Biblio

Data integrity and recovery management is a more important issue in cloud computing because data is located in everywhere. There is a big challenge in backup recovery and security. It is required to provide an efficient and more reliable system in data storage. In this paper, a new methodology is focused and proposed data recovery and data management to assure high-level scalability and high order reliability to provide fault recognition and fault tolerance cloud-based systems. We propose a methodology of segmenting data and generating tokens for the data split-up by adding the address of the cloud or locations of the cloud storage using the tailing method. Thus the missing segment of any faulty node is easily recognized within a short range of limits and will get the data backup from the neighboring nodes.

To achieve a substantial reliability and safety level, it is imperative to provide electronic computing systems with appropriate mechanisms to tackle soft errors. This paper proposes a low-cost system-level soft error mitigation technique, which allocates the critical application function to a pool of specific general-purpose processor registers. Both the critical function and the register pool are automatically selected by a developed profiling tool. The proposed technique was validated through more than 320K fault injections considering a Linux kernel, different benchmarks and two multicore ARM processors. Results show that our technique significantly reduces the code size and performance overheads while providing reliability improvement, w.r.t. the Triple Modular Redundancy (TMR) technique.

Using erasure codes increases consumption of network traffic and disk I/O tremendously when systems recover data, resulting in high latency of degraded reads. In order to mitigate this problem, we present an adaptive storage scheme based on data access skew, a fact that most data accesses are applied in a small fraction of data. In this scheme, we use both Local Reconstruction Code (LRC), whose recovery cost is low, to store frequently accessed data, and Hitchhiker (HH) code, which guarantees minimum storage cost, to store infrequently accessed data. Besides, an efficient switching algorithm between LRC and HH code with low network and computation costs is provided. The whole system will benefit from low degraded read latency while keeping a low storage overhead, and code-switching will not become a bottleneck.

The classical key distribution systems used for data transmission in networked microgrids (NMGs) rely on mathematical assumptions, which however can be broken by attacks from quantum computers. This paper addresses this quantum-era challenge by using quantum key distribution (QKD). Specifically, the novelty of this paper includes 1) a QKD-enabled communication architecture it devises for NMGs, 2) a real-time QKD- enabled NMGs testbed it builds in an RTDS environment, and 3) a novel two-level key pool sharing (TLKPS) strategy it designs to improve the system resilience against cyberattacks. Test results validate the effectiveness of the presented strategy, and provide insightful resources for building quantum-secure NMGs.

Data are generated and stored in databases at a very high speed and hence it need to be handled and analyzed properly. Nowadays industries are extensively using Hadoop and Spark to analyze the datasets. Both the frameworks are used for increasing processing speeds in computing huge complex datasets. Many researchers are comparing both of them. Now, the big questions arising are, Is Spark a substitute for Hadoop? Is hadoop going to be replaced by spark in mere future?. Spark is “built on top of” Hadoop and it extends the model to deploy more types of computations which incorporates Stream Processing and Interactive Queries. No doubt, Spark's execution speed is much faster than Hadoop, but talking in terms of fault tolerance, hadoop is slightly more fault tolerant than spark. In this article comparison of various bigdata analytics tools are done and Hadoop and Spark are discussed in detail. This article further gives an overview of bigdata, spark and hadoop issues. In this survey paper, the approaches to resolve the issues of spark and hadoop are discussed elaborately.

In this paper, our objective is to focus on the recent trend of military fields where they brought Internet of Things (IoT) to have better impact on the battlefield by improving the effectiveness and this is called Internet of Battlefield Things(IoBT). Due to the requirements of high computing capability and minimum response time with minimum fault tolerance this paper proposed a decentralized IoBT architecture. The proposed method can increase the reliability in the battlefield environment by searching the reliable nodes among all the edge nodes in the environment, and by adding the fault tolerance in the edge nodes will increase the effectiveness of overall battlefield scenario. This suggested fault tolerance approach is worth for decentralized mode to handle the issue of latency requirements and maintaining the task reliability of the battlefield. Our experimental results ensure the effectiveness of the proposed approach as well as enjoy the requirements of latency-aware military field while ensuring the overall reliability of the network.

