Mohamad Fadli Zolkipli

Use of cryptography in cloud computing

Cloud computing is a platform for expanding capabilities and developing potentialities dynamically without employing new infrastructure, personnel, or software systems. In Addition, cloud computing originated from a commercial enterprise concept, and developed into a flourishing IT invention. However, given that considerable information on individuals and companies are identified in the cloud, concerns have been raised regarding the safety of the cloud environment. Despite the hype surrounding cloud computing, customers remain reluctant to deploy their commercial enterprise into the cloud. Nevertheless, lack of protection is the only major concern that hinders increased use of cloud computing. Furthermore, the complexity with which cloud computing manages data secrecy, and information security makes the market hesitant about cloud computing. The architecture of cloud models threatens the security of existing technologies when deployed in a cloud environment. Thus, users of cloud services should know the dangers of uploading data into this new environment. Therefore, in this paper different cryptography aspects that pose a threat to cloud computing are reviewed. This paper is a survey of specific security issues brought by the use of cryptography in a cloud computing system.

Response option for attacks detected by intrusion detection system

In past decades, we have seen that the increasing speed of the network attacks compromising computer system functionality and degrading network performance. The security of these systems has attracted a lot of research in the field of intrusion detection and response system to reduce the effect of these attacks. Response is a major part of intrusion detection system. Intrusion detection system without a timely response is not considered good even they detect threat and generate alarms. Optimum response is based on the selection of proper response option. In this paper, we categorize the attacks and propose some response option to thwart these attacks.

Traceback model for identifying sources of distributed attacks in real time

Locating sources of distributed attack is time-consuming; attackers are identified long after the attack is completed. This paper proposes a trackback model for identifying attackers and locating their distributed sources in real time. Attackers are identified by monitoring violations of malicious end users on their bandwidth shares predefined in the service level agreement. Then, active connections of the malicious users are investigated to locate the host machines used as distributed sources of attack traffic. Mathematical model and simulation results demonstrate that the proposed model can reduce the required time for identifying malicious users and locating host machines used as the actual sources of attack packets. Copyright

Design a technique for minimizing unnecessary handoff in mobile wireless networks

Unnecessary handoff is one of the key issues in mobile wireless network, since it consumes the networks resources that degrades the performance of the network. Handoff appears when the Receive Signal Strength (RSS) of a mobile node becomes below threshold value (i.e., an acceptable level of RSS for ensuring communication). Subsequently, the mobile node starts scanning to discover a new RSS from neighbors Access Point (AP) to keep continuing the communication. However, traditional handoff algorithm is not accurate due to only depend on the RSS. It is affected by many factors (e.g., shadowing, scattering, reflection, etc.) that initiate unnecessary handoff decision. In this paper, a new technique is proposed to mitigate the unnecessary handoff. The simulation result confirms the effectiveness of the proposal.

A study in data security in cloud computing

The vision of 21st century computing is that users can access Internet services over lightweight portable devices rather than via variants of the traditional desktop computer. Consequently, users will have no interest in large, powerful machines. How, then, will computing power be provided? The answer to this question lies in cloud computing. Cloud computing is a recent trend in IT in which computing power and knowledge are moved away from the desktop and desktop PCs into giant datacenters. In the cloud computing paradigm, applications are delivered as services over the Internet. The key driving forces behind cloud computing are the presence of broadband and wireless networking, falling storage prices, and progressive enhancements in Internet computing software packages. Cloud service shoppers can add additional capabilities at peak demand, reduce prices, experiment with new services, and remove unessential capabilities. Service suppliers can increase utilization via multiplexing and allow for larger investments in software packages and hardware.

