Lixin Tao

Dynamic energy-aware cloudlet-based mobile cloud computing model for green computing

Employing mobile cloud computing (MCC) to enable mobile users to acquire benefits of cloud computing by an environmental friendly method is an efficient strategy for meeting current industrial demands. However, the restrictions of wireless bandwidth and device capacity have brought various obstacles, such as extra energy waste and latency delay, when deploying MCC. Addressing this issue, we propose a dynamic energy-aware cloudlet-based mobile cloud computing model (DECM) focusing on solving the additional energy consumptions during the wireless communications by leveraging dynamic cloudlets (DCL)-based model. In this paper, we examine our model by a simulation of practical scenario and provide solid results for the evaluations. The main contributions of this paper are twofold. First, this paper is the first exploration in solving energy waste problems within the dynamic networking environment. Second, the proposed model provides future research with a guideline and theoretical supports. HighlightsThe first attempt for extending the functionality of cloudlets.Achieve energy-aware performances in the dynamic networking environment.Provide future research in the field with the theoretical support and exploring directions.The model may be migrated and applied in multiple industries.

Shifting paradigms with the application service provider model

Built upon developments in selective outsourcing, application hosting and browser-based computing, the application service provider (ASP) model shifts the purchase of computing power from a product to a rented-service form. If it can overcome the challenges facing it, the ASP model will foster a new generation of distributed, component-based computing services characterized by finer computing granularity, global cooperation and specialization, multimedia data handling, binary integration, mobile computing and pervasiveness across a full spectrum of electrical and electronic devices. Applying generic network-centric computing will lead to a networked economy characterized by service integration.

A Static Analysis Framework For Detecting SQL Injection Vulnerabilities

Recently SQL injection attack (SIA) has become a major threat to Web applications. Via carefully crafted user input, attackers can expose or manipulate the back-end database of a Web application. This paper proposes the construction and outlines the design of a static analysis framework (called SAFELI) for identifying SIA vulnerabilities at compile time. SAFELI statically inspects MSIL bytecode of an ASP.NET Web application, using symbolic execution. At each hotspot that submits SQL query, a hybrid constraint solver is used to find out the corresponding user input that could lead to breach of information security. Once completed, SAFELI has the future potential to discover more delicate SQL injection attacks than black-box Web security inspection tools.

Intrusion detection techniques for mobile cloud computing in heterogeneous 5G

Mobile cloud computing is applied in multiple industries to obtain cloud-based services by leveraging mobile technologies. With the development of the wireless networks, defending threats from wireless communications have been playing a remarkable role in the Web security domain. Intrusion detection system IDS is an efficient approach for protecting wireless communications in the Fifth Generation 5G context. In this paper, we identify and summarize the main techniques being implemented in IDSs and mobile cloud computing with an analysis of the challenges for each technique. Addressing the security issue, we propose a higher level framework of implementing secure mobile cloud computing by adopting IDS techniques for applying mobile cloud-based solutions in 5G networks. On the basis of the reviews and synthesis, we conclude that the implementation of mobile cloud computing can be secured by the proposed framework because it will provide well-protected Web services and adaptable IDSs in the complicated heterogeneous 5G environment. Copyright

Proactive user-centric secure data scheme using attribute-based semantic access controls for mobile clouds in financial industry

Abstract As one of the most significant issues in the financial industry, customers’ privacy information protection has been considered a challenging research over years. The constant emergence of the novel technologies often leads to dynamic threats from both internal and external service providers. We consider the implementations of mobile cloud-based financial services an important approach of service provisions, which also causes risks to privacy protections due to the data sharing with the unknown third parties. The data generated by mobility are usually associated with mobile users’ personal privacy information. This paper addresses this issue and proposes an approach proactively protect financial customers’ privacy information using Attributed-Based Access Control (ABAC) as well as data self-deterministic scheme. The proposed approach is called Proactive Dynamic Secure Data Scheme (P2DS), which aims to guarantee the unanticipated parties cannot reach the privacy data. There are two main algorithms supporting the proposed scheme, which are Attribute-based Semantic Access Control (A-SAC) Algorithm and Proactive Determinative Access (PDA) Algorithm . The main contributions of this paper have three aspects. First, we propose a semantic approach for constraining data accesses. Second, we propose a user-centric approach that proactively prevents users’ data from unexpected operations on the cloud side. Finally, the proposed scheme has a higher-level secure sustainability since it can deal with dynamic threats, including the emerging and future hazards. We have examined that our proposed scheme had a quality performance matching our expected goal.