As large-scale linear equation systems are pervasive in many scientific fields, great efforts have been done over the last decade in realizing efficient techniques to solve such systems, possibly relying on High Performance Computing (HPC) infrastructures to boost the performance. In this framework, the ever-growing scale of supercomputers inevitably increases the frequency of faults, making it a crucial issue of HPC application development.A previous study [1] investigated the possibility to enhance the Inhibition Method (IMe) -a linear systems solver for dense unstructured matrices-with fault tolerance to single hard errors, i.e. failures causing one computing processor to stop.This article extends [1] by proposing an efficient technique to obtain fault tolerance to multiple hard errors, which may occur concurrently on different processors belonging to the same or different machines. An improved parallel implementation is also proposed, which is particularly suitable for HPC environments and moves towards the direction of a complete decentralization. The theoretical analysis suggests that the technique (which does not require check pointing, nor rollback) is able to provide fault tolerance to multiple faults at the price of a small overhead and a limited number of additional processors to store the checksums. Experimental results on a HPC architecture validate the theoretical study, showing promising performance improvements w.r.t. a popular fault-tolerant solving technique.

This paper describes an approach to the security fault tolerance of access control in which the security breaches of an access control are tolerated by means of a security fault tolerant (SFT) access control. Though an access control is securely designed and implemented, it can contain faults in development or be contaminated in operation. The threats to an access control are analyzed to identify possible security breaches. To tolerate the security breaches, an SFT access control is made to be semantically identical to an access control. Our approach is described using role-based access control (RBAC) and extended access control list (EACL). A healthcare system is used to demonstrate our approach.

We propose a new approach to creating a subject-oriented distributed computing environment. Such an environment is used to support decision-making in solving relevant problems of ensuring energy systems resilience. The proposed approach is based on the idea of advancing and integrating the following important capabilities in supercomputer engineering: continuous integration, delivery, and deployment of the system and applied software, high-performance computing in heterogeneous environments, multi-agent intelligent computation planning and resource allocation, big data processing and geo-information servicing for subject information, including weakly structured data, and decision-making support. This combination of capabilities and their advancing are unique to the subject domain under consideration, which is related to combinatorial studying critical objects of energy systems. Evaluation of decision-making alternatives is carrying out through applying combinatorial modeling and multi-criteria selection rules. The Orlando Tools framework is used as the basis for an integrated software environment. It implements a flexible modular approach to the development of scientific applications (distributed applied software packages).

Cyber-Physical Systems (CPS) have gained considerable interest in the last decade from both industry and academia. Such systems have proven particularly complex and provide considerable challenges to master their design and ensure their functionalities. In this paper, we intend to tackle some of these challenges related to the security and the resilience of CPS at the design level. We initiate a CPS modeling approach to specify such systems structure and behaviors, analyze their inherent properties and to overcome threats in terms of security and correctness. In this initiative, we consider a CPS as a network of entities that communicate through physical and logical channels, and which purpose is to achieve a set of tasks expressed as an ordered tree. Our modeling approach proposes a combination of the Coq theorem prover and the Maude rewriting system to ensure the soundness and correctness of CPS design. The introduced solution is illustrated through an automobile manufacturing case study.

The blockchain technology revolution and the use of blockchains in various applications have resulted in many companies and programmers developing and customizing specific fit-for-purpose consensus algorithms. Security and performance are determined by the chosen consensus algorithm; hence, the reliability and security of these algorithms must be assured and tested, which requires an understanding of all the security assumptions that make such algorithms correct and byzantine fault-tolerant.This paper studies the "security ingredients" that enable a given consensus algorithm to achieve safety, liveness, and byzantine fault tolerance (BFT) in both permissioned and permissionless blockchain systems. The key contributions of this paper are the organization of these requirements and a new taxonomy that describes the requirements for security. The CAP Theorem is utilized to explain important tradeoffs between consistency and availability in consensus algorithm design, which are crucial depending on the specific application of a given algorithm. This topic has also been explored previously by De Angelis. However, this paper expands that prior explanation and dilemma of consistency vs. availability and then combines this with Buterin's Trilemma to complete the overall exposition of tradeoffs.

