• 제목/요약/키워드: network computing

검색결과 3,181건 처리시간 0.028초

SECURITY THREATS AND ATTACKS IN CLOUD

  • Mohammed, Asma;Al khathami, Jamilah;Alhakami, Wajdi
    • International Journal of Computer Science & Network Security
    • /
    • 제21권1호
    • /
    • pp.184-191
    • /
    • 2021
  • The amount of information and data in the digital era is increasing tremendously. Continuous online connectivity is generating a massive amount of data that needs to store in computers and be made available as and when required. Cloud computing technology plays a pivotal role in this league. Cloud computing is a term that refers to computer systems, resources and online services that aim to protect and manage data in an effective, more efficient and easy way. Cloud computing is an important standard for maintaining the integrity and security of sensitive data and information for organizations and individuals. Cloud security is one of the most important challenges that the security of the entire cloud system depends on. Thus, the present study reviews the security challenges that exist in cloud computing, including attacks that negatively affect cloud resources. The study also addresses the most serious threats that affect cloud security. We also reviewed several studies, specifically those from 2017-20, that cited effective mechanisms to protect authentication, availability and connection security in the cloud. The present analysis aims to provide solutions to the problems and causes of cloud computing security system violations, which can be used now and developed in the future.

A Enhanced Security Model for Cloud Computing in SSO Environment

  • Jang, Eun-Gyeom
    • 한국컴퓨터정보학회논문지
    • /
    • 제22권8호
    • /
    • pp.55-61
    • /
    • 2017
  • Cloud computing is cost-effective in terms of system configuration and maintenance and does not require special IT skills for management. Also, cloud computing provides an access control setting where SSO is adopted to secure user convenience and availability. As the SSO user authentication structure of cloud computing is exposed to quite a few external security threats in wire/wireless network integrated service environment, researchers explore technologies drawing on distributed SSO agents. Yet, although the cloud computing access control using the distributed SSO agents enhances security, it impacts on the availability of services. That is, if any single agent responsible for providing the authentication information fails to offer normal services, the cloud computing services become unavailable. To rectify the environment compromising the availability of cloud computing services, and to protect resources, the current paper proposes a security policy that controls the authority to access the resources for cloud computing services by applying the authentication policy of user authentication agents. The proposed system with its policy of the authority to access the resources ensures seamless and secure cloud computing services for users.

A Hybrid Cloud Testing System Based on Virtual Machines and Networks

  • Chen, Jing;Yan, Honghua;Wang, Chunxiao;Liu, Xuyan
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제14권4호
    • /
    • pp.1520-1542
    • /
    • 2020
  • Traditional software testing typically uses many physical resources to manually build various test environments, resulting in high resource costs and long test time due to limited resources, especially for small enterprises. Cloud computing can provide sufficient low-cost virtual resources to alleviate these problems through the virtualization of physical resources. However, the provision of various test environments and services for implementing software testing rapidly and conveniently based on cloud computing is challenging. This paper proposes a multilayer cloud testing model based on cloud computing and implements a hybrid cloud testing system based on virtual machines (VMs) and networks. This system realizes the automatic and rapid creation of test environments and the remote use of test tools and test services. We conduct experiments on this system and evaluate its applicability in terms of the VM provision time, VM performance and virtual network performance. The experimental results demonstrate that the performance of the VMs and virtual networks is satisfactory and that this system can improve the test efficiency and reduce test costs through rapid virtual resource provision and convenient test services.

이동에이전트를 이용한 원격관리 시스템 설계 (Design of Remote management System Using Mobile Agents)

  • 홍성표;송기범;박찬모;이준;오무송
    • 한국정보통신학회:학술대회논문집
    • /
    • 한국해양정보통신학회 2000년도 추계종합학술대회
    • /
    • pp.368-371
    • /
    • 2000
  • 분산 컴퓨팅 기술과 객체지향 기술의 발전은 인터넷상의 동일 기종간의 분산처리뿐만 아니라, 이 기종간에도 분산 컴퓨팅이 가능한 분산 객체 컴퓨팅으로 발전되었다. 이를 대표하는 CORBA(Comm on Object Request Broker Architecture)도 단지 네트워크를 통한 이기종간의 상호 운용성만을 해결한 상태이며, 대부분 서버 객체의 존재 및 정상적인 활동이 보장되지만 네트워크 오버헤드가 발생하는 경우에는 클라이언트의 서비스 요구에 응할 수 없는 문제점을 가지고 있다. 이러한 문제를 해결하는 방안 중 하나로, 데이터와 코드를 결합한 객체를 직접 이동하는 이동에이전트(Mobile Agent)를 분산 컴퓨팅 기술과 결합하는 방법이 대두되고 있다.

