Mehdi Sookhak

A survey on vehicular cloud computing

Vehicular networking has become a significant research area due to its specific features and applications such as standardization, efficient traffic management, road safety and infotainment. Vehicles are expected to carry relatively more communication systems, on board computing facilities, storage and increased sensing power. Hence, several technologies have been deployed to maintain and promote Intelligent Transportation Systems (ITS). Recently, a number of solutions were proposed to address the challenges and issues of vehicular networks. Vehicular Cloud Computing (VCC) is one of the solutions. VCC is a new hybrid technology that has a remarkable impact on traffic management and road safety by instantly using vehicular resources, such as computing, storage and internet for decision making. This paper presents the state-of-the-art survey of vehicular cloud computing. Moreover, we present a taxonomy for vehicular cloud in which special attention has been devoted to the extensive applications, cloud formations, key management, inter cloud communication systems, and broad aspects of privacy and security issues. Through an extensive review of the literature, we design an architecture for VCC, itemize the properties required in vehicular cloud that support this model. We compare this mechanism with normal Cloud Computing (CC) and discuss open research issues and future directions. By reviewing and analyzing literature, we found that VCC is a technologically feasible and economically viable technological shifting paradigm for converging intelligent vehicular networks towards autonomous traffic, vehicle control and perception systems.

Application optimization in mobile cloud computing

In Mobile Cloud Computing (MCC), migrating an application processing to the cloud data centers enables the execution of resource-intensive applications on the mobile devices. However, the resource-intensive migration approaches and the intrinsic limitations of the wireless medium impede the applications from attaining optimal performance in the cloud. Hence, executing the application with low cost, minimal overhead, and non-obtrusive migration is a challenging research area. This paper presents the state-of-the-art mobile application execution frameworks and provides the readers a discussion on the optimization strategies that facilitate attaining the effective design, efficient deployment, and application migration with optimal performance in MCC. We highlight the significance of optimizing the application performance by providing real-life scenarios requiring the effective design, efficient deployment, and optimal application execution in MCC. The paper also presents cloud-based mobile application-related taxonomies. Moreover, we compare the application execution frameworks on the basis of significant optimization parameters that affect performance of the applications and mobile devices in MCC. We also discuss the future research directions for optimizing the application in MCC. Finally, we conclude the paper by highlighting the key contributions and possible research directions in cloud-based mobile application optimization.

WITHDRAWN: Dynamic remote data auditing for securing big data storage in cloud computing

Cloud computing has emerged as a new computing paradigm that offers great potential for storing data remotely. Presently, many organizations have reduced the burden of local data storage and maintenance by outsourcing data storage to the cloud. However, integrity and security of the outsourced data continues to be a matter of major concern for data owners due to the lack of control and physical possession over the data. To deal with this problem, researchers have proposed remote data auditing (RDA) techniques. However, the majority of existing RDA techniques is only applicable for static archived data and is not applicable for auditing or dynamically updating the outsourced data. They are also not applicable to big data storage because of the high computational overhead on the auditor. In this paper, we propose an efficient RDA technique based on algebraic signature properties for a cloud storage system that incurs minimum computational and communication costs. We also present the design of a new data structure-Divide and Conquer Table (DCT)—that can efficiently support dynamic data operations such as append, insert, modify, and delete. Our proposed data structure can be applied for large-scale data storage and will incur minimum computational cost. A comparison between our proposed method and other state-of-the-art RDA techniques shows that our method is secure and highly efficient in reducing the computational and communication costs on the server and the auditor.

A review on remote data auditing in single cloud server: Taxonomy and open issues

Cloud computing has emerged as a computational paradigm and an alternative to the conventional computing with the aim of providing reliable, resilient infrastructure, and with high quality of services for cloud users in both academic and business environments. However, the outsourced data in the cloud and the computation results are not always trustworthy because of the lack of physical possession and control over the data for data owners as a result of using to virtualization, replication and migration techniques. Since that the security protection the threats to outsourced data have become a very challenging and potentially formidable task in cloud computing, many researchers have focused on ameliorating this problem and enabling public auditability for cloud data storage security using remote data auditing (RDA) techniques. This paper presents a comprehensive survey on the remote data storage auditing in single cloud server domain and presents taxonomy of RDA approaches. The objective of this paper is to highlight issues and challenges to current RDA protocols in the cloud and the mobile cloud computing. We discuss the thematic taxonomy of RDA based on significant parameters such as security requirements, security metrics, security level, auditing mode, and update mode. The state-of-the-art RDA approaches that have not received much coverage in the literature are also critically analyzed and classified into three groups of provable data possession, proof of retrievability, and proof of ownership to present a taxonomy. It also investigates similarities and differences in such framework and discusses open research issues as the future directions in RDA research.