The intelligent electronic devices widely deployed across the distribution network are inevitably making the feeder automation (FA) system more vulnerable to cyber-attacks, which would lead to disastrous socio-economic impacts. This paper proposes a three-stage game-theoretic framework that the defender allocates limited security resources to minimize the economic impacts on FA system while the attacker deploys limited attack resources to maximize the corresponding impacts. Meanwhile, the probability of successful attack is calculated based on the Bayesian attack graph, and a fault-tolerant location technique for centralized FA system is elaborately considered during analysis. The proposed game-theoretic framework is converted into a two-level zero-sum game model and solved by the particle swarm optimization (PSO) combined with a generalized reduced gradient algorithm. Finally, the proposed model is validated on distribution network for RBTS bus 2.

Software-defined networks (SDN), through their programmability, significantly increase network resilience by enabling dynamic reconfiguration of network topologies in response to faults and potentially malicious attacks detected in real-time. Another key trend in network softwarization is cloud-native software, which, together with SDN, will be an integral part of the core of future 5G networks. In SDN, the control plane forms the "brain" of the software-defined network and is typically implemented as a set of distributed controller replicas to avoid a single point of failure. Distributed consensus algorithms are used to ensure agreement among the replicas on key data even in the presence of faults. Security is also a critical concern in ensuring that attackers cannot compromise the SDN control plane; byzantine fault tolerance algorithms can provide protection against compromised controller replicas. However, while reliability/availability and security form key attributes of resilience, they are typically modeled separately in SDN, without consideration of the potential impacts of their interaction. In this paper we present an initial framework for a model that unifies reliability, availability, and security considerations in distributed consensus. We examine – via simulation of our model – some impacts of the interaction between accidental faults and malicious attacks on SDN and suggest potential mitigations unique to cloud-native software.

Wireless Personal Area Network is widely used in day to day life. It might be a static or dynamic environment. As the density of the nodes increases it becomes difficult to handle the situation. The need of multiple sensor node technology in a desired environment without congestion is required. The use of autonomic network provides one such solution. The autonomicity combines the local automate and address agnostic features that controls the congestion resulting in improved throughput, fault tolerance and also with unicast and multicast packets delivery. The algorithm LA based ANA in a Bluetooth based dynamic environment provide 20% increase in throughput compared with LACAS based Wireless Sensor Network. The LA based ANA leads with 10% lesser fault tolerance levels and extended unicast and multi-cast packet delivery.

Cloud Storage Brokers (CSB) provide seamless and concurrent access to multiple Cloud Storage Services (CSS) while abstracting cloud complexities from end-users. However, this multi-cloud strategy faces several security challenges including enlarged attack surfaces, malicious insider threats, security complexities due to integration of disparate components and API interoperability issues. Novel security approaches are imperative to tackle these security issues. Therefore, this paper proposes CS-BAuditor, a novel cloud security system that continuously audits CSB resources, to detect malicious activities and unauthorized changes e.g. bucket policy misconfigurations, and remediates these anomalies. The cloud state is maintained via a continuous snapshotting mechanism thereby ensuring fault tolerance. We adopt the principles of chaos engineering by integrating BrokerMonkey, a component that continuously injects failure into our reference CSB system, CloudRAID. Hence, CSBAuditor is continuously tested for efficiency i.e. its ability to detect the changes injected by BrokerMonkey. CSBAuditor employs security metrics for risk analysis by computing severity scores for detected vulnerabilities using the Common Configuration Scoring System, thereby overcoming the limitation of insufficient security metrics in existing cloud auditing schemes. CSBAuditor has been tested using various strategies including chaos engineering failure injection strategies. Our experimental evaluation validates the efficiency of our approach against the aforementioned security issues with a detection and recovery rate of over 96 %.

