Biblio

Wireless Sensor networks can be composed of smart buildings, smart homes, smart grids, and smart mobility, and they can even interconnect all these fields into a large-scale smart city network. Software-Defined Networking is an ideal technology to realize Internet-of-Things (IoT) Network and WSN network requirements and to efficiently enhance the security of these networks. Software defines Networking (SDN) is used to support IoT and WSN related networking elements, additional security concerns rise, due to the elevated vulnerability of such deployments to specific types of attacks and the necessity of inter-cloud communication any IoT application would require. This work is a study of different security mechanisms available in SDN for IoT and WSN network secure communication. This work also formulates the problems when existing methods are implemented with different networks parameters.

Cloud computing forms the backbone of the era of automation and the Internet of Things (IoT). It offers computing and storage-based services on consumption-based pricing. Large-scale datacenters are used to provide these service and consumes enormous electricity. Datacenters contribute a large portion of the carbon footprint in the environment. Through virtual machine (VM) consolidation, datacenter energy consumption can be reduced via efficient resource management. VM selection policy is used to choose the VM that needs migration. In this research, we have proposed PbV mSp: A priority-based VM selection policy for VM consolidation. The PbV mSp is implemented in cloudsim and evaluated compared with well-known VM selection policies like gpa, gpammt, mimt, mums, and mxu. The results show that the proposed PbV mSp selection policy has outperformed the exisitng policies in terms of energy consumption and other metrics.

The data of large-scale distributed demand-side iot devices are gradually migrated to the cloud. This cloud deployment mode makes it convenient for IoT devices to participate in the interaction between supply and demand, and at the same time exposes various vulnerabilities of IoT devices to the Internet, which can be easily accessed and manipulated by hackers to launch large-scale DDoS attacks. As an easy-to-understand supervised learning classification algorithm, KNN can obtain more accurate classification results without too many adjustment parameters, and has achieved many research achievements in the field of DDoS detection. However, in the face of high-dimensional data, this method has high operation cost, high cost and not practical. Aiming at this disadvantage, this chapter explores the potential of classical KNN algorithm in data storage structure, K-nearest neighbor search and hyperparameter optimization, and proposes an improved KNN algorithm for DDoS attack detection of demand-side IoT devices.

Named in-network computing is an emerging technology of Named Data Networking (NDN). Through deploying the named computing services/functions on NDN router, the router can utilize its free resources to provide nearby computation for users while relieving the pressure of cloud and network edge. Benefitted from the characteristic of named addressing, named computing services/functions can be easily discovered and migrated in the network. To implement named in-network computing, integrating the computing services as Virtual Machines (VMs) into the software router is a feasible way, but how to effectively deploy the service VMs to optimize the local processing capability is still a challenge. Focusing on this problem, we first give the design of NDN-enabled software router in this paper, then propose a service earning based named service deployment scheme (SE-NSD). For available service VMs, SE-NSD not only considers their popularities but further evaluates their service earnings (processed data amount per CPU cycle). Through modelling the deployment problem as the knapsack problem, SE-NSD determines the optimal service VMs deployment scheme. The simulation results show that, comparing with the popularity-based deployment scheme, SE-NSD can promote about 30% in-network computing capability while slightly reducing the service invoking RTT of user.

As an important pillar of social informatization, e-government not only provides more convenient services for the public, but also effectively improves administrative efficiency. At the same time, the application of cloud computing technology also urgently requires the government to improve the level of digital construction. This paper proposes the concept of e-government based on cloud computing, analyze the possible hidden dangers that cloud computing brings to e-government in management, technology, and security, and build cloud computing e-government information security system from three aspects: cloud security management, cloud security technology, and cloud security assurance.

With the introduction of the national “carbon peaking and carbon neutrality” strategic goals and the accelerated construction of the new generation of power systems, cloud applications built on advanced IT technologies play an increasingly important role in meeting the needs of digital power business. In view of the characteristics of the current power industrial control system operation support cloud platform with wide coverage, large amount of log data, and low analysis intelligence, this paper proposes a cloud platform network security behavior audit method based on FP-Growth association rule algorithm, aiming at the uniqueness of the operating data of the cloud platform that directly interacts with the isolated system environment of power industrial control system. By using the association rule algorithm to associate and classify user behaviors, our scheme formulates abnormal behavior judgment standards, establishes an automated audit strategy knowledge base, and improves the security audit efficiency of power industrial control system operation support cloud platform. The intelligent level of log data analysis enables effective discovery, traceability and management of internal personnel operational risks.

