May 25, 2018 - This paper attempts to solve cloud security by using intelligent system with genetic ... for adoption of cloud computing services [9, 10, 19].
Journal of Physics: Conference Series
PAPER • OPEN ACCESS
Intelligent cloud computing security using genetic algorithm as a computational tools To cite this article: Mazin H Razuky AL- Shaikhly 2018 J. Phys.: Conf. Ser. 1003 012024
View the article online for updates and enhancements.
This content was downloaded from IP address 139.81.75.104 on 25/05/2018 at 02:01
IHSCICONF2017 IOP Conf. Series: Journal of Physics: Conf. Series 1003 (2018) 1234567890 ‘’“” 012024
IOP Publishing doi:10.1088/1742-6596/1003/1/012024
Intelligent cloud computing security using genetic algorithm as a computational tools Mazin H Razuky AL- Shaikhly Baghdad College of Economic Sciences University
Abstract. An essential change had occurred in the field of Information Technology which represented with cloud computing, cloud giving virtual assets by means of web yet awesome difficulties in the field of information security and security assurance. Currently main problem with cloud computing is how to improve privacy and security for cloud "cloud is critical security" .This paper attempts to solve cloud security by using intelligent system with genetic algorithm as wall to provide cloud data secure, all services provided by cloud must detect who receive and register it to create list of users (trusted or un-trusted) depend on behavior .The execution of present proposal has shown great outcome.
Keywords. Cloud, cloud service, service seclude, genetic algorithm.
1. Introduction Currently one of the major topics of many information technology discussions is cloud computing and the key point in them is cloud computing security the main aim is relationship between system stability and security to improve security by using intelligent machine (genetic algorithm) as clear with section 2 cloud computing, section 3 intelligent system, section 4 experimental result and section 5 conclusion.
2. Cloud computing Cloud computing suppliers convey basic business applications online as administrations which are gotten to from another web administration or programming like a web browser, while the product and information are put away on server [1, 2]. 2.1 Cloud service and cloud deployment model type Cloud administrations conveyance demonstrate is ordinarily alluded to as a SPI and falls into three by and large acknowledged administrations is Saas, Paas and Iaas as show with Figure 1 [3, 17, 19].
Content from this work may be used under the terms of the Creative Commons Attribution 3.0 licence. Any further distribution of this work must maintain attribution to the author(s) and the title of the work, journal citation and DOI. Published under licence by IOP Publishing Ltd 1
IHSCICONF2017 IOP Conf. Series: Journal of Physics: Conf. Series 1003 (2018) 1234567890 ‘’“” 012024
IOP Publishing doi:10.1088/1742-6596/1003/1/012024
Figure 1. Cloud services delivery model [17] The cloud services can be implemented in four deployment models: 1. Public Cloud: The cloud framework is influenced accessible to the overall population or extensive industry to gathering and is claimed by an association offering cloud administrations. 2. Private Cloud: The cloud foundation is worked completely for a solitary association. It might be overseen by the association or an outsider, and may exist on-premises or o-premises. 3. Community Cloud: The cloud framework is shared by a few associations and backings a specific group. It might be overseen by the associations or an outsider, and may exist onpremises or o_premises. 4. Hybrid Cloud: The cloud infrastructure is a composition of two or more clouds (private, community or public) that are bound together by standardized or proprietary technology that enables portability of data and application [1, 10, 19]. 2.2 Scheduler of cloud computing service Cloud computing administrations have developed in prevalence, the measure of information and assignments to be managed have additionally strongly expanded, requiring a great deal of framework assets and some of the time bringing about extreme asset waste . Aim to schedule these data and tasks more efficiently. In order to analyze the problem at a somewhat detailed level see Figure 2 (module for cloud task scheduling) [4, 5, 6, 18].
