Classification of Transitional Data Sets for Secrecy Conserving over Cloud

advertisement

International Journal of Engineering Trends and Technology (IJETT) – Volume 16 Number 7 – Oct 2014

Classification of Transitional Data Sets for Secrecy

Conserving over Cloud

Hemanth Kumar Mamidi

1

, JayanthiRao Madina

2

Final M.Tech Student

1

, Head of the department

2

1,2

Dept of Information Technology, Sarada Institute of Science, Technology And Management(SISTAM), Srikakulam, Andhra

Pradesh

Abstract: In this paper we are proposing an efficient privacy preserving cost effective mechanism through classification and cryptographic approach. When a sharing of resources like data in cloud,should provide security and privacy over data, also provide to store the required data into the cloud.

In this paper we are using ID3algorithm for classification of intermediate data set and store into cloud. Before storing the data into cloud the data owner should encrypt the data by using cryptographic algorithm Triple DES technique. If any user required toretrieve data from the cloud ,it can be decryptedwith same key and it can reduces time complexity and it is cost effective.

I. INTRODUCTION

By increasing of the usage of the data in cloud there are so many security issues raising in network. There are so many security threats in cloud we will some of them here. In network level security there is major issue is differentiation between public loud and private cloud.

There is no other attacks are possible issuing privileges to access the cloud environments. The major problem of these clouds is network layer attacks such as man in the middle attacks and impersonation attacks.[1,2]

Next one is issuing particular access control may effects the cloud services. There is mainly problem with IP

Address and port number of the connection. Manipulating

If any existing users are not there for new users it will assign new IP Address. It takes some time to process and generate new IP address. It time delay may occur for manipulating the physical address of the DNS Cache.

Other one is confidentiality and integrity of the user data. Each and every customer data in public cloud are affected to internet. Each customer data in the public cloud environment are exposed to internet, create the significant risk in ensuring the confidentiality and integrity of their data. According to the Amazon web services security vulnerability report, the AWS signature version 1 proven as insecure and the customers are requested to switch to

AWS signature version 2 or switch to HTTPS would mitigate the integrity risk[4,8].

Attackers and target machine are resides on the same subnet in Non-Blind spoofing. The attacker sniffs the existing transmission in order to understand the sequence\acknowledge cycle between target machine and other host. Once the sequence number known, the attacker can hijack the session and easily bypass the authentication mechanism. The attacker resides outside the target machine in blind spoofing attack and sends the multiple packets to the target in order to understand sequence number order.

In host level security[9,10] the attacks mostly effects the infrastructure and it affiliates itself to the cloud computing systems. The challenges are mainly based on abstraction of content of deploying models and hosting methods and schemes.In cloud services threats are in deploying level which is related to virtual machine and access control in public cloud environments.

In parameter security issue the cloud computing methods and models the security is virtual environments and it is very complex the general network because of virtual servers that may present in firewall. If the parameter is also included in attacker parameter inside the malicious system leads high level of damage of the authorized users systems. This approach generates a parameter to provisioning of the privileges.

Coming to virtual machine security issues the customer have full control over the virtual agent. It is recommended to run only the necessary services and turn off the unused services that are not required. Some more security threats like capture user accounts that are not properly protected with strong password, attack the systems that are not properly protected by host firewalls and deploy Trojan embedded in the VM software component or within the VM image itself.[4] Cloud service provider must ensure that the strong operational security procedures are followed to secure the virtual machine from these threats.

II. RELATED WORK

Now a days to store data and retrieve data cloud computing is used as a best source and mostly used it. As the data outsourcing has been drastically increased for its flexible of the work done with less effort and more efficient for the strategic management of the corporate data.It acts as a base technology behindmany online services for personal applications by this way we can increase of storing data every day for the user of cloud computing and also it provide security to the data over cloud. In this paper we propose the technique to provide authentication of users and security of data.[3,7]

ISSN: 2231-5381 http://www.ijettjournal.org

Page 339

International Journal of Engineering Trends and Technology (IJETT) – Volume 16 Number 7 – Oct 2014

III. PROPOSED SYSTEM There are some issues to consider the privacy breaches in cloud computing such as Storage that is identifying the users who are stored their data and located data that is hidden from the public users. Users complex information mat send to some other places without knowledge about the destination places.