The Cloud Native paradigm has quickly emerged as a new trend in Web Services architectures. Applications are now developed as a network of microservices and functions that can be quickly re-deployed anywhere, decoupled from their state. In this scenario, workloads are usually packaged as container images that can be quickly provisioned anywhere in a provider web service. To enforce security, traditional Docker container runtime mechanisms are now being enhanced by stronger isolation techniques such as lightweight hardware level virtualization. Such sandboxing inserts a strong boundary - the guest space - and therefore security containers do not share filesystem semantics with the host Operating System. However, the existing container storage drivers are designed and optimized to run directly on the host. In this paper we bridge the gap between traditional containers and virtualized containers. We present Deverlay, a container storage driver that prepares a block-based container root filesystem view, targeting lightweight Virtual Machines and keeping host native execution compatibility. We show that, in contrast to other block-based drivers, Deverlay can boot 80 micro VM containers in less than 4s by efficiently sharing host cache buffers among containers and reducing I/O disk access by 97.51 %.

With the popularization of cloud computing and the deepening of its application, more and more cloud block storage systems have been put into use. The performance optimization of cloud block storage systems has become an important challenge facing today, which is manifested in the reduction of system performance caused by the unbalanced resource load of cloud block storage systems. Accurately predicting the I/O load status of the cloud block storage system can effectively avoid the load imbalance problem. However, the cloud block storage system has the characteristics of frequent random reads and writes, and a large amount of I/O requests, which makes prediction difficult. Therefore, we propose a novel I/O load prediction method for XB-IOPS feature engineering. The feature engineering is designed according to the I/O request pattern, I/O size and I/O interference, and realizes the prediction of the actual load value at a certain moment in the future and the average load value in the continuous time interval in the future. Validated on a real dataset of Alibaba Cloud block storage system, the results show that the XB-IOPS feature engineering prediction model in this paper has better performance in Alibaba Cloud block storage devices where random I/O and small I/O dominate. The prediction performance is better, and the prediction time is shorter than other prediction models.

The expansion of the internet has resulted in huge growth in every industry. It does, however, have a substantial impact on the downsides. Because of the internet's rapid growth, personally identifiable information (PII) should be kept secure in the coming years. Obtaining someone's personal information is rather simple nowadays. There are some established methods for keeping our personal information private. Further, it is essential because we must provide our identity cards to someone for every verification step. In this paper, we will look at some of the attempted methods for protecting our identities. We will highlight the research gaps and potential future enhancements in the research for more enhanced security based on our literature review.

Cloud computing has been widely used because of its low price, high reliability, and generality of services. However, considering that cloud computing transactions between users and service providers are usually asynchronous, data privacy involving users and service providers may lead to a crisis of trust, which in turn hinders the expansion of cloud computing applications. In this paper, we propose DPP, a data privacy-preserving cloud computing scheme based on homomorphic encryption, which achieves correctness, compatibility, and security. DPP implements data privacy-preserving by introducing homomorphic encryption. To verify the security of DPP, we instantiate DPP based on the Paillier homomorphic encryption scheme and evaluate the performance. The experiment results show that the time-consuming of the key steps in the DPP scheme is reasonable and acceptable.

Cloud computing plays major role in the development of accessing clouduser’s document and sensitive information stored. It has variety of content and representation. Cyber security and attacks in the cloud is a challenging aspect. Information security attains a vital part in Cyber Security management. It involves actions intended to reduce the adverse impacts of such incidents. To access the documents stored in cloud safely and securely, access control will be introduced based on cloud users to access the user’s document in the cloud. To achieve this, it is highly required to combine security components (e.g., Access Control, Usage Control) in the security document to get automatic information. This research work has proposed a Role Key Homomorphic Encryption Algorithm (RKHEA) to monitor the cloud users, who access the services continuously. This method provides access creation of session-based key to store the singularized encryption to reduce the key size from random methods to occupy memory space. It has some terms and conditions to be followed by the cloud users and also has encryption method to secure the document content. Hence the documents are encrypted with the RKHEA algorithm based on Service Key Access (SKA). Then, the encrypted key will be created based on access control conditions. The proposed analytics result shows an enhanced control over the documents in cloud and improved security performance.

