Cost-Performance Trade-Offs in Fog Computing for IoT Data Processing of Social Virtual Reality

Wang, Songjie; Valluripally, Samaikya; Mitra, R.; Nuguri, Sai Shreya; Calyam, Prasad

doi:10.1109/icfc.2019.00025

Cited by 6 publications

(4 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…With the dynamic user-system interactions for content rendering, VRLEs are a target for an attacker to trigger security attacks [5], [7]. In addition, the work in [8] details about the performance issues that can disrupt the social VRLE user experience. However, prior works lack in the knowledge to address both performance and security issues that can impact the user experience and user safety in VRLE sessions.…”

Section: Need For Active Defense In Cloud-hosted Videobased Applicationsmentioning

confidence: 99%

“…Prior works [5,7,8] addressed performance and security issues in social VRLE applications. The work in [5] described potential security, privacy and safety issues that can trigger disruption in the VRLE application functionality.…”

Section: Factors Impacting Vrle Applicationsmentioning

confidence: 99%

“…In addition, the work in [7] also detailed vulnerable components in VRLE that can lead to sophisticated cyber-attacks such as Loss of Integrity and privacy leakage. Authors in [8] model performance issues via a 3Q-model to determine the causes of disruption of VRLE user experience.…”

Section: Factors Impacting Vrle Applicationsmentioning

confidence: 99%

“…The mean response time (RT q ) to process an anomaly event in the queue can be obtained by using the Little's formula [8].…”

Section: Priority-based Queuing Modelmentioning

confidence: 99%

See 3 more Smart Citations

Securing cloud-hosted applications using active defense with rule-based adaptations

Akashe¹

View full text Add to dashboard Cite

Security cloud-based applications is a dynamic problem since modern attacks are always evolving in their sophistication and disruption impact. Active defense is a state-of-the-art paradigm where proactive or reactive cybersecurity strategies are used to augment passive defense policies (e.g., firewalls). It involves using knowledge of the adversary to create of dynamic policy measures to secure resources and outsmart adversaries to make cyber-attacks difficult to execute. Using intelligent threat detection systems based on machine learning and active defense solutions implemented via cloud resource adaptations, we can slowdown attacks and derail attackers at an early stage so that they cannot proceed with their plots, while also increasing the probability that they will expose their presence or reveal their attack vectors. In this MS Thesis, we demonstrate the concept and benefits of active defense in securing cloud-based applications through rule-based adaptations on distributed resources. Specifically, we propose two novel active defense strategies to mitigate impact of security anomaly events within: (a) social virtual reality learning environment (VRLE), and (b) healthcare data sharing environment (HDSE). Our first strategy involves a "rule-based 3QS-adaptation framework" that performs risk and cost aware trade-off analysis to control cybersickness due to performance/security anomaly events during a VRLE session. VRLEs provide immersive experience to users with increased accessibility to remote learning, thus a breach of security in critical VRLE application domains (e.g., healthcare, military training, manufacturing) can disrupt functionality and induce cybersickness. Our framework implementation in a real-world social VRLE viz., vSocial monitors performance/security anomaly events in network data. In the event of an anomaly, the framework features rule-based adaptations that are triggered by using various decision metrics. Based on our experimental results, we demonstrate the effectiveness of our rulebased 3QS-adaptation framework in reducing cybersickness levels, while maintaining application functionality. Our second strategy involves a "defense by pretense methodology" that uses real-time attack detection and creates cyber deception for HDSE applications. Healthcare data consumers (e.g., clinicians and researchers) require access to massive, protected datasets, thus loss of assurance/auditability of critical data such as Electronic Health Records (EHR) can severely impact loss of privacy of patient's data and the reputation of the healthcare organizations. Our cyber deception utilizes elastic capacity provisioning via use of rule-based adaptation to provision Quarantine Virtual Machines (QVMs) that handle redirected attacker's traffic and increase threat intelligence collection. We evaluate our defense by pretense design by creating an experimental Amazon Web Services (AWS) testbed hosting a real-world OHDSI setup for protected health data analytics/sharing with electronic health record data (SynPUF) and publications data (CORD-19) related to COVID-19. Our experiment results show how we can successfully detect targeted attacks such as e.g., DDoS and create redirection of attack sources to QVMs.

show abstract

Section: Need For Active Defense In Cloud-hosted Videobased Applicationsmentioning

confidence: 99%