Coming to destruction it is happens after the retention phase the user personal information must be destroyed from the provider storage. If multiple copies are maintained to issue the availability of the data that is replicated data in the server. The main concept is maintaining the requirements to issue all the requirements perform correctly.

Cloud provides data storage as service and one of the efficient resource area. We are proposing an efficient cost effective system by storing the intermediate sets instead of entire data sets in to cloud. End users can request the resources like on demand services,here we can reduces the space complexity by eliminating the unnecessary data and reduces time complexity because time taken to encrypt the raw dataset is less than he intermediate dataset and data confidentiality can be maintained through Triple DES algorithm.

Data Owner moved to cloud, the question arises that how long that resides in the cloud, what type retention policy is used to manage that data and who implement this policy in the cloud.

In retention stage the users sensitive data once

Let us consider the database as a training dataset and testing dataset. Training dataset is a raw data on which testing dataset is passed an input and generates decision tree for ID3 algorithm classification of the data over these dataset has been obtained. Classified resultsare known as intermediate dataset. Comparing the training and testing dataset In Auditing and monitoring the organization needs to monitor the cloud service provider activities in order to provide the guarantee to their stakeholder that the privacy requirement is not violated when their personal information is in cloud. Regularly the cloud provider activities should be audited to assure the user personal information is not leaked.[4,6]

In Data breaches If the user data breach occurs in cloud, how they get notified about the breach and who is responsible for breach notification. In case if the cloud provider neglect to undertake that responsibility, how could be determined who is at fault. These all the major privacy concern that the consumer can thing about it before moving to cloud. The consumer should read the terms of services and privacy policy thoroughly before they put their sensitive data to cloud and they should try to avoid placing the information that should be hidden from private litigate.[10]

Cloud Service

It is a service provided for the user and data owner to get access the data, data owner gets the intermediate dataset from training dataset and testing dataset using the id3 algorithm and stores the data in cloud and then the user gets the data from the cloud which is stored by the data ownerwhich is encrypted . The user decrypts the data received from the cloud. Though the cloud provide the data many number of users can get access the same data by getting the authentication.

Users

User logged in, to get the data from the cloud inspite of number of users can get the same data by the user authentication technique by using the Triple DES.

ISSN: 2231-5381 http://www.ijettjournal.org

Page 340

International Journal of Engineering Trends and Technology (IJETT) – Volume 16 Number 7 – Oct 2014

Read Dataset

Data Owner

Intermediate dataset

Dataset

User1

User2

Decrypts the data

Decrypts the data

User3

Decrypts the data

Cloud Service

Encrypted Data

ID3 Classification algorithm:

1) Establish Classification Attribute

2) Compute Classification Entropy.

3) For every attribute in R set, compute

Information Gain using classification attribute.

4) Choose Attribute with the highest information gain to be the next Node in the tree (starting from the main root node).

5) Eliminate or remove Node Attribute, creating reduced table R

S set.

6) Repeat steps 3 to 5 until all attributes have been used or the same classification value remains for all rows in the reduced table.

ID3 builds a decision tree from a fixed set of examples and the resulting tree is used to classify future samples and the example has several attributes and belongs to a class (like yes or no) and the leaf nodes of the decision tree contain the class name whereas a non-leaf node is a decision node and the decision node is an attribute test with each branch (to another decision tree) being a possible value of the attribute and ID3 uses information gain to help it decide which attribute goes into a decision node and the advantage of learning a decision tree is that a program rather than a knowledge engineer that elicits knowledge from a final expert.

Gain measures how well a given attribute separates training examples into targeted classes.

The only one with the highest information

(information being the most useful for classification) is selected to define gain, we first borrow an idea from information theory called entropy and Entropy measures the amount of information in an attribute.

Triple DES algorithm:

Triple DES is the common name for the Triple Data

Encryption Algorithm (TDEA) block cipher. It is so named because it applies the Data Encryption Standard (DES) cipher algorithm three times to each data block. Triple DES

ISSN: 2231-5381 http://www.ijettjournal.org

Page 341

International Journal of Engineering Trends and Technology (IJETT) – Volume 16 Number 7 – Oct 2014 provides a relatively simple method of increasing the key size of DES to protect against brute force attacks, without requiring a completely new block cipher algorithm. technique we are provide more security and efficiency for transferring data.

