Detecting and mitigating HX-DoS attacks against cloud web services

Cyber-Physical Systems allow for the interaction of the cyber world and physical worlds using as a central service called Cloud Web Services. Cloud Web Services can sit well within three models of Cyber- Physical Systems, Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), and Infrastructure-as-a- Service (IaaS). With any Cyber-Physical system use Cloud Web Services it inherits a security problem, the HX-DoS attack. HX-DoS attack is a combination of HTTP and XML messages that are intentionally sent to flood and destroy the communication channel of the cloud service provider. The relevance of this research is that TCP/IP flood attacks are a common problem and a lot of research to mitigate them has previously been discussed. But HTTP denial of service and XML denial of service problem has only been addressed in a few papers. In this paper, we get closer to closing this gap on this problem with our new defence system called Pre- Decision, Advance Decision, Learning System (ENDER). In our previous experiments using our Cloud Protector, we were successful at detecting and mitigate 91% with a 9% false positive of HX-DoS attack traffic. In this paper, ENDER was able to improve upon this result by being trained and tested on the same data, but with a greater result of 99% detection and 1% false positive.

Sensor-cloud computing : novel applications and research problems

Recent developments in sensor networks and cloud computing saw the emergence of a new platform called sensor-clouds. While the proposition of such a platform is to virtualise the management of physical sensor devices, we are seeing novel applications been created based on a new class of social sensors. Social sensors are effectively a human-device combination that sends torrent of data as a result of social interactions and social events. The data generated appear in different formats such as photographs, videos and short text messages. Unlike other sensor devices, social sensors operate on the control of individuals via their mobile devices such as a phone or a laptop. And unlike other sensors that generate data at a constant rate or format, social sensors generate data that are spurious and varied, often in response to events as individual as a dinner outing, or a news announcement of interests to the public. This collective presence of social data creates opportunities for novel applications never experienced before. This paper discusses such applications as a result of utilising social sensors within a sensor-cloud environment. Consequently, the associated research problems are also presented.

Physics practicals for distance education in an undergraduate engineering course

BACKGROUND : Providing engineering practicals to undergraduates by means of distance education is a significant challenge. The past 30 years have seen the rapid development of the distance education. For many years, Deakin University has offered a full Bachelor of Engineering degree programme via distance education. All first-year students study a unit in physics. This unit includes practicals. Providing practical experiences to students is distance education’s greatest challenge.

PURPOSE : The purpose of this work was to develop the means for off-campus students to complete practical exercises in first-year engineering physics. The solution to the problem also had to comply with accreditation requirements set by Engineers Australia.

METHOD : The long-term solution to the problem was running on-campus lab classes either on weekends or as part of the annual first-year residential school for engineering professional practice. Students work was assessed by means of standard laboratory reports. On-campus marks and off-campus lab marks have been collected and compared over the past 12 years.

RESULTS : The results indicate that the off-campus lab experience is similar to the on-campus experience. Marks for the two cohorts were comparable. Those few students who completed their pracs at home faced and overcame significant challenges.

CONCLUSIONS : We found that performance in their lab reports for off-campus students was similar to that of the on-campus students. Accreditation requirements has shifted the focus from developing activities that students could perform at home to offering timely and efficient on-campus lab classes for off-campus students. Future work will focus on on-campus lab classes in accordance with accreditation requirements and perhaps on-line broadcasts of prac classes for those students who cannot attend lab on-campus.

Hybrid cloud resource provisioning policy in the presence of resource failures

Resource provisiomng is an important and challenging problem in the large-scale distributed systems such as Cloud computing environments. Resource management issues such as Quality of Service (QoS) further exacerbate the resource provisioning problem. Furthermore, with the increasing functionality and complexity of Cloud computing, resource failures are inevitable. Therefore, the question we address in this paper is how to provision resources to applications in the presence of resource failures in a hybrid Cloud computing environment. To this end, we propose three Cloud resource provisioning policies where we utilize workflow applications to drive the system workload. The proposed strategies take into account the workload model and the failure correlations to redirect requests to appropriate Cloud providers. Using real failure traces and workload models, we evaluated the performance and monetary cost of the proposed policies. The results of our experiments show that we can decrease the deadline violation rate of users' requests to as low as 20% with a limited cost on Amazon public Cloud.

Enhancement of user level controls in cloud databases

Industries in developed countries are moving quickly to ensure the rapid adoption of cloud computing. At this stage, several outstanding issues exist, particularly related to Service Level Agreements (SLAs), security and privacy. Consumers and businesses are willing to use cloud computing only if they can trust that their data will remain private and secure. Our review of research literature indicates the level of control that a user has on their data is directly correlated to the level of data privacy provided by the cloud service. We considered several privacy factors from the industry perspective, namely data loss, data storage location being unknown to the client, vendor lock-in, unauthorized secondary use of user's data for advertising, targeting secured backup and easy restoration. The level of user control in database models were identified according to the level of existence in these privacy factors. Finally, we focused on a novel logical model that might help to bring the level of user control of privacy in cloud databases into a higher level.

Microsoft and Amazon : a comparison of approaches to cloud security

Research has shown that data security has always been an important aspect of quality of service for data service providers; but cloud computing poses new and challenging security threats. The most common security concerns for users of cloud storage are data confidentiality, integrity and availability. Microsoft has considered these concerns and responded with the Azure virtual private storage based on Searchable Encryption. Amazon has also responded to these security issues with its Amazon Web Services. In this paper, we investigate and compare in depth the features of Microsoft Azure and Amazon Web Services deemed to provide security with a particular focus on confidentiality, integrity and availability of data.