A review on interworking and mobility techniques for seamless connectivity in mobile cloud computing

Mobile Cloud Computing (MCC) leverages computational clouds for mitigating resources limitations in mobile devices. However, the mobility attribute of mobile devices and the intrinsic limitations of wireless access medium obstruct to achieve the goal of seamless connectivity for accessing distributed services in MCC. Mobility involves the issues of handover, service quality degradation and disruption, whereas the intrinsic limitations of the wireless access medium includes the issues of connectivity fluctuation and heterogeneity of wireless data networks. Therefore, interworking between heterogeneous wireless data networks and mobility management are employed to achieve consistency and seamless connectivity for accessing distributed services in MCC. However, such techniques lack of managing packet loss, handover latency, signaling overhead, service degradation and disruption, guaranteed QoS, and connectivity failure. Therefore, providing seamless connectivity in the network intensive computing environment of mobile cloud computing is a challenging research perspective. This paper reviews the state-of-the-art for interworking and mobility techniques to highlight issues and challenges in transparently leveraging the services of computational clouds for mobile devices. It proposes thematic taxonomy for the classification of the interworking and mobility techniques and qualitatively analyzes the implications and critical aspects of such techniques. The similarities and differences of interworking and mobility techniques are presented on the basis of latency, packet loss, mobility approach, signaling overhead and architecture. Furthermore, we identify the open issues and challenges in seamless connectivity that remains to be addressed.

Remote Data Auditing in Cloud Computing Environments: A Survey, Taxonomy, and Open Issues

Cloud computing has emerged as a long-dreamt vision of the utility computing paradigm that provides reliable and resilient infrastructure for users to remotely store data and use on-demand applications and services. Currently, many individuals and organizations mitigate the burden of local data storage and reduce the maintenance cost by outsourcing data to the cloud. However, the outsourced data is not always trustworthy due to the loss of physical control and possession over the data. As a result, many scholars have concentrated on relieving the security threats of the outsourced data by designing the Remote Data Auditing (RDA) technique as a new concept to enable public auditability for the stored data in the cloud. The RDA is a useful technique to check the reliability and integrity of data outsourced to a single or distributed servers. This is because all of the RDA techniques for single cloud servers are unable to support data recovery; such techniques are complemented with redundant storage mechanisms. The article also reviews techniques of remote data auditing more comprehensively in the domain of the distributed clouds in conjunction with the presentation of classifying ongoing developments within this specified area. The thematic taxonomy of the distributed storage auditing is presented based on significant parameters, such as scheme nature, security pattern, objective functions, auditing mode, update mode, cryptography model, and dynamic data structure. The more recent remote auditing approaches, which have not gained considerable attention in distributed cloud environments, are also critically analyzed and further categorized into three different classes, namely, replication based, erasure coding based, and network coding based, to present a taxonomy. This survey also aims to investigate similarities and differences of such a framework on the basis of the thematic taxonomy to diagnose significant and explore major outstanding issues.

Man-At-The-End attacks

Man-At-The-End (MATE) attacks and fortifications are difficult to analyze, model, and evaluate predominantly for three reasons: firstly, the attacker is human and, therefore, utilizes motivation, creativity, and ingenuity. Secondly, the attacker has limitless and authorized access to the target. Thirdly, all major protections stand up to a determined attacker till a certain period of time. Digital assets range from business to personal use, from consumer devices to home networks, the public Internet, the cloud, and the Internet of Things - where traditional computer and network security are inadequate to address MATE attacks. MATE is fundamentally a hard problem. Much of the extant focus to deal with MATE attacks is purely technical; though security is more than just a technical issue. The main objective of the paper is to mitigate the consequences of MATE attacks through the human element of security and highlight the need for this element to form a part of a holistic security strategy alongside the necessary techniques and technologies. This paper contributes by taking software protection (SP) research to a new realm of challenges. Moreover, the paper elaborates the concept of MATE attacks, the different forms, and the analysis of MATE versus insider threats to present a thematic taxonomy of a MATE attack. The ensuing paper also highlights the fundamental concept of digital assets, and the core protection mechanisms and their qualitative comparison against MATE attacks. Finally, we present state-of-the-art trends and cutting-edge future research directions by taking into account only the human aspects for young researchers and professionals.

