However in hindsight, Cloud Computing makes ensuring security within these environments so much challenging. Therefore traditional security mechanisms such as firewalls and antivirus softwares have proven insufficient and incapable of dealing with the sheer amount of data and events generated within a Cloud infrastructure. Herein, we present a highly scalable module based system that relies upon Big Data techniques and tools providing a comprehensive solution to process and analyze relevant events (packets flow, logs files) in order to generate an informative decisions that will be handled accordingly and swiftly.","PeriodicalId":410477,"journal":{"name":"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130859522","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Empirical Study of Using Big Data for Business Process Improvement at Private Manufacturing Firm in Cloud Computing","authors":"Ziqi Wang, Haihui Zhao","doi":"10.1109/CSCloud.2016.11","DOIUrl":"https://doi.org/10.1109/CSCloud.2016.11","url":null,"abstract":"The implementations of new technologies have been broadly accepted by multiple industries in recent years, such as big data nad cloud computing. A quick and efficient data mining has become an alternative of creating values ever, the dynamic economic context and continuous changing business envoronment have driven numerous demands and applications in various industries. This phenomenon results in the problem of forming proper strategies in applying big data and cloud computing, which is one of the major challenges of reach the goal of value creations for current enterprises. This paper focuses on this problem and presents an empirical study on the issue of using big data for business process improvements in cloud computing. The investigation target is a Chinese large-size private enterprise that strives to be a global enterpriise in the manufacturing industry. The completed research is based on the real data collected from the collaboration partner. The main findings of this research include two parts:1) the efforts of using big data are varied, which are relatedto the operation levels,2) implementating cloud computing solutions is at an exploring stage for Chinese provate sector due to a few restrictions.","PeriodicalId":410477,"journal":{"name":"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126726449","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An Analysis of Server-Side Design for Seed-Based Mobile Authentication","authors":"Longbin Chen, Li-Chiou Chen, N. Nassar, Meikang Qiu","doi":"10.1109/CSCloud.2016.58","DOIUrl":"https://doi.org/10.1109/CSCloud.2016.58","url":null,"abstract":"With the growing popularity of mobile apps, the security issues of mobile apps become critical. Similar to traditional cyber security, mobile security includes authentication, data integrity, and data privacy. Seed-based authentication is a novel approach for mobile systems. The key idea is to extract seeds from files such as images and generate random numbers for authentication. However, in seed-based authentication, the server side design is different from traditional username-password paradigm. Few work has been done to address server-side issues on seed-based authentication. In this paper, we focus on analyzing server-side design of seed-based authentication. We develop a prototype system and set up experiments to evaluate our server-side design.","PeriodicalId":410477,"journal":{"name":"2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121516100","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}