A Reusable Software Component for Integrated Syntax and Semantic Validation for Services Computing

Extensible Markup Language (XML) syntax and semantic validations are critical to the correct service transaction specification and service integration based on the existing distributed heterogeneous computing services. However, the current Schematron design and implementation based on Extensible Style sheet Language Transformations (XSLT) have limitations in terms of validation correctness and support for system integration. We propose an algorithm that integrates syntactic and semantic validations in order to overcome the aforementioned limitations. The syntactic validation is based on DTD and XSD and the semantic validation is based on the Schematron. The solution is illustrated by several use cases. Our contributions include combining syntax and semantic validations, designing and implementing a reusable software component to implement this integrated validation process, and supporting invoking this integrated validation through the more flexible observer pattern.

SIMULATED ANNEALING AND TABU SEARCH ALGORITHMS FOR MULTIWAY GRAPH PARTITION

For a given graph G with vertex and edge weights, we partition the vertices into subsets to minimize the total weights for edges crossing the subsets (weighted cut size) under the constraint that the vertex weights are evenly distributed among the subsets. We propose two new effective graph partition algorithms based on simulated annealing and tabu search, and compare their performance with that of the LPK algorithm reported in Ref. 12. Extensive experimental study shows that both of our new algorithms produce significantly better solutions than the LPK algorithm (maximal and minimal improvements on average weighted cut size are roughly 51.8% and 10.5% respectively) with longer running time, and this advantage in solution quality would not change even if we run the LPK algorithm repeatedly with random initial solutions in the same time frame as required by our algorithms.

Automated Detection and Analysis for Android Ransomware

Along with the rapid growth of new science and technology, the functions of smartphones become more and more powerful. Nevertheless, everything has two aspects. Smartphones bring so much convenience for people and also bring the security risks at the same time. Malicious application has become a big threat to the mobile security. Thus, an efficiency security analysis and detection method is important and necessary. Due to attacking of malicious application, user could not use smartphone normally and personal information could be stolen. What is worse, attacking proliferation will impact the healthy growth of the mobile Internet industry. To limit the growing speed of malicious application, the first thing we need to know what malicious application is and how to deal with. Detecting and analyzing their behaviors helps us deeply understand the attacking principle such that we can take effective countermeasures against malicious application. This article describes the basic Android component and manifest, the reason that Android is prevalent and why attacking came in. This paper analyzed and penetrated malicious ransom ware which threats mobile security now with our developed automated analysis approach for such mobile malware detection.

Multi-way graph partition by stochastic probe

Abstract For a given graph G with vertex and edge weights, we partition the vertices into subsets to minimize the total weights for edges crossing the subsets under the constraint that the vertex weights are evenly distributed among the subsets. We adapt simulated annealing and tabu search to solve this problem based on a unique solution neighborhood design compromising aggressiveness and running time for each move. A new general optimization paradigm called stochastic probe is then proposed to integrate the advantages of both the aggressive searches and the stochastic searches. Extensive experimental study shows that all of our three new algorithms produce significantly better solutions than the LPK algorithm, and our stochastic probe algorithm always produces the best solution among all the four algorithms with a running time comparable with that for the LPK algorithm.

Security enhancement of cloud servers with a redundancy-based fault-tolerant cache structure

The modern chip multiprocessors are vulnerable to transient faults caused by either on-purpose attacks or system mistakes, especially for those with large and multi-level caches in cloud servers. In this paper, we propose a modified/shared replication cache to keep a redundancy for the latest accessed and modified/shared L2 cache lines. According to the experiments based on Multi2Sim, this cache with proper size can provide considerable data reliability. In addition, the cache can reduce the average latency of memory hierarchy for error correction, with only about 20.2% of L2 cache energy cost and 2% of L2 cache silicon overhead. Proposed a novel MSR cache design for multiprocessors to enhance security.MSR cache is used at L2 cache level to give extra data redundancy.MOESI protocol is proposed to improve the write hit rate.Soft errors in L2 cache blocks could be corrected with the redundancy data in MSR cache.