Muttukrishnan Rajarajan

Review: A survey of intrusion detection techniques in Cloud

In this paper, we survey different intrusions affecting availability, confidentiality and integrity of Cloud resources and services. Proposals incorporating Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) in Cloud are examined. We recommend IDS/IPS positioning in Cloud environment to achieve desired security in the next generation networks.

A survey on security issues and solutions at different layers of Cloud computing

Cloud computing offers scalable on-demand services to consumers with greater flexibility and lesser infrastructure investment. Since Cloud services are delivered using classical network protocols and formats over the Internet, implicit vulnerabilities existing in these protocols as well as threats introduced by newer architectures raise many security and privacy concerns. In this paper, we survey the factors affecting Cloud computing adoption, vulnerabilities and attacks, and identify relevant solution directives to strengthen security and privacy in the Cloud environment.

Android Security: A Survey of Issues, Malware Penetration, and Defenses

Smartphones have become pervasive due to the availability of office applications, Internet, games, vehicle guidance using location-based services apart from conventional services such as voice calls, SMSes, and multimedia services. Android devices have gained huge market share due to the open architecture of Android and the popularity of its application programming interface (APIs) in the developer community. Increased popularity of the Android devices and associated monetary benefits attracted the malware developers, resulting in big rise of the Android malware apps between 2010 and 2014. Academic researchers and commercial antimalware companies have realized that the conventional signature-based and static analysis methods are vulnerable. In particular, the prevalent stealth techniques, such as encryption, code transformation, and environment-aware approaches, are capable of generating variants of known malware. This has led to the use of behavior-, anomaly-, and dynamic-analysis-based methods. Since a single approach may be ineffective against the advanced techniques, multiple complementary approaches can be used in tandem for effective malware detection. The existing reviews extensively cover the smartphone OS security. However, we believe that the security of Android, with particular focus on malware growth, study of antianalysis techniques, and existing detection methodologies, needs an extensive coverage. In this survey, we discuss the Android security enforcement mechanisms, threats to the existing security enforcements and related issues, malware growth timeline between 2010 and 2014, and stealth techniques employed by the malware authors, in addition to the existing detection methods. This review gives an insight into the strengths and shortcomings of the known research methodologies and provides a platform, to the researchers and practitioners, toward proposing the next-generation Android security, analysis, and malware detection techniques.

Towards Secure Cloud Bursting, Brokerage and Aggregation

The cloud based delivery model for IT resources is revolutionizing the IT industry. Despite the marketing hype around “the cloud”, the paradigm itself is in a critical transition state from the laboratories to mass market. Many technical and business aspects of cloud computing need to mature before it is widely adopted for corporate use. For example, the inability to seamlessly burst between internal cloud and external cloud platforms, termed cloud bursting, is a significant shortcoming of current cloud solutions. Furthermore, the absence of a capability that would allow to broker between multiple cloud providers or to aggregate them into a composite service inhibits the free and open competition that would help the market mature. This paper describes the concepts of cloud bursting and cloud brokerage and discusses the open management and security issues associated with the two models. It also presents a possible architectural framework capable of powering the brokerage based cloud services that is currently being developed in the scope of OPTIMIS, an EU FP7 project.

Design and characterization of compact single-section passive polarization rotator

In this paper an improved design for a short and low-loss polarization rotator is proposed, consisting of a single-section asymmetrical waveguide butt-coupled between two standard rib waveguides. At a wavelength of 1.55 /spl mu/m, nearly 100% polarization conversion ratio is obtained, with a relatively short (320 /spl mu/m) device length and an extremely low 0.5 dB total insertion loss. The simulation results are obtained using the full vectorial finite-element-based beam propagation, the junction analysis, and the modal solution approaches.

Secure data access in cloud computing

Data security and access control is one of the most challenging ongoing research work in cloud computing, because of users outsourcing their sensitive data to cloud providers. Existing solutions that use pure cryptographic techniques to mitigate these security and access control problems suffer from heavy computational overhead on the data owner as well as the cloud service provider for key distribution and management. This paper addresses this challenging open problem using capability based access control technique that ensures only valid users will access the outsourced data. This work also proposes a modified Diffie-Hellman key exchange protocol between cloud service provider and the user for secretly sharing a symmetric key for secure data access that alleviates the problem of key distribution and management at cloud service provider. The simulation run and analysis shows that the proposed approach is highly efficient and secure under existing security models.

Accurate analysis of MMI devices with two-dimensional confinement

The accurate analysis of multimode interference (MMI) devices with two-dimensional (2-D) confinement has been demonstrated by using the least squares boundary residual (LSBR) method. Accurate modal propagation constants and spatial field profiles in the MMI section are obtained by using the vector H-field based finite element method. The accurate calculation of the excited modal coefficients is achieved by using the LSBR, which satisfies the continuity of the transverse field components more rigorously than using simple overlap integrals.

A rigorous comparison of the performance of directional couplers with multimode interference devices

The authors report, for the first time, a direct comparison between a directional coupler and a multimode interference-based device, in relation to their performance characteristics such as crosstalk, polarization dependence and the effect of fabrication tolerances. The coupling efficiency for a nonidentical coupler, produced inadvertently due to problems with fabrication tolerances, is also demonstrated. The vector finite element (FE) and the least squares boundary residual (LSBR) methods are employed as the numerical tools used in this simulation study.

Review: A1: An energy efficient topology control algorithm for connected area coverage in wireless sensor networks

Energy consumption in Wireless Sensor Networks (WSNs) is of paramount importance, which is demonstrated by the large number of algorithms, techniques, and protocols that have been developed to save energy, and thereby extend the lifetime of the network. However, in the context of WSNs routing and dissemination, Connected Dominating Set (CDS) principle has emerged as the most popular method for energy-efficient topology control (TC) in WSNs. In a CDS-based topology control technique, a virtual backbone is formed, which allows communication between any arbitrary pair of nodes in the network. In this paper, we present a CDS based topology control algorithm, A1, which forms an energy efficient virtual backbone. In our simulations, we compare the performance of A1 with three prominent CDS-based algorithms namely energy-efficient CDS (EECDS), CDS Rule K and A3. The results demonstrate that A1 performs better in terms of message overhead and other selected metrics. Moreover, the A1 not only achieves better connectivity under topology maintenance but also provides better sensing coverage when compared with other algorithms.

Trust Model for Optimized Cloud Services

Cloud computing with its inherent advantages draws attention for business critical applications, but concurrently expects high level of trust in cloud service providers. Reputation-based trust is emerging as a good choice to model trust of cloud service providers based on available evidence. Many existing reputation based systems either ignore or give less importance to uncertainty linked with the evidence. In this paper, we propose an uncertainty model and define our approach to compute opinion for cloud service providers. Using subjective logic operators along with the computed opinion values, we propose mechanisms to calculate the reputation of cloud service providers. We evaluate and compare our proposed model with existing reputation models.