Cloud computing is preferred because of its numerous improvements, such as data security, low maintenance cost, unlimited storage capacity and consistent backups. However, legitimate users take advantage of cloud storage services for storing a considerable amount of sensitive data. After storing data on the cloud, data users pass on control over data to cloud administrators. Although for assuring data security, sensitive information needs to be encrypted before deploying it on the cloud server. In traditional searchable encryption, encrypted data can be searched using keywords on a cloud server without knowing data details, and users can retrieve certain specific files of interest after authentication. However, the results are only related to the exact matching keyword searches. This drawback affects system usability and efficiency, due to which existing encryption methods are unsuitable in cloud computing. To avoid the above problems, this study includes as follows: Firstly, we analyze all fuzzy keyword search techniques that are wildcard based, gram based and trie-traverse. Secondly, we briefly describe certificateless cryptography and suggest a certificateless searchable encryption scheme. Finally, this study gives easy access to developing a fuzzy keyword searchable system for a new researcher to combine the above two points. It provides easy access and efficient search results.

Recently, internet services have increased rapidly due to the Covid-19 epidemic. As a result, cloud computing applications, which serve end-users as subscriptions, are rising. Cloud computing provides various possibilities like cost savings, time and access to online resources via the internet for end-users. But as the number of cloud users increases, so does the potential for attacks. The availability and efficiency of cloud computing resources may be affected by a Distributed Denial of Service (DDoS) attack that could disrupt services' availability and processing power. DDoS attacks pose a serious threat to the integrity and confidentiality of computer networks and systems that remain important assets in the world today. Since there is no effective way to detect DDoS attacks, it is a reliable weapon for cyber attackers. However, the existing methods have limitations, such as relatively low accuracy detection and high false rate performance. To tackle these issues, this paper proposes a Deep Generative Radial Neural Network (DGRNN) with a sigmoid activation function and Mutual Information Gain based Feature Selection (MIGFS) techniques for detecting DDoS attacks for the cloud environment. Specifically, the proposed first pre-processing step uses data preparation using the (Network Security Lab) NSL-KDD dataset. The MIGFS algorithm detects the most efficient relevant features for DDoS attacks from the pre-processed dataset. The features are calculated by trust evaluation for detecting the attack based on relative features. After that, the proposed DGRNN algorithm is utilized for classification to detect DDoS attacks. The sigmoid activation function is to find accurate results for prediction in the cloud environment. So thus, the proposed experiment provides effective classification accuracy, performance, and time complexity.

Smart home automation is one of the prominent topics of the current era, which has attracted the attention of researchers for several years due to smart home automation contributes to achieving many capabilities, which have had a real and vital impact on our daily lives, such as comfort, energy conservation, environment, and security. Home security is one of the most important of these capabilities. Many efforts have been made on research and articles that focus on this area due to the increased rate of crime and theft. The present paper aims to build a practically implemented smart home that enhances home control management and monitors all home entrances that are often vulnerable to intrusion by intruders and thieves. The proposed system depends on identifying the person using the face detection and recognition method and Radio Frequency Identification (RFID) as a mechanism to enhance the performance of home security systems. The cloud server analyzes the received member identification to retrieve the permission to enter the home. The system showed effectiveness and speed of response in transmitting live captures of any illegal intrusive activity at the door or windows of the house. With the growth and expansion of the concept of smart homes, the amount of information transmitted, information security weakness, and response time disturbances, to reduce latency, data storage, and maintain information security, by employing Fog computing architecture in smart homes as a broker between the IoT layer and the cloud servers and the user layer.

Securing optical edge devices across an optical network is a critical challenge for the technological capabilities of fog/cloud computing. Locating and blocking rogue devices from transmitting data frames in an optical network is a significant security problem due to their widespread distribution over the optical fog cloud. A malicious actor might simply compromise such a device and execute assaults that degrade the optical channel’s Quality. In this study, we advocate an innovative framework for the use of an optical network to facilitate cloud and fog computing in a safe environment. This framework is sustainable and able to detect hostile equipment in optical fog and cloud and redirect it to a honeypot, where the assault may be halted and analyzed. To do this, it employs a model based on a two-stage hidden Markov, a fog manager based on an intrusion detection system, and an optical virtual honeypot. An internal assault is mitigated by simulated testing of the suggested system. The findings validate the adaptable and affordable access for cloud computing and optical fog.