  • PDF

모바일 RFID 장치를 이용한 박물관 관리 시스템 설계 및 구현 (Design and Prototype Implementation of Museum Asset Management System Using Mobile RFID Devices)

  • 김영일;정태수
    • 한국전자거래학회:학술대회논문집
    • /
    • 한국전자거래학회 2005년도 종합학술대회
    • /
    • pp.78-84
    • /
    • 2005
  • As the research activities related to 'Ubiquitous Computing' whose concept was introduced by Mark Weiser are growing, RFID(Radio Frequency Identification) technology has recently gained attention as a technology to advance the ubiquitous computing and a lot of related researches are also in progress. Research works done so far are mainly linked to the situation that the research outputs apply to meet the requirements for asset tracking and data sharing with partners over supply chain by using fixed RFID readers. However, it is essential that users have access to real-time information about the tagged objects and services whenever and wherever they want in the era of ubiquitous computing, so mobile devices-including PDA, smart phone, cellular phone, etc - which are equipped with an RFID reader can be regarded as an essential terminal for users living in ubiquitous computing environment. As far as the application with mobile devices are concerned, there are many considerations due to their limited capabilities of data processing, battery consumption and so on. In this paper, we review the generic RFID network model and introduce the revised RFID network model in consideration of incorporation with mobile devices equipped with an RFID reader. Also, we derive the requirements for software embedded within an RFID- enabled mobile terminal and then discuss essential components for implementation. Moreover, we develop the applications for asset management at museum by using mobile RFID network model.

  • PDF

A Dynamic Defense Using Client Puzzle for Identity-Forgery Attack on the South-Bound of Software Defined Networks

  • Wu, Zehui;Wei, Qiang;Ren, Kailei;Wang, Qingxian
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제11권2호
    • /
    • pp.846-864
    • /
    • 2017
  • Software Defined Network (SDN) realizes management and control over the underlying forwarding device, along with acquisition and analysis of network topology and flow characters through south bridge protocol. Data path Identification (DPID) is the unique identity for managing the underlying device, so forged DPID can be used to attack the link of underlying forwarding devices, as well as carry out DoS over the upper-level controller. This paper proposes a dynamic defense method based on Client-Puzzle model, in which the controller achieves dynamic management over requests from forwarding devices through generating questions with multi-level difficulty. This method can rapidly reduce network load, and at the same time separate attack flow from legal flow, enabling the controller to provide continuous service for legal visit. We conduct experiments on open-source SDN controllers like Fluid and Ryu, the result of which verifies feasibility of this defense method. The experimental result also shows that when cost of controller and forwarding device increases by about 2%-5%, the cost of attacker's CPU increases by near 90%, which greatly raises the attack difficulty for attackers.

SOCMTD: Selecting Optimal Countermeasure for Moving Target Defense Using Dynamic Game

  • Hu, Hao;Liu, Jing;Tan, Jinglei;Liu, Jiang
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제14권10호
    • /
    • pp.4157-4175
    • /
    • 2020
  • Moving target defense, as a 'game-changing' security technique for network warfare, realizes proactive defense by increasing network dynamics, uncertainty and redundancy. How to select the best countermeasure from the candidate countermeasures to maximize defense payoff becomes one of the core issues. In order to improve the dynamic analysis for existing decision-making, a novel approach of selecting the optimal countermeasure using game theory is proposed. Based on the signal game theory, a multi-stage adversary model for dynamic defense is established. Afterwards, the payoffs of candidate attack-defense strategies are quantified from the viewpoint of attack surface transfer. Then the perfect Bayesian equilibrium is calculated. The inference of attacker type is presented through signal reception and recognition. Finally the countermeasure for selecting optimal defense strategy is designed on the tradeoff between defense cost and benefit for dynamic network. A case study of attack-defense confrontation in small-scale LAN shows that the proposed approach is correct and efficient.

