A Secrecy Emission of Decision Based Approach for
advertisement
International Journal of Engineering Trends and Technology (IJETT) – Volume 19 Number 1 – Jan 2015 A Secrecy Emission of Decision Based Approach for Finding Intermediate Datasets Over cloud 1 Shaik Imran Hussin, 2L.Prasanna Kumar, 3Amarendra Kothalanka 1 2 3 M.Tech Student, Associate Professor, Head of the department 1, 2, 3 Department of Computer Science & Engineering, Dadi Institute of Engineering & Technology, Anakapalle-531002, A.P., India Abstract:In this paper we are proposing an efficient privacy preserving cost effective mechanism through classification and cryptographic approach, when sharing of resources like data in cloud,it should provide security while storing data and privacy over data. In this paper we are using ID3algorithm for classification of intermediate data set and store into cloud. Before storing the data into cloud the data owner should encrypt the data by using cryptographic algorithm i.eTriple DES technique. If any user required toretrieve data from the cloud ,it can be decryptedwith same key and it can reduces time complexity and it is cost effective. I. INTRODUCTION IT Security personnel and network help staff tasked with overseeing vast networks are routinely conflicting with distinguishing and taking care of the most widely recognized issues an extensive network postures. Commonplace causes that can be distinguished and treated, on the other hand, for the most part can be categorized as One of the accompanying three classifications: -Performance Degradation Host Identification -Security Issues Performance Degradation Performance Degradation: It alludes to issues including loss of velocity and information respectability because of poor transmissions. While each network is inclined to execution issues, expansive networks are particularly powerless because of the extra separation, endpoints, and extra gear at midpoints. Answers for execution degradation are not unpleasantly troublesome. The main step is to buy the best quality machine networking equipment one can manage. All different arrangements expand upon a robust establishment of great network fittings. All things considered, network execution is just in the same class as the parts of which it is made. Albeit quality matters, for this situation amount can likewise be an issue. Networks without enough switches, switches, space controllers, and so forth is equivalent to pumping water from a metropolitan well with a straw. Starting with sufficient, quality fittings is a phenomenal begin, yet that still is insufficient. Equipment is futile without fitting setup. ISSN: 2231-5381 Host Detection: Legitimate setup is additionally crucial to keeping up fitting host ID. Pretty much as the mail station can't convey messages without some manifestation of tending to, not one or the other can machine networking fittings. While little networks can undoubtedly be arranged with manual tending to, this gets to be totally illogical in extensive networks. DHCP servers, space controllers, and their imperative tending to programming and conventions are an unquestionable requirement regarding making and keeping up a substantial, versatile network. Top execution and legitimate host recognizable proof are barely advantageous on a network that has been ruptured by programmers. It is for this very motivation behind why securing one's network is just as imperative. Security situations: Network security issues include keeping up network honesty, keeping unapproved clients from penetrating the framework (survey/taking touchy information, passwords, and so on.), and ensuring the network disavowal of administration assaults. These issues are enormously amplified as networks increments in size. Bigger networks are more helpless to assault on the grounds that they offer more powerless focuses at which interlopers can get access. More clients, more passwords, and more fittings mean more places a programmer can attempt to get in. Resistance against these issues incorporate utilizing firewalls and intermediaries, introducing solid antivirus programming, conveying strict secret key strategies, making utilization of network examination programming, physically securing machine networking resources, and conjuring techniques that compartmentalize an extensive network with interior limits. These three issues, as extensively incorporating as they may be, can be overpowering for little to average sized business to handle all alone. II. RELATED WORK An intrusion detection system (IDS) is programming that robotizes the intrusion detection process. An intrusion prevention system (IPS) is programming that has all the capacities of an intrusion detection system furthermore can likewise endeavor to stop conceivable occurrences. This segment gives a diagram of IDS and IPS advances as an establishment for whatever is left of the distribution. It first clarifies how IDS and IPS advances can be utilized. Next, http://www.ijettjournal.org Page 4 International Journal of Engineering Trends and Technology (IJETT) – Volume 19 Number 1 – Jan 2015 it portrays the key capacities that IDS and IPS innovations perform and the detection procedures that they utilization. At last, it gives an outline of the real classes of IDS furthermore IPS innovations. IDS and IPS advances offer a significant number of the same abilities, and chairmen can typically debilitate