REFERENCES

The standards define three keying options:

Keying option 1: All three keys are independent.

Keying option 2: K1 and K2 are independent, and

K3 = K1.

[1] Peter Mell, and Tim Grance, “The NIST Definition of

Cloud Computing,” Version 15, 10-7-09, http://www.wheresmyserver.co.nz/ files/cloud-def-v15.pdf. storage/media/faq-

• Keying option 3: All three keys are identical, i.e.

K1 = K2 = K3.

[2] Sun Cloud Architecture Introduction White Paper (in

Chinese).

http://developers.sun.com.cn/blog/functionalca/re source/sun_353cloudc omputing_chinese.pdf.

Keying option 1 is the strongest, with 3 x 56 = 168 independent key bits.

[3] Cloud computing security, http://en.wikipedia.org/wiki/Cloud computing_security.

Keying option 2 provides less security, with 2 x 56 = 112 key bits. This option is stronger than simply DES encrypting twice, e.g. with K1 and K2, because it protects against meet-in-the-middle attacks.

[4] Gartner: Seven cloud-computing security risks.

InfoWorld.2008-07-

02.

http://www.infoworld.com/d/security-central/gartnerseven-cloudcomputingsecurity-risks-853.

Keying option 3 is no better than DES, with only 56 key bits. This option provides backward compatibility with

DES, because the first and second DES operations simply cancel out. It is no longer recommended by the National

Institute of Standards and Technology (NIST) and not supported by ISO/IEC 18033-3.

[5] Cloud Security Front and Center. Forrester Research.

2009-11-18.http://blogs.forrester.com/srm/2009/11/cloudsecurity-front-andcenter.html

[6] Cloud Security http://www.cloudsecurityalliance.org.

Alliance.

In general Triple DES with three independent keys (keying option 1) has a key length of 168 bits (three 56-bit DES keys), but due to the meet-in-the-middle attack the effective security it provides is only 112 bits. Keying option 2, reduces the key size to 112 bits. However, this option is susceptible to certain chosen-plaintext or knownplaintext attacks and thus it is designated by NIST to have only 80 bits of security.

IV. CONCLUSION

The storage of data in the cloud places an important role for the purpose and to maintain security of data. Another problem for facing in the cloud computing is the authentication of users. In this paper we are using ID3 algorithm for classification of data and obtain the intermediate dataset. In this we are using another technique for generation of secret key for the encryption and decryption of transmitted data.. The encryption and decryption of transmitted data we are using Triple DES algorithm. After performing encryption of data stored into cloud in the form encrypted format. By providing those

[7] Cloud Security Alliance, Security Guidance for Critical

Areas of http://www.clouds ecurityalliance.org/guidance/csaguide.v2.1.pdf. service deliverymodels of cloud computing. Journal of

Network and ComputerApplications 34(2011)1-11.

[9] Mohamed Al Morsy, John Grundy, Ingo Müller, “An

Analysis of TheCloud Computing Security Problem,” in

Proceedings of APSEC 2010Cloud Workshop, Sydney,

Australia, 30th Nov 2010.

[10] Yanpei Chen, Vern Paxson, Randy H. Katz, “What's

New About CloudComputing Security?” Technical Report

No.UCB/EECS-2010-5. http://www.eecs.berkeley.edu/Pubs/TechRpts/2010/EECS-

2010-5.html

Focusin Cloud Computing, V2.1,

[8] S. Subashini, V.Kavitha. A survey on security issues in

ISSN: 2231-5381 http://www.ijettjournal.org

Page 342

International Journal of Engineering Trends and Technology (IJETT) – Volume 16 Number 7 – Oct 2014

BIOGRAPHIES hemanthkumarmamidi is a student in m.tech (se) in sistam college srikakulam

.he received his b.tech (cse) from sistam college srikakulam.his interesting areas are oracle data base and java.

JayanthiRaoMadina is working as a HOD in Sarada Institute of Science, Technology

And Management(SISTAM), Srikakulam,

Andhra Pradesh. He received his M.Tech

(CSE) from Aditya Institute of

Technology And Management(AITAM),

Tekkali. Andhra Pradesh. His research areas include Image Processing, Computer Networks, Data

Mining, Distributed Systems. He published six papers in international journals and he attended for three conferences.

ISSN: 2231-5381 http://www.ijettjournal.org

Page 343

Download