2
IHSCICONF2017 IOP Conf. Series: Journal of Physics: Conf. Series 1003 (2018) 1234567890 ‘’“” 012024
IOP Publishing doi:10.1088/1742-6596/1003/1/012024
Figure 2. Module for cloud task scheduling [4]. Round-robin (RR) is one of the calculations utilizes by process and system schedulers in registering [7, 8]. As the term is by and large utilized, time cuts (otherwise called time quanta) [9]. Round-robin planning is basic, simple to actualize, and sans starvation. Round-robin planning can likewise be connected to other booking issues, for example, information bundle planning for PC systems. It is a working framework concept [10]. 2.3 security and stability relation between us It is well-known that cloud computing has many potential advantages and many enterprise applications and data are migrating to public or hybrid cloud. But regarding some business-critical applications, the organizations, especially large enterprises, still wouldn't move them to cloud. The market size the cloud computing shared is still far behind the one expected. From the consumers' perspective, cloud computing security concerns, especially data security and privacy protection issues, remain the primary inhibitor for adoption of cloud computing services [9, 10, 19]. Modern computer systems are plagued with stability and security problems: applications lose data, web servers are hacked, and systems crash under heavy load. Many of these problems arise from rare program behaviors. PH (process Homeostasis) is a Linux 2.2 kernel extension which detects unusual program behavior and responds by slowing down that behavior. Inspired by the homeostatic mechanisms organisms use to stabilize their internal environment, pH detects changes in program behavior by observing changes in short sequences of system calls. When pH determines that a process is behaving unusually, it responds by slowing down that process's system calls. If the anomaly corresponds to a security violation, delays often stop attacks before they can do damage. Delays also give users time to decide whether further actions are warranted [11, 12, 13] 2.4 Cloud computing security Expansion to returning to approaches for particular issues in securing shared registering, history shows us that creating security designs ahead of schedule in the process can pay off extraordinarily as frameworks advance and accumulate more divergent usefulness. Then again, the historical backdrop of business Internet offerings over and over demonstrates that opportunity to-advertise and undermining costs can extraordinarily influence clients even without sound security underpinnings. The circumstance might be fairly extraordinary this time around, in any case, given that quite a bit of distributed computing
3
IHSCICONF2017 IOP Conf. Series: Journal of Physics: Conf. Series 1003 (2018) 1234567890 ‘’“” 012024
IOP Publishing doi:10.1088/1742-6596/1003/1/012024
targets clients who have broad business reasons (and scars from the past) driving them to regard security as a hoisted need. We close our dialog with what we observe to be a fascinating analogy. Companies, for example, National CSS started by offering moderate calculation for organizations. Time-sharing in the end offered approach to PCs, which conveyed reasonable calculation to the overall population. In a comparative design, distributed computing right now offers reasonable, substantial scale calculation for organizations. In the event that the monetary case wins, at that point we may find that nothing—not even security concerns—will keep distributed computing from turning into a shopper ware. Similarly as the item PC and the Internet achieved the Information Revolution, and made data all around available, moderate, and helpful, so too clouds figuring can possibly realize the Computation Revolution, in which substantial scale calculations turn out to be generally open, reasonable, and valuable. We should trust we can add to this result “and be reasonably safe [14, 15, 16, 19]. 3. Intelligent system This section explains the main item of the proposed algorithm that related with (scheduler of process and stability) as: 3.1 Introduction Attempted to design intelligent (secure /scheduler) system to improve system stability and security using genetic algorithm as tool. System is described with following sections. 3.2 Record coding Now explain the coding using in genetic algorithm and as main data for operate system: 1. Ip address 32 bit. 2. Service type (Saas m Iaas and Paas) with two bit as: 00 don't cure, 01 Saas, 10 Iaas and 11 Paas. 3. Trusted value 4 bit. 4. Block 1 bit. Table 1 illustrate the representing. Table 1. Coding representing 186:101:83:167 PAAS 186:142:116:120IAAS
10111010011001010101001110100111 11---wait test 5 bit 4,5 10111010100011100111010001111000 10---wait test 5 bit 4,5
3.3 Intelligent scheduler and security algorithm While traffic increased attack may be increasing because system inter to critical region (un-stability in system )and attempt to avoid latch process thus using slice time scheduler method for processing (with control on process select ).as shown in algorithm 1. Algorithm 1 main; Input (query list from different client) Output (demand service "true or false") 1-Start. 2- Create initial list.
