• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>IEEE Transactions on Parallel and Distributed Systems >Securing Coding-Based Cloud Storage Against Pollution Attacks
【24h】

Securing Coding-Based Cloud Storage Against Pollution Attacks

机译:保护基于编码的云存储免受污染攻击

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

The widespread diffusion of distributed and cloud storage solutions has changed dramatically the way users, system designers, and service providers manage their data. Outsourcing data on remote storage provides indeed many advantages in terms of both capital and operational costs. The security of data outsourced to the cloud, however, still represents one of the major concerns for all stakeholders. Pollution attacks, whereby a set of malicious entities attempt to corrupt stored data, are one of the many risks that affect cloud data security. In this paper we deal with pollution attacks in coding-based block-level cloud storage systems, i.e., systems that use linear codes to fragment, encode, and disperse virtual disk sectors across a set of storage nodes to achieve desired levels of redundancy, and to improve reliability and availability without sacrificing performance. Unfortunately, the effects of a pollution attack on linear coding can be disastrous, since a single polluted fragment can propagate pervasively in the decoding phase, thus hampering the whole sector. In this work we show that, using rateless codes, we can design an early pollution detection algorithm able to spot the presence of an attack while fetching the data from cloud storage during the normal disk reading operations. The alarm triggers a procedure that locates the polluting nodes using the proposed detection mechanism along with statistical inference. The performance of the proposed solution is analyzed under several aspects using both analytical modelling and accurate simulation using real disk traces. Our results show that the proposed approach is very robust and is able to effectively isolate the polluters, even in harsh conditions, provided that enough data redundancy is used.
机译:分布式和云存储解决方案的广泛传播已经极大地改变了用户,系统设计人员和服务提供商管理数据的方式。在远程存储上外包数据的确在资金和运营成本方面提供了很多优势。但是,外包给云的数据的安全性仍然是所有利益相关者关注的主要问题之一。污染攻击(一组恶意实体试图破坏存储的数据)是影响云数据安全的众多风险之一。在本文中,我们处理基于编码的块级云存储系统中的污染攻击,即使用线性代码对一组存储节点上的虚拟磁盘扇区进行分段,编码和分散的系统,以实现所需的冗余级别;以及在不牺牲性能的情况下提高可靠性和可用性。不幸的是,污染攻击对线性编码的影响可能是灾难性的,因为单个污染的片段会在解码阶段普遍传播,从而阻碍了整个行业。在这项工作中,我们表明,使用无速率代码,我们可以设计一种早期污染检测算法,该算法能够在正常磁盘读取操作期间从云存储中提取数据时发现攻击的存在。警报触发一个过程,该过程使用建议的检测机制以及统计推断来定位污染节点。使用解析模型和使用真实磁盘迹线的精确模拟在几个方面分析了所提出解决方案的性能。我们的结果表明,如果使用了足够的数据冗余性,那么即使在恶劣的条件下,所提出的方法也非常健壮,并且能够有效隔离污染源。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号