prevention offers in IPS items, making them work as IDSs. As needs be, for curtness the term intrusion detection and prevention systems (IDPS) is utilized all through whatever is left of this manual for allude to both IDS and IPS technologies. IDPSs are fundamentally centered on distinguishing conceivable occurrences. For instance, an IDPS could distinguish when an aggressor has effectively bargained a system by abusing helplessness in the system. The IDPS could then report the occurrence to security heads, who could rapidly launch episode reaction activities to minimize the harm brought about by the incident. The IDPS could likewise log data that could be utilized by the occurrence handlers. Numerous IDPSs can likewise be arranged to perceive infringement of security approaches. For instance, a few IDPS s can be designed with firewall rule set-like settings, permitting them to recognize network movement that abuses the association's security or worthy utilization arrangements. Additionally, some IDPSs can screen record exchanges and distinguish ones that may be suspicious, for example, replicating a substantial database onto a client's smart phone. Numerous IDPSs can likewise distinguish surveillance action, which may show that an assault is impending. For instance, some assault devices and types of malware, especially worms, perform surveillance exercises, for example, have and port sweeps to recognize focuses for consequent assaults. An IDPS may have the capacity to square surveillance and advise security chairmen, who can take activities if necessary to change other security controls to counteract related episodes. Since observation movement is so visit on the Web, surveillance detection is frequently performed essentially on ensured inside networks. Anomaly detection is the procedure of looking at meanings of what action is viewed as ordinary against watched occasions to recognize huge deviations. IDPS utilizing aberrance based detection has profiles that speakto the typical conduct of such things as clients, hosts, network associations, or applications. The profiles are created by observing the attributes of run of the mill movement over a period of time. Case in point, a profile for a network may ISSN: 2231-5381 demonstrate that Web movement involves a normal of 13% of network data transfer capacity at the Internet fringe amid normal workday hours. The IDPS then uses measurable routines to contrast the attributes of current movement with edges identified with the profile, for example, recognizing when Web action includes altogether more data transfer capacity than anticipated and alarming an executive of the irregularity. Profiles can be produced for some behavioral qualities, for example, the number of messages sent by a client, the quantity of fizzled login endeavors for a host, and the level of processor use for a host in a given time of time. III. PROPOSED SYSTEM Cloud provides data storage as service and one of the efficient resource area. We are proposing an efficient cost effective system by storing the intermediate sets instead of entire data sets in to cloud. End users can request the resources like on demand services,here we can reduces the space complexity by eliminating the unnecessary data and reduces time complexity because time taken to encrypt the raw dataset is less than he intermediate dataset and data confidentiality can be maintained through Triple DES algorithm. Data Owner Let us consider the database as a training dataset and testing dataset. Training dataset is a raw data on which testing dataset is passed an input and generates decision tree for ID3 algorithm classification of the data over these dataset has been obtained. Classified results are known as intermediate dataset. Comparing the training and testing dataset Cloud Service It is a service provided for the user and data owner to get access the data, data owner gets the intermediate dataset from training dataset and testing dataset using the id3 algorithm and stores the data in cloud and then the user gets the data from the cloud which is stored by the data ownerwhich is encrypted . The user decrypts the data received from the cloud. Though the cloud provide the data many number of users can get access the same data by getting the authentication. Users User logged in, to get the data from the cloud inspite of number of users can get the same data by the user authentication technique by using the Triple DES. http://www.ijettjournal.org Page 5 International Journal of Engineering Trends and Technology (IJETT) – Volume 19 Number 1 – Jan 2015 Read Dataset User1 Data Owner User2 Intermediate dataset Dataset User3 Decrypts the data Decrypts the data 3 Decrypts the data Cloud Service Encrypted Data ID3 Classification algorithm: 1) Establish Classification Attribute 2) Compute Classification Entropy. 3) For every attribute in R set, compute Information Gain using classification attribute. 4) Choose Attribute with the highest information gain to be the next Node in the tree (starting from the main root node). 