Mitigating Voltage Attacks in Multi-Tenant FPGAs

George Provelengios; Daniel Holcomb; Russell Tessier

doi:10.1145/3451236

Mitigating Voltage Attacks in Multi-Tenant FPGAs

ACM Transactions on Reconfigurable Technology and Systems ◽

10.1145/3451236 ◽

2021 ◽

Vol 14 (2) ◽

pp. 1-24

Author(s):

George Provelengios ◽

Daniel Holcomb ◽

Russell Tessier

Keyword(s):

Cloud Computing ◽

Embedded System ◽

Fault Injection ◽

Denial Of Service ◽

Cloud Services ◽

Design Rule ◽

Clock Signal ◽

Security Issues ◽

Injection Attacks ◽

Logic Resource

Recent research has exposed a number of security issues related to the use of FPGAs in embedded system and cloud computing environments. Circuits that deliberately waste power can be carefully crafted by a malicious cloud FPGA user and deployed to cause denial-of-service and fault injection attacks. The main defense strategy used by FPGA cloud services involves checking user-submitted designs for circuit structures that are known to aggressively consume power. Unfortunately, this approach is limited by an attacker’s ability to conceive new designs that defeat existing checkers. In this work, our contributions are twofold. We evaluate a variety of circuit power wasting techniques that typically are not flagged by design rule checks imposed by FPGA cloud computing vendors. The efficiencies of five power wasting circuits, including our new design, are evaluated in terms of power consumed per logic resource. We then show that the source of voltage attacks based on power wasters can be identified. Our monitoring approach localizes the attack and suppresses the clock signal for the target region within 21 μs, which is fast enough to stop an attack before it causes a board reset. All experiments are performed using a state-of-the-art Intel Stratix 10 FPGA.

Download Full-text

Cloud computing security: a survey

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.21.12439 ◽

2018 ◽

Vol 7 (2.21) ◽

pp. 355

Author(s):

P Sheela Gowr ◽

N Kumar

Keyword(s):

Cloud Computing ◽

Information Flow ◽

Data Encryption ◽

Information Services ◽

Ease Of Use ◽

Cloud Services ◽

Authentication Scheme ◽

Data Confidentiality ◽

Cloud Computing Security ◽

Security Issues

Cloud computing was a hasting expertise which has innovated to a collection of new explores. A sub-ordinate device for Information services, it has an ability towards encourage development by feeding convenient environments for a choice of forms of development is different sequence. Clouds usually consider being eco-friendly, however keep it has open to the diversity of some security issues to can change together the feeder as well as users of these cloud services. In this issue are principally associated to the protection of the information flow throughout also being store in the cloud, with simple problems along with data ease of use, data right to use and data confidentiality. Data encryption and service authentication scheme has been initiated by the industries to deal with them. In this paper analyse and examine different issues on security beside with the different procedure worn by the industries to solve these effects.

Download Full-text

A New Secure Model for Data Protection over Cloud Computing

Computational Intelligence and Neuroscience ◽

10.1155/2021/8113253 ◽

2021 ◽

Vol 2021 ◽

pp. 1-11

Author(s):

Amr M. Sauber ◽

Passent M. El-Kafrawy ◽

Amr F. Shawish ◽

Mohamed A. Amin ◽

Ismail M. Hagag

Keyword(s):

Cloud Computing ◽

Data Storage ◽

Data Protection ◽

Cloud Services ◽

Security And Privacy ◽

Storage Model ◽

Cloud Data ◽

Security Issues ◽

Data Owner ◽

Proposed Model

The main goal of any data storage model on the cloud is accessing data in an easy way without risking its security. A security consideration is a major aspect in any cloud data storage model to provide safety and efficiency. In this paper, we propose a secure data protection model over the cloud. The proposed model presents a solution to some security issues of cloud such as data protection from any violations and protection from a fake authorized identity user, which adversely affects the security of the cloud. This paper includes multiple issues and challenges with cloud computing that impairs security and privacy of data. It presents the threats and attacks that affect data residing in the cloud. Our proposed model provides the benefits and effectiveness of security in cloud computing such as enhancement of the encryption of data in the cloud. It provides security and scalability of data sharing for users on the cloud computing. Our model achieves the security functions over cloud computing such as identification and authentication, authorization, and encryption. Also, this model protects the system from any fake data owner who enters malicious information that may destroy the main goal of cloud services. We develop the one-time password (OTP) as a logging technique and uploading technique to protect users and data owners from any fake unauthorized access to the cloud. We implement our model using a simulation of the model called Next Generation Secure Cloud Server (NG-Cloud). These results increase the security protection techniques for end user and data owner from fake user and fake data owner in the cloud.