4
IHSCICONF2017 IOP Conf. Series: Journal of Physics: Conf. Series 1003 (2018) 1234567890 ‘’“” 012024
IOP Publishing doi:10.1088/1742-6596/1003/1/012024
3- While I/O channel on. 3.1 check stability depend on service. 3.2 check download depend on service. 3.3 if download balance error (inter with critical zoon) insert process with special. queue and rearrange process queue. 3.4 Start with service after check above depend on service. 3.5 update service queue. 3.6 update critical queue. Until service queue end, 4-indecte all critical process and random arrange for all without any contiguous same IP request. 5-Save update and flag all request. 6-end, Algorithm 2 check stability; Input (system resource (for supplies services), request list, current status, time) Output (demand service "true or false") 1- Start. 2- If system supply service stabile then supply service else call check_process_status 3- end Algorithm 3 check download; Input (current request, download rang, system current statues, time) Output (demand service "true or false") 1- Start 2- If download in rang then demand service else call check_process_status 3- end Algorithm 4 check_process_status; Input (current request, system current statues,time) Output (delete process “true or false" // send request in un stable queue) 1- start 2- delay and check Start new timer If time out then delete (save to un balance queue and decrees demand" time , else if luch process then delete (save to un balance queue and decrees demand" time , download")
5
download")
IHSCICONF2017 IOP Conf. Series: Journal of Physics: Conf. Series 1003 (2018) 1234567890 ‘’“” 012024
IOP Publishing doi:10.1088/1742-6596/1003/1/012024
3- end Algorithm 5 queue operate. For special process "service time set to low rang" Input (queue, max. time,system current status) Output (demand service) 1- Start 2- Demand service using slice time (round robin) scheduler algorithm // to improve stability and service all request 3- end 4. Experimental results Running of simulated system with Genetic and slice scheduler feature (in traffic mode) saves the following value from system with fitness, following chart gives sample fragment view, where X axis = 1.48 sequence of IP as total (divide as request 1-13 SAAS 2-18 request IAAS 3-12 request PAAS) and Y axis =1..15 fitness value (threat degree) if fitness value [current IP] = 15-1” (max threat ) then block IP[current], Where current= current I/O value Figure 3 and Table 2 give detail on ( IP address, 32 bit value for IP , service and trusted value). 1SAAS 16 14 12 10 8
Series1
6 4 2 0
17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1
6
IHSCICONF2017 IOP Conf. Series: Journal of Physics: Conf. Series 1003 (2018) 1234567890 ‘’“” 012024
IOP Publishing doi:10.1088/1742-6596/1003/1/012024
2IAAS 16 14 12 10 8
Series1
6 4 2 0 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1
3PAAS 16 14 12 10 8
Series1
6 4 2 0 12 11 10
9
8
7
6
5
Figure 3(a)
7
4
3
2
1
IHSCICONF2017 IOP Conf. Series: Journal of Physics: Conf. Series 1003 (2018) 1234567890 ‘’“” 012024
IOP Publishing doi:10.1088/1742-6596/1003/1/012024
result chart 16 14 12 10 8 6
4 2 0 20
15
10
Series1
5
Series2
0
Series3
Figure 3. (a, b) results chart Table 2 Result table Where S= service IP Adress 180:106:90:174 186:148:123:127 183:164:59:119 174:59:171:130 195:159:92:181 177:98:135:197 182:121:134:53 174:104:110:74 178:61:93:41 187:158:200:67 174:119:210:186 175:109:48:71 182:133:120:73 174:127:90:162 195:95:163:144 178:133:65:239 191:35:122:80 191:77:102:233 187:93:38:78 178:138:203:89 173:88:124:140 174:177:167:103 179:91:167:158 172:34:142:180 175:141:73:147 191:127:233:173
T=trusted value IP address as binary cone 10110100011010100101101010101110 10111010100101000111101101111111 10110111101001000011101101110111 10101110001110111010101110000010 11000011100111110101110010110101 10110001011000101000011111000101 10110110011110011000011000110101 10101110011010000110111001001010 10110010001111010101110100101001 10111011100111101100100001000011 10101110011101111101001010111010 10101111011011010011000001000111 10110110100001010111100001001001 10101110011111110101101010100010 11000011010111111010001110010000 10110010100001010100000111101111 10111111001000110111101001010000 10111111010011010110011011101001 10111011010111010010011001001110 10110010100010101100101101011001 10101101010110000111110010001100 10101110101100011010011101100111 10110011010110111010011110011110 10101100001000101000111010110100 10101111100011010100100110010011 10111111011111111110100110101101
8
S 3 3 2 2 1 1 3 2 3 2 2 1 2 1 1 2 3 2 2 2 2 1 3 2 3 2
T 3 7 1 3 9 7 9 1 3 6 1 2 1 12 15 6 7 11 8 10 1 11 13 5 8 11
IHSCICONF2017 IOP Conf. Series: Journal of Physics: Conf. Series 1003 (2018) 1234567890 ‘’“” 012024
197:48:42:92 172:39:80:176 176:153:221:100 194:148:192:190 189:156:64:172 191:154:166:67 178:166:198:82 175:79:232:235 178:95:168:81 188:180:80:239 176:50:147:89 184:139:44:52 189:53:190:108 182:146:218:182 185:103:149:96 194:89:56:123 181:161:118:41 182:151:157:126 186:116:98:50 178:110:68:140 173:158:193:175 182:156:95:123 188:168:99:110 188:60:133:210
IOP Publishing doi:10.1088/1742-6596/1003/1/012024
11000101001100000010101001011100 10101100001001110101000010110000 10110000100110011101110101100100 11000010100101001100000010111110 10111101100111000100000010101100 10111111100110101010011001000011 10110010101001101100011001010010 10101111010011111110100011101011 10110010010111111010100001010001 10111100101101000101000011101111 10110000001100101001001101011001 10111000100010110010110000110100 10111101001101011011111001101100 10110110100100101101101010110110 10111001011001111001010101100000 11000010010110010011100001111011 10110101101000010111011000101001 10110110100101111001110101111110 10111010011101000110001000110010 10110010011011100100010010001100 10101101100111101100000110101111 10110110100111000101111101111011 10111100101010000110001101101110 10111100001111001000010111010010
1 1 3 2 1 3 3 2 2 1 1 2 1 2 1 3 3 2 1 3 1 1 3 1
6 6 12 8 11 2 13 2 13 13 4 14 1 11 11 14 9 9 15 11 1 10 9 10
5. Conclusion For present study can conclude the following: 1. Results obtained shaved good indication of the present (test with simulated environment of real world). 2. While traffic increase, attaching attack easier. 3. Any change in fitness and time slice gives the new feature to system (the current fitness, time slice may be better).
