Abdul Nasir Khan

Towards secure mobile cloud computing: A survey

Mobile cloud computing is gaining popularity among mobile users. The ABI Research predicts that the number of mobile cloud computing subscribers is expected to grow from 42.8 million (1.1% of total mobile users) in 2008 to 998 million (19% of total mobile users) in 2014. Despite the hype achieved by mobile cloud computing, the growth of mobile cloud computing subscribers is still below expectations. According to the recent survey conducted by the International Data Corporation, most IT Executives and CEOs are not interested in adopting such services due to the risks associated with security and privacy. The security threats have become a hurdle in the rapid adaptability of the mobile cloud computing paradigm. Significant efforts have been devoted in research organizations and academia to build secure mobile cloud computing environments and infrastructures. In spite of the efforts, there are a number of loopholes and challenges that still exist in the security policies of mobile cloud computing. This literature review: (a) highlights the current state of the art work proposed to secure mobile cloud computing infrastructures, (b) identifies the potential problems, and (c) provides a taxonomy of the state of the art.

Co-FAIS: Cooperative fuzzy artificial immune system for detecting intrusion in wireless sensor networks

Abstract Due to the distributed nature of Denial-of-Service attacks, it is tremendously challenging to identify such malicious behavior using traditional intrusion detection systems in Wireless Sensor Networks (WSNs). In the current paper, a bio-inspired method is introduced, namely the cooperative-based fuzzy artificial immune system (Co-FAIS). It is a modular-based defense strategy derived from the danger theory of the human immune system. The agents synchronize and work with one another to calculate the abnormality of sensor behavior in terms of context antigen value (CAV) or attackers and update the fuzzy activation threshold for security response. In such a multi-node circumstance, the sniffer module adapts to the sink node to audit data by analyzing the packet components and sending the log file to the next layer. The fuzzy misuse detector module (FMDM) integrates with a danger detector module to identify the sources of danger signals. The infected sources are transmitted to the fuzzy Q-learning vaccination modules (FQVM) in order for particular, required action to enhance system abilities. The Cooperative Decision Making Modules (Co-DMM) incorporates danger detector module with the fuzzy Q-learning vaccination module to produce optimum defense strategies. To evaluate the performance of the proposed model, the Low Energy Adaptive Clustering Hierarchy (LEACH) was simulated using a network simulator. The model was subsequently compared against other existing soft computing methods, such as fuzzy logic controller (FLC), artificial immune system (AIS), and fuzzy Q-learning (FQL), in terms of detection accuracy, counter-defense, network lifetime and energy consumption, to demonstrate its efficiency and viability. The proposed method improves detection accuracy and successful defense rate performance against attacks compared to conventional empirical methods.

Incremental proxy re-encryption scheme for mobile cloud computing environment

Due to the limited computational capability of mobile devices, the research organization and academia are working on computationally secure schemes that have capability for offloading the computational intensive data access operations on the cloud/trusted entity for execution. Most of the existing security schemes, such as proxy re-encryption, manager-based re-encryption, and cloud-based re-encryption, are based on El-Gamal cryptosystem for offloading the computational intensive data access operation on the cloud/trusted entity. However, the resource hungry pairing-based cryptographic operations, such as encryption and decryption, are executed using the limited computational power of mobile device. Similarly, if the data owner wants to modify the encrypted file uploaded on the cloud storage, after modification the data owner must encrypt and upload the entire file on the cloud storage without considering the altered portion(s) of the file. In this paper, we have proposed an incremental version of proxy re-encryption scheme for improving the file modification operation and compared with the original version of the proxy re-encryption scheme on the basis of turnaround time, energy consumption, CPU utilization, and memory consumption while executing the security operations on mobile device. The incremental version of proxy re-encryption scheme shows significant improvement in results while performing file modification operations using limited processing capability of mobile devices.

Enhanced dynamic credential generation scheme for protection of user identity in mobile-cloud computing

To improve the resource limitation of mobile devices, mobile users may utilize cloud-computational and storage services. Although the utilization of the cloud services improves the processing and storage capacity of mobile devices, the migration of confidential information on untrusted cloud raises security and privacy issues. Considering the security of mobile-cloud-computing subscribers’ information, a mechanism to authenticate legitimate mobile users in the cloud environment is sought. Usually, the mobile users are authenticated in the cloud environment through digital credential methods, such as password. Once the users’ credential information theft occurs, the adversary can use the hacked information for impersonating the mobile user later on. The alarming situation is that the mobile user is unaware about adversary’s malicious activities. In this paper, a light-weight security scheme is proposed for mobile user in cloud environment to protect the mobile user’s identity with dynamic credentials. The proposed scheme offloads the frequently occurring dynamic credential generation operations on a trusted entity to keep minimum processing burden on the mobile device. To enhance the security and reliability of the scheme, the credential information is updated frequently on the basis of mobile-cloud packets exchange. Furthermore, the proposed scheme is compared with the existing scheme on the basis of performance metrics i.e. turnaround time and energy consumption. The experimental results for the proposed scheme showed significant improvement in turnaround time and energy consumption as compared to the existing scheme.

BSS: block-based sharing scheme for secure data storage services in mobile cloud environment

For the last few years, academia and research organizations are continuously investigating and resolving the security and privacy issues of mobile cloud computing environment. The additional consideration in designing security services for mobile cloud computing environment should be the resource-constrained mobile devices. The execution of computationally intensive security services on mobile device consumes battery’s charging quickly. In this regard, the study presents a novel energy-efficient block-based sharing scheme that provides confidentiality and integrity services for mobile users in the cloud environment. The block-based sharing scheme is compared with the existing schemes on the basis of energy consumption, CPU utilization, memory utilization, encryption time, decryption time, and turnaround time. The experimental results show that the block-based sharing scheme consumes less energy, reduces the resources utilization, improves response time, and provides better security services to the mobile users in the presence of fully untrusted cloud server(s) as compared to the existing security schemes.

MobiByte: An Application Development Model for Mobile Cloud Computing

Mobile cloud computing presents an effective solution to overcome smartphone constraints, such as limited computational power, storage, and energy. As the traditional mobile application development models do not support computation offloading, mobile cloud computing requires novel application development models that can facilitate the development of cloud enabled mobile applications. This paper presents a mobile cloud application development model, named MobiByte, to enhance mobile device applications’ performance, energy efficiency, and execution support. MobiByte is a context-aware application model that uses multiple data offloading techniques to support a wide range of applications. The proposed model is validated using prototype applications and detailed results are presented. Moreover, MobiByte is compared with the most recent application models with a conclusion that it outperforms the existing application models in many aspects like energy efficiency, performance, generality, context awareness, and privacy.

Context-Aware Mobile Cloud Computing and Its Challenges

Cloud computing is gaining popularity due to virtually unlimited resources, low capital cost, ease of adoption, flexible resource provisioning, and high scalability. Considering these benefits, researchers envision the usage of cloud computing for mobile devices to overcome the ever-increasing computational and energy demands of smartphone applications. However, this requires specialized context-ware application development models that can facilitate the development of cloud-enabled applications capable of making context-aware computation offloading decisions. This article provides an overview of mobile cloud computing technology, focusing on its context-awareness aspects and challenges.

Pirax: framework for application piracy control in mobile cloud environment

Mobile cloud computing is an emerging technology that is gaining popularity as a means to extend the capabilities of resource-constrained mobile devices such as a smartphone. Mobile cloud computing requires specialized application development models that support computation offloading from a mobile device to the cloud. The computation offloading is performed by means of offloading application process, application component, entire application, or clone of the smartphone. The offloading of an entire application or clone of the smartphone to cloud may raise application piracy issues, which, unfortunately, have not been addressed in the existing literature. This paper presents a piracy control framework for mobile cloud environment, named Pirax, which prevents mobile applications from executing on unauthenticated devices and cloud resources. Pirax is formally verified using High Level Petri Nets, Satisfiability Modulo Theories Library and Z3 solver. Pirax is implemented on Android platform and analyzed from security and performance perspectives. The performance analysis results show that Pirax is lightweight and easy to integrate into existing mobile cloud application development models.

A study of incremental cryptography for security schemes in mobile cloud computing environments

While using the cloud storage services on resource constraint mobile device, the mobile user needs to ensure the confidentiality of the critical data before uploading on the cloud storage. The resource limitation of mobile devices restricts mobile users for executing complex security operations using computational power of mobile devices. To make security schemes suitable for mobile devices, large volume of existing security schemes execute complex security operations remotely on cloud or trusted third party. Alternatively, few of the existing security schemes focus on the reduction of the computational complexity of the cryptographic algorithms. Keeping in view the resource limitation of mobile devices, this paper, introduces an incremental cryptographic version of the existing security schemes, such as encryption-based scheme, coding-based scheme, and sharing-based scheme, for improving the block(s) modification operations in term of resource utilization on mobile device. The experimental results show significant improvement in resource utilization on mobile device while performing block insertion, deletion, and modification operations as compared to the original version of the aforementioned schemes.

TCP throughput estimation: A new neural networks model

In this paper we propose a new artificial neural network model for TCP congestion control based on four parameters 1 loss event rate (p) 2. Round trip time (RTT) 3 retransmission time out (RTO) 4 numbers of packets acknowledged by an arriving ACK (b).we believe that with inclusion of b proposed neural network model will more accurately estimate TCP throughput. In new concept of ACK compression in wireless networks arriving ACK can acknowledge more than one packet and definitely influence the behavior of TCP. After training on 500 samples, a three layer (4-16-1) artificial neural network model has been tested over variety of network scenarios in comparison to equation model and previously proposed neural network model, over proposed model can better associate TCP factors. As this model also implements online learning so it can better adopt to new trends.