ANALOG COMPUTING FOR A NEW NUCLEAR REACTOR DYNAMIC MODEL BASED ON A TIME-DEPENDENT SECOND ORDER FORM OF THE NEUTRON TRANSPORT EQUATION

  • Pirouzmand, Ahmad;Hadad, Kamal;Suh, Kune Y.
    • Nuclear Engineering and Technology
    • /
    • 제43권3호
    • /
    • pp.243-256
    • /
    • 2011
  • This paper considers the concept of analog computing based on a cellular neural network (CNN) paradigm to simulate nuclear reactor dynamics using a time-dependent second order form of the neutron transport equation. Instead of solving nuclear reactor dynamic equations numerically, which is time-consuming and suffers from such weaknesses as vulnerability to transient phenomena, accumulation of round-off errors and floating-point overflows, use is made of a new method based on a cellular neural network. The state-of-the-art shows the CNN as being an alternative solution to the conventional numerical computation method. Indeed CNN is an analog computing paradigm that performs ultra-fast calculations and provides accurate results. In this study use is made of the CNN model to simulate the space-time response of scalar flux distribution in steady state and transient conditions. The CNN model also is used to simulate step perturbation in the core. The accuracy and capability of the CNN model are examined in 2D Cartesian geometry for two fixed source problems, a mini-BWR assembly, and a TWIGL Seed/Blanket problem. We also use the CNN model concurrently for a typical small PWR assembly to simulate the effect of temperature feedback, poisons, and control rods on the scalar flux distribution.

웹 서비스 기반의 USN 응용 개발을 위한 응용서비스 모델 및 플랫폼에 관한 연구 (A Study on the Application Service Model and Platform for Web Services Based on USN Application Developments)

  • 김창수;조극양;정회경
    • 한국정보통신학회:학술대회논문집
    • /
    • 한국해양정보통신학회 2010년도 추계학술대회
    • /
    • pp.485-488
    • /
    • 2010
  • 최근 인터넷의 보급 및 컴퓨터 네트워크 기술의 발전과 더불어 차세대 컴퓨팅 패러다임으로 불리는 유비쿼터스 컴퓨팅(Ubiquitous Computing)을 실현하기 위한 연구가 활발히 진행되고 있다. 이는 컴퓨터 네트워크와 인터넷을 기반으로 하여 시공간의 제약에 구애 받지 않고 인간을 중심으로 한 서비스를 수행하는 기준이 될 것이다. 유비쿼터스 컴퓨팅을 위한 핵심 기술로서 USN(Ubiquitous Sensor Network)이 제시되고 있다. 이에 본 논문에서는, 센서 정보를 표준화된 형태로 서술하기 위한 정보 서술 표준과 USN 센서 서비스에 대한 디렉토리 서비스 프로토콜 응용 표준에 대해 연구하였다.

  • PDF

Intelligent Android Malware Detection Using Radial Basis Function Networks and Permission Features

  • Abdulrahman, Ammar;Hashem, Khalid;Adnan, Gaze;Ali, Waleed
    • International Journal of Computer Science & Network Security
    • /
    • 제21권6호
    • /
    • pp.286-293
    • /
    • 2021
  • Recently, the quick development rate of apps in the Android platform has led to an accelerated increment in creating malware applications by cyber attackers. Numerous Android malware detection tools have utilized conventional signature-based approaches to detect malware apps. However, these conventional strategies can't identify the latest apps on whether applications are malware or not. Many new malware apps are periodically discovered but not all malware Apps can be accurately detected. Hence, there is a need to propose intelligent approaches that are able to detect the newly developed Android malware applications. In this study, Radial Basis Function (RBF) networks are trained using known Android applications and then used to detect the latest and new Android malware applications. Initially, the optimal permission features of Android apps are selected using Information Gain Ratio (IGR). Appropriately, the features selected by IGR are utilized to train the RBF networks in order to detect effectively the new Android malware apps. The empirical results showed that RBF achieved the best detection accuracy (97.20%) among other common machine learning techniques. Furthermore, RBF accomplished the best detection results in most of the other measures.