Download Full-text

Navigating a cloud services agreement

Australian Journal of Telecommunications and the Digital Economy ◽

10.18080/jtde.v1n1.218 ◽

2019 ◽

Vol 1 (1) ◽

Author(s):

Advokat Lars Perhard

Keyword(s):

Cloud Computing ◽

New Technology ◽

Informed Decision ◽

Legal Issues ◽

Cloud Services ◽

Security Issues ◽

Need For Information

Cloud Sweden is a story about how a group of experienced IT-people from different sectors of the industry came together and discussed a relatively new phenomenon called the Cloud; or what is today labelled as Cloud computing. And they realised there was a tremendous momentum and potential prosperity connected to it. They also concluded that in order to support potential users and to promote Sweden as an IT-oriented country in the forefront of the development there was a need for information – organisations considering migrating their IT functions to the Cloud should at least be able to make an informed decision. There are significant advantages with this new technology, but also a number of pitfalls that any user should be aware of. There were for example critical security issues at hand before when the servers were placed within the four walls of the office and there still are critical security issues relating to the Cloud. However, the issues to solve are different. Cloud Sweden was founded and the different branches of the group have produced a number of documents published on its website. Cloud Sweden has apart from a number of members working actively in the steering and competence groups several thousand members from the industry in a Linkedin network. In this article you will find a sample of what the legal group of Cloud Sweden has produced – a primer of legal issues that a migrant shall pay attention to before the leap into the Cloud.

Download Full-text

Mobile Cloud Computing

Applications of Security, Mobile, Analytic, and Cloud (SMAC) Technologies for Effective Information Processing and Management - Advances in Computer and Electrical Engineering ◽

10.4018/978-1-5225-4044-1.ch006 ◽

2018 ◽

pp. 105-123

Author(s):

Parkavi R ◽

Priyanka C ◽

Sujitha S. ◽

Sheik Abdullah A

Keyword(s):

Cloud Computing ◽

Mobile Computing ◽

Mobile Devices ◽

Mobile Cloud Computing ◽

Cloud Services ◽

Mobile Cloud ◽

Mobile Service ◽

Service Users ◽

Security Issues ◽

Mobile Computing Environment

Mobile Cloud Computing (MCC) which combines mobile computing and cloud computing, has become one of the industry ring words and a major conversation thread in the IT world with an explosive development of the mobile applications and emerging of cloud computing idea, the MCC has become a possible technology for the mobile service users. The concepts of Cloud computing are naturally meshed with mobile devices to allow on-the-go functionalities and benefits. The mobile cloud computing is emerging as one of the most important branches of cloud computing and it is expected to expand the mobile ecosystems. As more mobile devices enter the market and evolve, certainly security issues will grow as well. Also, enormous growth in the variety of devices connected to the Internet will further drive security needs. MCC provides a platform where mobile users make use of cloud services on mobile devices. The use of MCC minimizes the performance, compatibility, and lack of resources issues in mobile computing environment.

Download Full-text

Multi-Perspectives of Cloud Computing Service Adoption Quality and Risks in Higher Education

Handbook of Research on Modern Educational Technologies, Applications, and Management ◽

10.4018/978-1-7998-3476-2.ch001 ◽

2021 ◽

pp. 1-19

Author(s):

Mohammed Banu Ali

Keyword(s):

Cloud Computing ◽

Cloud Services ◽

Innovative Technology ◽

Sensitive Information ◽

Service Adoption ◽

Cloud Adoption ◽

Convincing Argument ◽

Security Issues ◽

Collaborative Tools ◽

Cloud Computing Service

Universities worldwide are starting to turn to cloud computing. The quality characteristics, which include access to a wider network of computing resources, pay-as-you-go services, self-services, agile services, and resource centralisation provide a convincing argument for HEIs to adopt cloud services. However, the risks leading to non-adoption range from security issues to a lack of cloud vendor support. The findings suggest that security, privacy, and trust are the key determinants to non-adoption as stakeholders felt that the cloud cannot fully guarantee the safeguarding of sensitive information. Key determinants to cloud adoption include improving relationships between students and teachers via collaborative tools and proposing cloud apps for mobile devices for accessing virtual learning materials and email securely off-campus. In conclusion, university stakeholders are still unconvinced about adopting cloud services, but future advances of the cloud may help to steer their decision to adopt this innovative technology given its overwhelming potential.

