Modeling software architecture design on data storage security in cloud computing environments

Cloud-based computation is known as the source architecture of the upcoming generation of IT enterprise. In context to up-coming trade solutions, the Information Technology sections are established under logical, personnel, and physical control, it transfers application software and large database to appropriate data centers, where security and management of database with services are not trustworthy fully. So this process may face many challenges towards society and organizations and that not been well understood over a while duration. This becomes one of the major challenges days today. So in this research, it focuses on security-based data storage using cloud, which plays one of the important aspects bases on qualities of services. To assure user data correctness in the cloud system, a flexible and effective distributed technique with two different salient features was examined by utilizing the token called homomorphic with erasure-coded data for distributed verification, based on this technique it achieved error data localization and integration of storage correctness. Also, it identifies server misbehaving, efficient, and security-based dynamic operations on data blocking such as data append, delete, and update methods. Performance analysis and security show the proposed method is more effective resilient and efficient against Byzantine failure, even server colluding attacks and malicious data modification attacks

Arquitectura master-slave i multiMaster en Oracle

Aquest projecte buscava estudiar els tipus de sistemes distribuïts disponibles al sistema de gestió de bases de dades relacionals Oracle Database. Aquest potent sistema de gestió de bases de dades és el més utilitzat mundialment i permet administrar diferents tipus de sistemes distribuïts. L'objectiu principal d'aquest estudi és aplicar les arquitectures de replicació Master-slave i Multi-master al sistema Oracle Database utilitzant els mètodes que el sistema proporciona. Aquestes arquitectures són tipus d'estructures de replicació de dades en què es poden basar els sistemes distribuïts. Aquests sistemes garanteixen una major disponibilitat i seguretat a les dades, i augmenten el rendiment del sistema.This project sought to study the different types of distributed systems available in the Oracle Database relational database management system. This powerful database management system is the most widely used worldwide and allows you to manage different types of distributed systems. The main goal of this study is to apply the Master-slave and Multi-master replication architectures to the Oracle Database system using the methods provided by the database management system (DMBS). These architectures are types of data replication structures on which distributed systems can be based. These systems ensure greater availability and security of data, and increase system performance.Este proyecto buscaba estudiar los tipos de sistemas distribuidos disponibles en el sistema de gestión de bases de datos relacionales Oracle Database. Este potente sistema de gestión de bases de datos es el más utilizado mundialmente y permite administrar distintos tipos de sistemas distribuidos. El objetivo principal de este estudio es aplicar las arquitecturas de replicación Master-Slave y Multi-Master al sistema Oracle Database utilizando los métodos que el sistema proporciona. Estas arquitecturas son tipos de estructuras de replicación de datos en las que los sistemas distribuidos pueden estar basados. Estos sistemas garantizan una mayor disponibilidad y seguridad de los datos, y aumentan el rendimiento del sistema

Master of Puppets: Analyzing And Attacking A Botnet For Fun And Profit

A botnet is a network of compromised machines (bots), under the control of an attacker. Many of these machines are infected without their owners' knowledge, and botnets are the driving force behind several misuses and criminal activities on the Internet (for example spam emails). Depending on its topology, a botnet can have zero or more command and control (C&C) servers, which are centralized machines controlled by the cybercriminal that issue commands and receive reports back from the co-opted bots. In this paper, we present a comprehensive analysis of the command and control infrastructure of one of the world's largest proprietary spamming botnets between 2007 and 2012: Cutwail/Pushdo. We identify the key functionalities needed by a spamming botnet to operate effectively. We then develop a number of attacks against the command and control logic of Cutwail that target those functionalities, and make the spamming operations of the botnet less effective. This analysis was made possible by having access to the source code of the C&C software, as well as setting up our own Cutwail C&C server, and by implementing a clone of the Cutwail bot. With the help of this tool, we were able to enumerate the number of bots currently registered with the C&C server, impersonate an existing bot to report false information to the C&C server, and manipulate spamming statistics of an arbitrary bot stored in the C&C database. Furthermore, we were able to make the control server inaccessible by conducting a distributed denial of service (DDoS) attack. Our results may be used by law enforcement and practitioners to develop better techniques to mitigate and cripple other botnets, since many of findings are generic and are due to the workflow of C&C communication in general

DCDIDP: A distributed, collaborative, and data-driven intrusion detection and prevention framework for cloud computing environments

With the growing popularity of cloud computing, the exploitation of possible vulnerabilities grows at the same pace; the distributed nature of the cloud makes it an attractive target for potential intruders. Despite security issues delaying its adoption, cloud computing has already become an unstoppable force; thus, security mechanisms to ensure its secure adoption are an immediate need. Here, we focus on intrusion detection and prevention systems (IDPSs) to defend against the intruders. In this paper, we propose a Distributed, Collaborative, and Data-driven Intrusion Detection and Prevention system (DCDIDP). Its goal is to make use of the resources in the cloud and provide a holistic IDPS for all cloud service providers which collaborate with other peers in a distributed manner at different architectural levels to respond to attacks. We present the DCDIDP framework, whose infrastructure level is composed of three logical layers: network, host, and global as well as platform and software levels. Then, we review its components and discuss some existing approaches to be used for the modules in our proposed framework. Furthermore, we discuss developing a comprehensive trust management framework to support the establishment and evolution of trust among different cloud service providers. © 2011 ICST

Master of puppets: analyzing and attacking a botnet for fun and profit

A botnet is a network of compromised machines (bots), under the control of an attacker. Many of these machines are infected without their owners’ knowledge, and botnets are the driving force behind several misuses and criminal activities on the Internet (for example spam emails). Depending on its topology, a botnet can have zero or more command and control (C&C) servers, which are centralized machines controlled by the cybercriminal that issue commands and receive reports back from the co-opted bots. In this paper, we present a comprehensive analysis of the command and control infrastructure of one of the world’s largest proprietary spamming botnets between 2007 and 2012: Cutwail/Pushdo. We identify the key functionalities needed by a spamming botnet to operate effectively. We then develop a number of attacks against the command and control logic of Cutwail that target those functionalities, and make the spamming operations of the botnet less effective. This analysis was made possible by having access to the source code of the C&C software, as well as setting up our own Cutwail C&C server, and by implementing a clone of the Cutwail bot. With the help of this tool, we were able to enumerate the number of bots currently registered with the C&C server, impersonate an existing bot to report false information to the C&C server, and manipulate spamming statistics of an arbitrary bot stored in the C&C database. Furthermore, we were able to make the control server inaccessible by conducting a distributed denial of service (DDoS) attack. Our results may be used by law enforcement and practitioners to develop better techniques to mitigate and cripple other botnets, since many of findings are generic and are due to the workflow of C&C communication in general.First author draf

When Things Matter: A Data-Centric View of the Internet of Things

With the recent advances in radio-frequency identification (RFID), low-cost wireless sensor devices, and Web technologies, the Internet of Things (IoT) approach has gained momentum in connecting everyday objects to the Internet and facilitating machine-to-human and machine-to-machine communication with the physical world. While IoT offers the capability to connect and integrate both digital and physical entities, enabling a whole new class of applications and services, several significant challenges need to be addressed before these applications and services can be fully realized. A fundamental challenge centers around managing IoT data, typically produced in dynamic and volatile environments, which is not only extremely large in scale and volume, but also noisy, and continuous. This article surveys the main techniques and state-of-the-art research efforts in IoT from data-centric perspectives, including data stream processing, data storage models, complex event processing, and searching in IoT. Open research issues for IoT data management are also discussed