References [1] Security and Communication Networks group. Cloud Service Scheduling Algorithm Research and Optimization, SCNG, Article ID 2503153, 2017. [2} David Wagner, Drew Dean. Intrusion detection via static analysis. In Proceedings of the IEEE Symposium on Security and Privacy, 2001. [3] Tim Mather, Subra Kumaraswamy, Shahed Latif. Cloud Security and Privacy. O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472, 2009. [4] T. Muth, J. Peters, J. Blackburn, E. Rapp, L. Martens. Proteocloud: a full-featured open source proteomics cloud computing pipeline. Journal of Proteomics, 2013, 5 I (12). [5] W. Zhao, T. Tao, E. Zio. System reliability prediction by support vector regression with analytic selection and genetic algorithm parameters selection. Applied Soft Computing, 2015, 4 (I):15.
9
IHSCICONF2017 IOP Conf. Series: Journal of Physics: Conf. Series 1003 (2018) 1234567890 ‘’“” 012024
[6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19]
IOP Publishing doi:10.1088/1742-6596/1003/1/012024
Y. M. Wang, H. L. Yin. A two-stage approach based on genetic algorithm for large size flow shop scheduling problem. In Proceedings of the 10th IEEE International Conference on Mechatronics and Automation (IEEE ICMA '13), Takamatsu, Japan, 2013: 376–381. Arpaci-Dusseau, Remzi H.; Arpaci-Dusseau. Operating Systems Three Easy Pieces. ArpaciDusseau Books, Andrea C., 2014. Jump Zander, Ki Won Sung, Ben Slimane. Fundamentals of Mobile Data Networks. Cambridge University Press, ISBN 1107143217, 2016. A. Kaleeswaran, V. Ramasam y, P. Vivekanandan. DYNAMIC SCHEDULING OF DATA USING GENETIC ALGORITHM IN CLOUD COMPUTING. India IUP, 2013. Zai Liji,Uiai Pia. Computer Science and Electronics Engineering. IEEE Conference (Hangzhou, China) 2012:23-25. X. Wang, D. Reeves, S.F. Wu, J. Yuill. Sleepy watermark tracing: anactive network-based intrusion response framework. In Proceedings of the IFIPConference on Security, Paris, 2001. Anil Buntwal Somayaji, Operating System Stability and Security through Process Homeostasis. University of New Mexico, 2002. Stefan Axelsson. Intrusion detection systems: A taxomomy and survey. Dept. of Computer Engineering, Chalmers University of Technology, conf., 2000. Vern Paxson, Randy H. Katz. What’s New about Cloud Computing Security? University of California, 2010. A. Stamos, A. Becherer, N. Wilcox. Cloud computing. Security—raining on the trendy new parade. Black Hat USA, 2009. J. Stokes, T-Mobile, Microsoft. Danger data loss is bad for the cloud, Ars technical, 2009. Bharat Bhargava, YounSun Cho. Cloud Security and Privacy. Computer Science Purdue University, 2014. Jump up, Stallings. Operating Systems Internals and Design Principles Pearson. William Press, 2015. Firas A. Abdulatif, Maan zuhiar. Cloud Security Issues and Challenges: Important Points to Move towards Cloud Storage. IJSR, 2017, 6 (8).
10