5) Eliminate or remove Node Attribute, creating reduced table RS set. 6) Repeat steps 3 to 5 until all attributes have been used or the same classification value remains for all rows in the reduced table. ID3 builds a decision tree from a fixed set of examples and the resulting tree is used to classify future samples and the example has several attributes and belongs to a class (like yes or no) and the leaf nodes of the decision tree contain the class name whereas a non-leaf node is a decision node and the decision node is an attribute test with each branch (to another decision tree) being a possible value of the attribute and ID3 uses information gain to help it decide which attribute goes into a decision node and the advantage of learning a decision tree is that a program rather than a knowledge engineer that elicits knowledge from a final expert. ISSN: 2231-5381 Gain measures how well a given attribute separates training examples into targeted classes. The only one with the highest information (information being the most useful for classification) is selected to define gain, we first borrow an idea from information theory called entropy and Entropy measures the amount of information in an attribute. Triple DES algorithm: Triple DES is the common name for the Triple Data Encryption Algorithm (TDEA) block cipher. It is so named because it applies the Data Encryption Standard (DES) cipher algorithm three times to each data block. Triple DES provides a relatively simple method of increasing the key size of DES to protect against brute force attacks, without requiring a completely new block cipher algorithm. The standards define three keying options: • Keying option 1: All three keys are independent. • Keying option 2: K1 and K2 are independent, and K3 = K1. http://www.ijettjournal.org Page 6 International Journal of Engineering Trends and Technology (IJETT) – Volume 19 Number 1 – Jan 2015 • Keying option 3: All three keys are identical, i.e. K1 = K2 = K3. Keying option 1 is the strongest, with 3 x 56 = 168 independent key bits. Keying option 2 provides less security, with 2 x 56 = 112 key bits. This option is stronger than simply DES encrypting twice, e.g. with K1 and K2, because it protects against meet-in-the-middle attacks. Keying option 3 is no better than DES, with only 56 key bits. This option provides backward compatibility with DES, because the first and second DES operations simply cancel out. It is no longer recommended by the National Institute of Standards and Technology (NIST) and not supported by ISO/IEC 18033-3. In general Triple DES with three independent keys (keying option 1) has a key length of 168 bits (three 56-bit DES keys), but due to the meet-in-the-middle attack the effective security it provides is only 112 bits. Keying option 2, reduces the key size to 112 bits. However, this option is susceptible to certain chosen-plaintext or knownplaintext attacks and thus it is designated by NIST to have only 80 bits of security. IV. CONCLUSION [5] Cloud Security Front and Center. Forrester Research. 200911-18.http://blogs.forrester.com/srm/2009/11/cloud-securityfront-andcenter.html [6] Cloud Security http://www.cloudsecurityalliance.org. Alliance. [7] Cloud Security Alliance, Security Guidance for Critical Areas of Focusin Cloud Computing, V2.1, http://www.clouds ecurityalliance.org/guidance/csaguide.v2.1.pdf. [8] S. Subashini, V.Kavitha. A survey on security issues in service deliverymodels of cloud computing. Journal of Network and ComputerApplications 34(2011)1-11. [9] Mohamed Al Morsy, John Grundy, Ingo Müller, “An Analysis of TheCloud Computing Security Problem,” in Proceedings of APSEC 2010Cloud Workshop, Sydney, Australia, 30th Nov 2010. [10] Yanpei Chen, Vern Paxson, Randy H. Katz, “What's New About CloudComputing Security?” Technical Report No.UCB/EECS-2010-5. http://www.eecs.berkeley.edu/Pubs/TechRpts/2010/EECS-20105.html BIOGRAPHIES The storage of data in the cloud places an important role for the purpose and to maintain security of data. Another problem for facing in the cloud computing is the authentication of users. In this paper we are using ID3 algorithm for classification of data and obtain the intermediate dataset. In this we are using another technique for generation of secret key for the encryption and decryption of transmitted data.. The encryption and decryption of transmitted data we are using Triple DES algorithm. After performing encryption of data stored into cloud in the form encrypted format. By providing those technique we are provide more security and efficiency for transferring data. REFERENCES [1] Peter Mell, and Tim Grance, “The NIST Definition of Cloud Computing,” Version 15, 10-7-09, http://www.wheresmyserver.co.nz/ storage/media/faq-files/clouddef-v15.pdf. [2] Sun Cloud Architecture Introduction White Paper (in Chinese).http://developers.sun.com.cn/blog/functionalca/resource/ sun_353cloudc omputing_chinese.pdf. [3] Cloud computing security, http://en.wikipedia.org/wiki/Cloud computing_security. ISSN: 2231-5381 [4] Gartner: Seven cloud-computing security risks. InfoWorld.2008-07-02.http://www.infoworld.com/d/securitycentral/gartner-seven-cloudcomputing-security-risks-853. Shaik Imran Hussin is a student in M.Tech (cse) in Dadi Institute of Engineering& Technology,Anakapalli .He received his B.Tech(cse) from Al-Ameer College of Engineering & Information Technology, Visakhapatnam His intresting areas are Cloud computing ,Dotnet and Data mining L.Prasanna Kumar received the M.Tech. degree in Computer Science& Technology. He is an AssociateProfessor in the Department of Computer Science &Engineering,DadiInstitute of Engineering&Technology, Anakapalle. His intresting areas of research are Datamining and cloud computing. http://www.ijettjournal.org Page 7