Cloud computing is a new term that refers to the service provisioned over the Internet. It is considered one of the foremost prevailing standards within the Data Innovation (IT) industry these days. It offers capable handling and capacity assets as on-demand administrations at diminished fetched, and progressed productivity. It empowers sharing computing physical assets among cloud computing tents and offers on-demand scaling with taken toll effectiveness. Moreover, cloud computing plays an important role in data centers because they house virtually limitless computational and storage capacities that businesses and end-users can access and use via the Internet. In the context of cloud computing, fog computing refers to bringing services to the network’s edge. Fog computing gives cloud-like usefulness, such as information capacity space, systems, and compute handling control, yet with a more noteworthy scope and nearness since fog nodes are found close to d-user edge gadgets, leveraging assets and diminishing inactivity. The concepts of cloud computing and fog computing will be explored in this paper, and their features will be contrasted to determine the differences between them. Over 25 factors have been used to compare them.

Fog computing is defined as a decentralized infrastructure that locations storage and processing aspects at the side of the cloud, the place records sources such as software customers and sensors exist. The Fog Computing is the time period coined via Cisco that refers to extending cloud computing to an area of the enterprise’s network. Thus, it is additionally recognized as Edge Computing or Fogging. It allows the operation of computing, storage, and networking offerings between give up units and computing facts centers. Fog computing is defined as a decentralized infrastructure that locations storage and processing aspects at the side of the cloud, the place records sources such as software customers and sensors exist. The fog computing Intelligence as Artificial Intelligence (AI) is furnished by way of Fog Nodes in cooperation with Clouds. In Fog Nodes several sorts of AI studying can be realized - such as e.g., Machine Learning (ML), Deep Learning (DL). Thanks to the Genius of Fog Nodes, for example, we communicate of Intelligent IoT.

The Internet of Things (IoT) technology has revolutionized the world where anything is smartly connected and is accessible. The IoT makes use of cloud computing for processing and storing huge amounts of data. In some way, the concept of fog computing has emerged between cloud and IoT devices to address the issue of latency. When a fog node exchanges data for completing a particular task, there are many security and privacy risks. For example, offloading data to a rogue fog node might result in an illegal gathering or modification of users' private data. In this paper, we rely on trust to detect and detach bad fog nodes. We use a Mamdani fuzzy method and we consider a hospital scenario with many fog servers. The aim is to identify the malicious fog node. Metrics such as latency and distance are used in evaluating the trustworthiness of each fog server. The main contribution of this study is identifying how fuzzy logic configuration could alter the trust value of fog nodes. The experimental results show that our method detects the bad fog device and establishes its trustworthiness in the given scenario.

In the information era, knowledge is becoming increasingly significant for all industries, especially criminal investigation that deeply relies on intelligence and strategies. Therefore, there is an urgent need for effective management and utilization of criminal investigation knowledge. As an important branch of knowledge engineering, the expert system can simulate the thinking pattern of an expert, proposing strategies and solutions based on the knowledge stored in the knowledge base. A crucial step in building the expert system is to construct the knowledge base, which determines the function and capability of the expert system. This paper establishes a practical knowledge base for criminal investigation, combining the technologies of cloud computing with traditional method of manual entry to acquire and process knowledge. The knowledge base covers data information and expert knowledge with detailed classification of rules and cases, providing answers through comparison and reasoning. The knowledge becomes more accurate and reliable after repeated inspection and verification by human experts.

Cloud computing is becoming a demanding technology due to its flexibility, sensibility and remote accessibility. Apart from these applications of cloud computing, privacy and security are two terms that pose a circumstantial discussion. Various authors have argued on this topic that cloud computing is more secure than other data sharing and storing methods. The conventional data storing system is a computer system or smartphone storage. The argument debate also states that cloud computing is vulnerable to enormous types of attacks which make it a more concerning technology. This current study has also tried to draw the circumstantial and controversial debate on the security and privacy system of cloud computing. Primary research has been conducted with 65 cloud computing experts to understand whether a cloud computing security technique is highly secure or not. An online survey has been conducted with them where they provided their opinions based on the security and privacy system of cloud computing. Findings showed that no particular technology is available which can provide maximum security. Although the respondents agreed that blockchain is a more secure cloud computing technology; however, the blockchain also has certain threats which need to be addressed. The study has found essential encryption systems that can be integrated to strengthen security; however, continuous improvement is required.