The anonymity and decentralization of Bitcoin make it widely accepted in illegal transactions, such as money laundering, drug and weapon trafficking, gambling, to name a few, which has already caused significant security risk all around the world. The obvious de-anonymity approach that matches transaction addresses and users is not possible in practice due to limited annotated data set. In this paper, we divide addresses into four types, exchange, gambling, service, and general, and propose targeted addresses identification algorithms with high fault tolerance which may be employed in a wide range of applications. We use network representation learning to extract features and train imbalanced multi-classifiers. Experimental results validated the effectiveness of the proposed method.

Wireless communications have encountered a considerable improvement and have integrated human life through various applications, mainly by the widespread of mobile ad hoc and sensor networks. A fundamental characteristic of wireless communications are in their broadcast nature, which allows accessibility of information without placing restrictions on a user's location. However, accessibility also makes wireless communications vulnerable to eavesdropping. To enhance the security of network communication, we propose a separate key generation server which is responsible for key generation using complex random algorithm. The key will remain in database in encrypted format. To prevent brute force attack, we propose various group key generation algorithms in which every group will have separate group key to verify group member's identity. The group key will be verified with the session information before decryption, so that our system will prevent attack if any attacker knows the group key. To increase the security of the system, we propose three level encryption securities: Client side encryption using AES, Server side encryption using AES, and Artificial noise generation and addition. By using this our system is free from brute force attack as we are using three level message security and complex Random key generation algorithms.

The majority of security breaches in cloud infrastructure in recent years are caused by human errors and misconfigured resources. Novel security models are imperative to overcome these issues. Such models must be customer-centric, continuous, not focused on traditional security paradigms like intrusion detection and adopt proactive techniques. Thus, this paper proposes CloudStrike, a cloud security system that implements the principles of Chaos Engineering to enable the aforementioned properties. Chaos Engineering is an emerging discipline employed to prevent non-security failures in cloud infrastructure via Fault Injection Testing techniques. CloudStrike employs similar techniques with a focus on injecting failures that impact security i.e. integrity, confidentiality and availability. Essentially, CloudStrike leverages the relationship between dependability and security models. Preliminary experiments provide insightful and prospective results.

With the growing number of electronic features in cars and their connections to the cloud, smartphones, road-side equipment, and neighboring cars the need for effective cybersecurity is paramount. Beyond the concern of brand degradation, warranty fraud, and recalls, what keeps manufacturers up at night is the threat of malicious attacks which can affect the safety of vehicles on the road. Would any single protection technique provide the security needed over the long lifetime of a vehicle? We present a new methodology for automotive cybersecurity where the designs are made to withstand attacks in the future based on the concepts of high availability and malicious fault-tolerance through self-defending techniques. When a system has an intrusion, self-defending technologies work to contain the breach using integrity verification, self-healing, and fail-over techniques to keep the system running.

Providing fault tolerance in Mobile Ad hoc Networks (MANETs) is very tricky activity as nodes migrate from one place to other place and changes network topology. Also MANET is very susceptible for various attacks like DoS attacks etc. So providing security to MANET is also very difficult job. Multipath protocols provide better results than unipath protocols. Multipath protocols provide fault tolerance but many multipath protocols for MANETs not targeted security issues. Distributed and cooperative security that means Intrusion Detection System (IDS) gives better security to MANETs. In this paper we have discussed many confronts and concerns regarding fault tolerance and IDS.

