Top

Published in:

2019 | OriginalPaper | Chapter

3. Detecting and Preventing File Alterations in the Cloud Using a Distributed Collaborative Approach

Authors : José Antonio Cárdenas-Haro, Maurice Dawson Jr.

Published in: 16th International Conference on Information Technology-New Generations (ITNG 2019)

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Cloud Computing is the new trend and this brings new issues and challenges in cyber security since a lot of the data from companies and users is available through the Internet. It is not only about the data but also about the applications that run in the Cloud that could be compromised affecting the service to thousands or millions of users, which may also have their local systems under siege through the exploitation of the security flaws in the Cloud. We propose here an algorithm that can detect unauthorized modifications to any of the files that are kept under custody. It is a collaborative systems where a set of nodes participate to gain also reputation points. This is a light algorithm that requires a time complexity of only O(n) times hashings in total. In our algorithm is implemented a technique to avoid the Hash Value Manipulation Attack that is one kind of Man-in-the-middle attack used to replace hash values. Any unauthorized modification of a file is detected and reported without the need of a third party auditor, which is another advantage.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Password Security in Organizations: User Attitudes and Behaviors Regarding Password Strength

next chapter Comparing Black Ridge Transport Access Control (TAC), Brain Waves Authentication Technology and Secure Sockets Layer Visibility Appliance (SSL-VA)

Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS 07, pp. 598–609. ACM (2007)

Ateniese, G., Di Pietro, R., Mancini, L., Tsudik, G.: Scalable and efficient provable data possession. In: Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, p. 110. ACM (2008)

BBC News: Russian man charged over ‘massive’ US hack attacks. 10 Sept 2018

Bowers, K., Juels, A., Oprea, A.: Proofs of retrievability: theory and implementation. In: Proceedings of the 2009 ACM Workshop on Cloud Computing Security, pp. 43–54. ACM (2009)

Bump, P.: Timeline: how Russian agents allegedly hacked the DNC and Clinton’s campaign. The Washington Post. 13 July 2018

Cárdenas-Haro, J.A., Konjevod, G.: Detecting Sybil nodes in static and dynamic networks. In: Meersman, R., Dillon, T., Herrero, P. (eds.) On the Move to Meaningful Internet Systems, OTM 2010. OTM 2010. Lecture Notes in Computer Science, vol. 6427. Springer, Berlin/Heidelberg

Crosby, M., et al.: Blockchain technology: beyond bitcoin. scet.berkeley.edu Applied Innovation Review; Issue No. 2, June 2016

Eranna, M., Muarali Krishna, S.: Ensuring the integrity of data storage security in cloud computing. Int. J. Comput. Appl. 4(2) (2012). ISSN:2250-1797

Erway, C., Küpkü, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 213–222. ACM (2009)

10.

Fellman, P.V.: The nash equilibrium revisited: chaos and complexity hidden in simplicity. In: Minai, A.A., Braha, D., Bar-Yam, Y. (eds.) Unifying Themes in Complex Systems, Chap. 13, pp. 105–112. Springer, Berlin/Heidelberg (2011)CrossRef

11.

Hamlen, K., Kantarcioglu, M., Khan, L., Thuraisingham, B.: Security issues for cloud computing. Int. J. Inf. Secur. Priv. 4(2), 39–51 (2010)CrossRef

12.

Juels, A., Kaliski, B., Jr.: PORs: proofs of retrievability for large files. Future Internet 8(3), 1–16. 16p. (2016). In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 584–597. ACM (2007)

13.

Kreps, D.M.: Nash equilibrium. In: Game Theory, pp. 167–177. Palgrave Macmillan, London (1989)

14.

Moreno, J., Serrano, M.A., Fernndez-Medina, E.: Main issues in big data security. Future Internet 8(3), 1–16 16p. (2016)

15.

Mulazzani, M., Schrittwieser, S., Leithner, M., Huber, M., Weippl, E.: Dark clouds on the horizon: using cloud storage as attack vector and online slack space. In: Proceedings of the 20th USENIX Conference on Security; SEC’11, San Francisco, CA. USENIX Association, Berkeley

16.

Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. academia.edu (2009)

17.

Padhy, R.P., Patra, M.R., Satapathy, S.C.: Cloud computing: security issues and research challenges. IRACST – Int. J. Comput. Sci. Inf. Technol. Secur. (IJCSITS) 1(2), 136–146 (2011)

18.

Sharma, S., Chugh, A.: Survey paper on cloud storage security. Int. J. Innov. Res. Comput. Commun. Eng. 1(2), 208–213 (2013)

19.

Wang, S.-H., Chen, D.-W., Wang, Z.-W., Chang, S.-Q.: Public auditing for ensuring cloud data storage security with zero knowledge privacy. College of Computer, Nanjing University of Posts and Telecommunications, China (2009)

20.

Wang, Q., Wang, C., Li, J., Ren, K., Lou, W.: Enabling public verifiability and data dynamics for storage security in cloud computing. In: Proceedings of the 14th European Conference on Research in Computer Security, ESORICS’09. Springer (2009)

21.

Wang, C., Wang, Q., Ren, K., Lou, W.: Ensuring data storage security in cloud computing. In: Proceedings of IWQoS09 (2009)

22.

Xu, C., He, X., Abraha-Weldemariam, D.: Cryptanalysis of Wang’s auditing protocol for data storage security in cloud computing. In: Information Computing and Applications. ICICA 2012. Communications in Computer and Information Science, vol. 308. Springer, Berlin/Heidelberg

Title: Detecting and Preventing File Alterations in the Cloud Using a Distributed Collaborative Approach
Authors: José Antonio Cárdenas-Haro
Maurice Dawson Jr.
Publisher: Springer International Publishing
Book: 16th International Conference on Information Technology-New Generations (ITNG 2019)
Print ISBN: 978-3-030-14069-4

Electronic ISBN: 978-3-030-14070-0

Copyright Year: 2019
DOI: https://doi.org/10.1007/978-3-030-14070-0_3

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner