ENHANCED DYNAMIC PROTECTION SCHEME IN SAAS IN CLOUDS USING ANOMALY SOFTWARE AGENT SYSTEM

International Journal of Computer Science (IJCS) Published by SK Research Group of Companies (SKRGC)

Abstract

SaaS cloud systems often host long-running applications like massive data processing, which provides more opportunities for attackers to exploit the system vulnerability and leak the information to misuse. In this paper we propose an enhanced Dynamic security scheme in SaaS in Clouds using Anomaly Software Agent system. The primary benefit of an Agent-based Information Leakage Detection system lies in the ability to modify and add detection capabilities, modularize those capabilities, and then conditionally employ such capabilities at the discretion of a central control mechanism (in our system, the Controller Agent). The use of mobile agents as described in this paper, and in general, reduces the per-host administrative complexity as once the initial agent environment is properly installed and configured; all further necessary actions are performed by the agents themselves. Additionally, mobile agents are able to provide unique reporting capabilities that, for the purposes of our research, may benefit the analysis of information leakage, protection and the underlying covert channels through which information has been leaked.

References

[1] J. Garay and L. Huelsbergen, “Software Integrity Protection Using Timed Executable gents,”Proc. Mar. 2006

[2] S. Berger et al., “TVDc: Managing Security in the Trusted Virtual Datacenter,” ACM IGOPS Operating Systems Rev., vol. 42, no. 1, pp. 40-47, 2008.

[3] T. Garfinkel et al., “Terra: A Virtual Machine-Based Platform for Trusted Computing,”Proc.19th ACM Symp. Operating Systems Principles (SOSP), Oct. 2003.

[4] A. Seshadri, M. Luk, E. Shi, A. Perrig, L. van Doorn, and P. Khosla,“Pioneer: Verifying Code Integrity and Enforcing Untampered Code Execution on Legacy Systems,” Proc. 20th ACM Symp.Oct. 2005.

[5] E. Shi, A. Perrig, and L.V. Doorn, “Bind: A Fine-Grained Attestation Service for Secure Distributed Systems,” Proc. IEEE Symp. Security and Privacy, 2005.

[6] The Trusted Computing Group website, https://www.trustedcomputinggroup.org, 2013.

[7] J.L. Griffin, T. Jaeger, R. Perez, and R. Sailer, “Trusted Virtual Domains: Toward Secure Distributed Services,” Proc. First Workshop Hot Topics in System Dependability, June 2005.

[8] L. Lamport, R. Shostak, and M. Pease, “The Byzantine Generals Problem,” ACM Trans.Programming Languages and Systems, vol. 4,no. 3, pp. 382-401, 1982.

[9] T. Ho et al., “Byzantine Modification Detection in Multicast Networks Using Randomized Network Coding,” Proc. IEEE Int’l Symp. Information Theory (ISIT), 2004.

[10] J.Du,W.Wei, X. Gu, and T. Yu, “Runtest: Assuring Integrity of Dataflow Processing in Cloud Computing Infrastructures,”ACM Symp. (ASIACCS), 2010.

[11] J. Du, N. Shah, and X. Gu, “Adaptive Data-Driven Service Integrity Attestation for Multi-Tenant Clo`ud Systems,” Proc. Int’l Workshop Quality of Service (IWQoS), 2011.

[12]R. Dugad, K. Ratakonda, and N. Ahuja, “A New Wavelet-based Scheme for Watermarking Images”. In Proceedings of the International Conference on Image Processing, vol. 2, pp. 419-423, Oct. 1998.

Keywords

Distributed Service, Data Privacy, Application Service Providers (ASPs), Anomaly Software Agent.