A Study on the Critical Analysis of Computational Offloading Frameworks for Mobile Cloud Computing

Despite substantial technological advancements in recent years, Smart Mobile Devices (SMDs) are still low-potential computing devices. Therefore, Mobile Cloud Computing (MCC) can deploy computational offloading for augmenting SMDs. The contemporary Computational Offloading Frameworks (COFs) implement resource-intensive procedures for computational offloading, which involve the overhead of transmitting application binary code and deploying distributed platforms at runtime. As a result, the energy consumption costs and turnaround time for the mobile applications and the overhead of data transmission can be increased. Nevertheless, the resource -limited nature of SMDs requires lightweight techniques for leveraging the application processing services of computational clouds. This paper critically analyzes the resource-intensive nature of the latest existing computational offloading techniques for MCC and highlights technical issues in the establishment of distributed application processing platforms at runtime. A prototype application is evaluated with different computation intensities in a real MCC environment. Analysis of the results shows that additional computing resources are utilized in the deployment of distributed application processing platforms at runtimes. For example, 31.6% additional energy is consumed, 39% additional time is required and 13241.2KB of data are transmitted for offloading different computational intensive components of the prototype mobile application. Finally, we highlight technical issues in the existing computational offloading techniques for MCC, which draw attention to future research possibilities for computational offloading for MCC and which may assist in developing lightweight procedures for computational offloading in MCC.

Cloud resource allocation schemes: review, taxonomy, and opportunities

Cloud computing has emerged as a popular computing model to process data and execute computationally intensive applications in a pay-as-you-go manner. Due to the ever-increasing demand for cloud-based applications, it is becoming difficult to efficiently allocate resources according to user requests while satisfying the service-level agreement between service providers and consumers. Furthermore, cloud resource heterogeneity, the unpredictable nature of workload, and the diversified objectives of cloud actors further complicate resource allocation in the cloud computing environment. Consequently, both the industry and academia have commenced substantial research efforts to efficiently handle the aforementioned multifaceted challenges with cloud resource allocation. The lack of a comprehensive review covering the resource allocation aspects of optimization objectives, design approaches, optimization methods, target resources, and instance types has motivated a review of existing cloud resource allocation schemes. In this paper, current state-of-the-art cloud resource allocation schemes are extensively reviewed to highlight their strengths and weaknesses. Moreover, a thematic taxonomy is presented based on resource allocation optimization objectives to classify the existing literature. The cloud resource allocation schemes are analyzed based on the thematic taxonomy to highlight the commonalities and deviations among them. Finally, several opportunities are suggested for the design of optimal resource allocation schemes.

Geographic Wormhole Detection in Wireless Sensor Networks

Wireless sensor networks (WSNs) are ubiquitous and pervasive, and therefore; highly susceptible to a number of security attacks. Denial of Service (DoS) attack is considered the most dominant and a major threat to WSNs. Moreover, the wormhole attack represents one of the potential forms of the Denial of Service (DoS) attack. Besides, crafting the wormhole attack is comparatively simple; though, its detection is nontrivial. On the contrary, the extant wormhole defense methods need both specialized hardware and strong assumptions to defend against static and dynamic wormhole attack. The ensuing paper introduces a novel scheme to detect wormhole attacks in a geographic routing protocol (DWGRP). The main contribution of this paper is to detect malicious nodes and select the best and the most reliable neighbors based on pairwise key pre-distribution technique and the beacon packet. Moreover, this novel technique is not subject to any specific assumption, requirement, or specialized hardware, such as a precise synchronized clock. The proposed detection method is validated by comparisons with several related techniques in the literature, such as Received Signal Strength (RSS), Authentication of Nodes Scheme (ANS), Wormhole Detection uses Hound Packet (WHOP), and Wormhole Detection with Neighborhood Information (WDI) using the NS-2 simulator. The analysis of the simulations shows promising results with low False Detection Rate (FDR) in the geographic routing protocols.