A novel efficient substitution-box design based on firefly algorithm and discrete chaotic map

Substitution boxes are essential nonlinear components responsible to impart strong confusion and security in most of modern symmetric ciphers. Constructing efficient S-boxes has been a prominent topic of interest for security experts. With an aim to construct cryptographically efficient S-box, a novel scheme based on firefly (FA) optimization and chaotic map is proposed in this paper. The anticipated approach generates initial S-box using chaotic map. The meta-heuristic FA is applied to find notable configuration of S-box that satisfies the criterions by guided search for near-optimal features by minimizing fitness function. The performance of proposed approach is assessed through well-established criterions such as bijectivity, nonlinearity, strict avalanche criteria, bit independence criteria, differential uniformity, and linear approximation probability. The obtained experimental results are compared with some recently investigated S-boxes to demonstrate that the proposed scheme has better proficiency of constructing efficient S-boxes.

Mobile Cloud Computing with SOAP and REST Web Services

Mobile computing in conjunction with Mobile web services drives a strong approach where the limitations of mobile devices may possibly be tackled. Mobile Web Services are based on two types of technologies; SOAP and REST, which works with the existing protocols to develop Web services. Both the approaches carry their own distinct features, yet to keep the constraint features of mobile devices in mind, the better in two is considered to be the one which minimize the computation and transmission overhead while offloading. The load transferring of mobile device to remote servers for execution called computational offloading. There are numerous approaches to implement computational offloading a viable solution for eradicating the resources constraints of mobile device, yet a dynamic method of computational offloading is always required for a smooth and simple migration of complex tasks. The intention of this work is to present a distinctive approach which may not engage the mobile resources for longer time. The concept of web services utilized in our work to delegate the computational intensive tasks for remote execution. We tested both SOAP Web services approach and REST Web Services for mobile computing. Two parameters considered in our lab experiments to test; Execution Time and Energy Consumption. The results show that RESTful Web services execution is far better than executing the same application by SOAP Web services approach, in terms of execution time and energy consumption. Conducting experiments with the developed prototype matrix multiplication app, REST execution time is about 200% better than SOAP execution approach. In case of energy consumption REST execution is about 250% better than SOAP execution approach.

Novel Multi-swarm Approach for Balancing Exploration and Exploitation in Particle Swarm Optimization

Several metaheuristic algorithms and improvements to the existing ones have been presented over the years. Most of these algorithms were inspired either by nature or the behavior of certain swarms, such as birds, ants, bees, or even bats. These algorithms have two major components, which are exploration and exploitation. The interaction of these components can have a significant influence on the efficiency of the metaheuristics. Meanwhile, there are basically no guiding principles on how to strike a balance between these two components. This study, therefore, proposes a new multi-swarm-based balancing mechanism for keeping a balancing between the exploration and exploitation attributes of metaheuristics. The new approach is inspired by the phenomenon of the leadership scenario among a group of people (a group of people being governed by a selected leader(s)). These leaders communicate in a meeting room, and the overall best leader makes the final decision. The simulation aspect of the study considered several benchmark functions and compared the performance of the suggested algorithm to that of the standard PSO (SPSO) in terms of efficiency.

Data Security Issues In Cloud Computing: Review

Cloud computing is an internet based model that empower on demand ease of access and pay for the usage of each access to shared pool of networks. It is yet another innovation that fulfills a clients necessity for computing resources like systems, stockpiling, servers, administrations and applications. Securing the Data is considered one of the principle significant challenges and concerns for cloud computing. This persistent problem is getting more affective due to the changes in improving cloud computing technology. From the perspective of the Clients, cloud computing is a security hazard especially when it comes to assurance affirmation issues and data security, remain the most basically which backs off for appropriation of Cloud Computing administrations. This paper audits and breaks down the essential issue of cloud computing and depicts the information security and protection of privacy issues in cloud.

Trusting cloud computing for personal files

In a recent research study concerning current and future (state-of-the-art) cloud security issues, we recognised a substantive number of security loopholes in information technology systems and devised relevant solutions for such problems. As an outcome, exchanging the main point that contains all the information originating from heterogeneous sources that oversee the physiological methodologies of a city could have devastating effects because cloud security would be influenced at diverse levels and clients would be influenced at distinctive administrations. In addition, if these innovations are utilised more extensively, cyber terrorism could, with a solitary machine ambush, hinder significant numbers urban areas worldwide. This paper summarises some major issues in cloud computing, which caused us to reconsider the type of information that can be stored safely in cloud computing.