Cyber physical system (CPS) is often deployed at safety-critical key infrastructures and fields, fault tolerance policies are extensively applied in CPS systems to improve its credibility; the same physical backup of hardware redundancy (SPB) technology is frequently used for its simple and reliable implementation. To resolve challenges faced with in simulation test of SPB-CPS, this paper dynamically determines the test resources matched with the CPS scale by using the adaptive allocation policies, establishes the hierarchical models and inter-layer message transmission mechanism. Meanwhile, the collaborative simulation time sequence push strategy and the node activity test mechanism based on the sliding window are designed in this paper to improve execution efficiency of the simulation test. In order to validate effectiveness of the method proposed in this paper, we successfully built up a fault-tolerant CPS simulation platform. Experiments showed that it can improve the SPB-CPS simulation test efficiency.

With increasing integration in SoCs, the Network-on-Chip (NoC) connecting cores and accelerators is of paramount importance to provide low-latency and high-throughput communication. Due to limits to scaling of electrical wires in terms of energy and delay, especially for long multi-mm distances on-chip, alternate technologies such as Wireless Network-on-Chip (WNoC) have shown promise. WNoCs can provide low-latency one-hop broadcasts across the entire chip and can augment point-to-point multi-hop signaling over traditional wired NoCs. Thus, there has been a recent surge in research demonstrating the performance and energy benefits of WNoCs. However, little to no work has studied the additional security and fault tolerance challenges that are unique to WNoCs. In this work, we study potential threats related to denial-of-service, spoofing, and eavesdropping attacks in WNoCs, due to malicious hardware trojans or faulty wireless components. We introduce Prometheus, a dropin solution inside the network interface that provides protection from all three attacks, while adhering to the strict area, power and latency constraints of on-chip systems.

Numerous IoT applications, like building automation or process control of industrial sites, exist today. These applications inherently have a strong connection to the physical world. Hence, IT security threats cannot only cause problems like data leaks but also safety issues which might harm people. Attacks on IT systems are not only performed by outside attackers but also insiders like administrators. For this reason, we present ongoing work on a Byzantine fault tolerant configuration management system (CMS) that provides control over administrators, restrains their rights, and enforces separation of concerns. We reach this goal by conducting a configuration management process that requires multi-party authorization for critical configurations to prevent individual malicious administrators from performing undesired actions. Only after a configuration has been authorized by multiple experts, it is applied to the targeted devices. For the whole configuration management process, our CMS guarantees accountability and traceability. Lastly, our system is tamper-resistant as we leverage Hyperledger Fabric, which provides a distributed execution environment for our CMS and a blockchain-based distributed ledger that we use to store the configurations. A beneficial side effect of this approach is that our CMS is also suitable to manage configurations for infrastructure shared across different organizations that do not need to trust each other.

Functionally safe control logic design without full duplication is difficult due to the complexity of random control logic. The Reorder buffer (ROB) is a control logic function commonly used in high performance computing systems. In this study, we focus on a safe ROB design used in an industry quality Network-on-Chip (NoC) Advanced eXtensible Interface (AXI) Network Interface (NI) block. We developed and applied area efficient safe design techniques including partial duplication, Error Detection Code (EDC) and invariance checking with formal proofs and showed that we can achieve a desired safe Diagnostic Coverage (DC) requirement with small area and power overheads and no performance degradation.

Delivery service via ridesharing is a promising service to share travel costs and improve vehicle occupancy. Existing ridesharing systems require participating vehicles to periodically report individual private information (e.g., identity and location) to a central controller, which is a potential central point of failure, resulting in possible data leakage or tampering in case of controller break down or under attack. In this paper, we propose a Blockchain secured ridesharing delivery system, where the immutability and distributed architecture of the Blockchain can effectively prevent data tampering. However, such tamper-resistance property comes at the cost of a long confirmation delay caused by the consensus process. A Hash-oriented Practical Byzantine Fault Tolerance (PBFT) based consensus algorithm is proposed to improve the Blockchain efficiency and reduce the transaction confirmation delay from 10 minutes to 15 seconds. The Hash-oriented PBFT effectively avoids the double-spending attack and Sybil attack. Security analysis and simulation results demonstrate that the proposed Blockchain secured ridesharing delivery system offers strong security guarantees and satisfies the quality of delivery service in terms of confirmation delay and transaction throughput.