Technical Report on Deploying a highly secured OpenStack Cloud Infrastructure using BradStack as a Case Study

Cloud computing has emerged as a popular paradigm and an attractive model for providing a reliable distributed computing model.it is increasing attracting huge attention both in academic research and industrial initiatives. Cloud deployments are paramount for institution and organizations of all scales. The availability of a flexible, free open source cloud platform designed with no propriety software and the ability of its integration with legacy systems and third-party applications are fundamental. Open stack is a free and opensource software released under the terms of Apache license with a fragmented and distributed architecture making it highly flexible. This project was initiated and aimed at designing a secured cloud infrastructure called BradStack, which is built on OpenStack in the Computing Laboratory at the University of Bradford. In this report, we present and discuss the steps required in deploying a secured BradStack Multi-node cloud infrastructure and conducting Penetration testing on OpenStack Services to validate the effectiveness of the security controls on the BradStack platform. This report serves as a practical guideline, focusing on security and practical infrastructure related issues. It also serves as a reference for institutions looking at the possibilities of implementing a secured cloud solution.Comment: 38 pages, 19 figures

Volcanic Hot-Spot Detection Using SENTINEL-2: A Comparison with MODIS−MIROVA Thermal Data Series

In the satellite thermal remote sensing, the new generation of sensors with high-spatial resolution SWIR data open the door to an improved constraining of thermal phenomena related to volcanic processes, with strong implications for monitoring applications. In this paper, we describe a new hot-spot detection algorithm developed for SENTINEL-2/MSI data that combines spectral indices on the SWIR bands 8a-11-12 (with a 20-meter resolution) with a spatial and statistical analysis on clusters of alerted pixels. The algorithm is able to detect hot-spot-contaminated pixels (S2Pix) in a wide range of environments and for several types of volcanic activities, showing high accuracy performances of about 1% and 94% in averaged omission and commission rates, respectively, underlining a strong reliability on a global scale. The S2-derived thermal trends, retrieved at eight key-case volcanoes, are then compared with the Volcanic Radiative Power (VRP) derived from MODIS (Moderate Resolution Imaging Spectroradiometer) and processed by the MIROVA (Middle InfraRed Observation of Volcanic Activity) system during an almost four-year-long period, January 2016 to October 2019. The presented data indicate an overall excellent correlation between the two thermal signals, enhancing the higher sensitivity of SENTINEL-2 to detect subtle, low-temperature thermal signals. Moreover, for each case we explore the specific relationship between S2Pix and VRP showing how different volcanic processes (i.e., lava flows, domes, lakes and open-vent activity) produce a distinct pattern in terms of size and intensity of the thermal anomaly. These promising results indicate how the algorithm here presented could be applicable for volcanic monitoring purposes and integrated into operational systems. Moreover, the combination of high-resolution (S2/MSI) and moderate-resolution (MODIS) thermal timeseries constitutes a breakthrough for future multi-sensor hot-spot detection systems, with increased monitoring capabilities that are useful for communities which interact with active volcanoes

Design of Hybrid Network Anomalies Detection System (H-NADS) Using IP Gray Space Analysis

In Network Security, there is a major issue to secure the public or private network from abnormal users. It is because each network is made up of users, services and computers with a specific behavior that is also called as heterogeneous system. To detect abnormal users, anomaly detection system (ADS) is used. In this paper, we present a novel and hybrid Anomaly Detection System with the uses of IP gray space analysis and dominant scanning port identification heuristics used to detect various anomalous users with their potential behaviors. This methodology is the combination of both statistical and rule based anomaly detection which detects five types of anomalies with their three types of potential behaviors and generates respective alarm messages to GUI.Network Security, Anomaly Detection, Suspicious Behaviors Detection