With the ubiquitous advancement in smart medical devices and systems, the potential of Remote Patient Monitoring (RPM) network is evolving in modern healthcare systems. The medical professionals (doctors, nurses, or medical experts) can access vitals and sensitive physiological information about the patients and provide proper treatment to improve the quality of life through the RPM network. However, the wireless nature of communication in the RPM network makes it challenging to design an efficient mechanism for secure communication. Many authentication schemes have been proposed in recent years to ensure the security of the RPM network. Pseudonym, digital signature, and Authenticated Key Exchange (AKE) protocols are used for the Internet of Medical Things (IoMT) to develop secure authorization and privacy-preserving communication. However, traditional authentication protocols face overhead challenges due to maintaining a large set of key-pairs or pseudonyms results on the hospital cloud server. In this research work, we identify this research gap and propose a novel secure and efficient privacy-preserving authentication scheme using cuckoo filters for the RPM network. The use of cuckoo filters in our proposed scheme provides an efficient way for mutual anonymous authentication and a secret shared key establishment process between medical professionals and patients. Moreover, we identify the misbehaving sensor nodes using a correlation-based anomaly detection model to establish secure communication. The security analysis and formal security validation using SPAN and AVISPA tools show the robustness of our proposed scheme against message modification attacks, replay attacks, and man-in-the-middle attacks.

Any Big Data scenario eventually reaches scalability concerns for several factors, often storage or computing power related. Modern solutions have been proven to be effective in multiple domains and have automated many aspects of the Big Data pipeline. In this paper, we aim to present a solution for deploying event-based automated data processing tools for low code environments that aim to minimize the need for user input and can effectively handle common data processing jobs, as an alternative to distributed solutions which require language specific libraries and code. Our architecture uses a combination of a network exposed service with a cluster of “Data Workers” that handle data processing jobs effectively without requiring manual input from the user. This system proves to be effective at handling most data processing scenarios and allows for easy expandability by following simple patterns when declaring any additional jobs.

Aim: Data is secured in the cloud using Elliptic Curve Cryptography (ECC) compared with Advanced Encryption Standard (AES) with improved time efficiency. Materials and Methods: Encryption and decryption time is performed with files stored in the cloud. Protecting data with improved time efficiency is carried out using ECC where the number of samples (\textbackslashmathrmN=6) and AES (\textbackslashmathrmN=6), obtained using the G-power value of 80%. Results: Mean time of ECC is 0.1683 and RSA is 0.7517. Significant value for the proposed system is 0.643 (\textbackslashmathrmp \textgreater 0.05). Conclusion: Within the limit of study, ECC performs faster in less consumption time when compared to AES.

Nowadays, cloud computing has become one of the most important and easily available storage options. This paper represents providing a platform where the data redundancy and the data security is maintained. Materials and Methods: This study contains two groups, the elliptic curve cryptography is developed in group 1 with 480 samples and advanced encryption is developed in group 2 with 960 samples. The accuracy of each of the methods is compared for different sample sizes with G power value as 0.8. Result: Advanced elliptic curve cryptography algorithm provides 1.2 times better performance compared to conventional elliptic curve cryptography algorithm for various datasets. The results were obtained with a significance value of 0.447 (p\textgreater0.05). Conclusion: From the obtained results the advanced elliptic curve cryptography algorithm seems to be better than the conventional algorithm.

Cloud Computing revolutionize the usage of Internet of Things enabled devices integrated via Internet. Providing everything in an outsourced fashion, Cloud also lends infrastructures such as storage. Though cloud makes it easy for us to store and access the data faster and easier, yet there exist various security and privacy risks. Such issues if not handled may become more threatening as it could even disclose the privacy of an individual/ organization. Strengthening the security of data is need of the hour. The work proposes a novel architecture enhancing the security of Cloud data in an IoT integrated environment. In order to enhance the security, systematic use of a modified hybrid mechanism based on DNA code and Elliptic Curve Cryptography along with Third Party Audit is proposed. The performance of the proposed mechanism has been analysed. The results ensures that proposed IoT Cloud architecture performs better while providing strong security which is the major aspect of the work.