Download Full-text

Adaptive Learning and Automatic Filtering of Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environment

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.a1039.1291s319 ◽

2019 ◽

Vol 9 (1S3) ◽

pp. 200-205

Keyword(s):

Cloud Computing ◽

Adaptive Learning ◽

Denial Of Service ◽

Cloud Services ◽

Detection Accuracy ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Computing Environment ◽

Cloud Computing Environment ◽

Automatic Filtering

Distributed Denial of Service (DDoS) attacks has become the most powerful cyber weapon to target the businesses that operate on the cloud computing environment. The sophisticated DDoS attack affects the functionalities of the cloud services and affects its core capabilities of cloud such as availability and reliability. The current intrusion detection system (IDS) must cope with the dynamicity and intensity of immense traffic at the cloud hosted applications and the security attack must be inspected based on the attack flow characteristics. Hence, the proposed Adaptive Learning and Automatic Filtering of Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environment is designed to adapt with varying kind of protocol attacks using misuse detection. The system is equipped with custom and threshold techniques that satisfies security requirements and can identify the different DDoS security attacks. The proposed system provides promising results in detecting the DDoS attacks in cloud environment with high detection accuracy and good alert reduction. Threshold method provides 98% detection accuracy with 99.91%, 99.92% and 99.94% alert reduction for ICMP, UDP and TCP SYN flood attack. The defense system filters the attack sources at the target virtual instance and protects the cloud applications from DDoS attacks.

Download Full-text

An Analysis of Cloud Computing Security Issues

International Journal of Scientific Research in Science and Technology ◽

10.32628/ijsrst207239 ◽

2016 ◽

pp. 212-217

Author(s):

Baldev Singh

Keyword(s):

Cloud Computing ◽

Cloud Security ◽

Cloud Services ◽

Security Requirements ◽

Hybrid Technique ◽

Independent Manner ◽

Cloud Computing Security ◽

Security Issues ◽

Effective Implementation ◽

The Past

Cloud computing is one of the emerged technologies in the past decade. Tremendous growth is noticed in the usage and implementation of Cloud computing. Although cloud spectrum is widely popular still there are lot of challenges and issues to be addressed for its optimal usage. Vulnerabilities and threats to the cloud services leads to attacks and exploitation of resources as well as data breaches and privacy violations that need to be addressed at the cloud customer satisfaction level. This paper highlights different cloud security issues and their security requirements. The review aspects and findings of the paper can be used as a reference for further appropriate and effective implementation from the suggested practically viable cloud security solution in an independent manner or using as a hybrid technique.

Download Full-text

Shield Advanced Mitigation System of Distributed Denial of Service Attack in Integration of Internet of Things and Cloud Computing Environment

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.a4841.129219 ◽

2019 ◽

Vol 9 (2) ◽

pp. 1300-1306

Keyword(s):

Cloud Computing ◽

Internet Of Things ◽

Denial Of Service ◽

Cloud Services ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Denial Of Service Attack ◽

Ddos Attack ◽

Service Attack ◽

Verification Process

Cloud services among public and business companies have become popular in recent years. For production activities, many companies rely on cloud technology. Distributed Denial of Services (DDoS) attack is an extremely damaging general and critical type of cloud attacks. Several efforts have been made in recent years to identify numerous types of DDoS attacks. This paper discusses the different types of DDoS attacks and their cloud computing consequences. Distributed Denial of Service attack (DDoS) is a malicious attempt to disrupt the normal movement of a targeted server, service or network through influx of internet traffic overwhelming the target or its infrastructure. The use of multiple affected computer systems as a source of attacks makes DDoS attacks effective. Computers and other networked tools, including IoT phones, may be included on exploited machines. A DDoS attack from a high level resembles a traffic jam that is caused by roads that prevents normal travel at their desired destination. So DDoS Attack is a major challenging problem in integrated Cloud and IoT. Hence, this paper proposes Shield Advanced Mitigation System of Distributed Denial of Service Attack in the integration of Internet of Things and Cloud Computing Environment. This secure architecture use two verification process to identify whether user is legitimate or malicious. Dynamic Captcha Testing with Equal Probability test for first verification process, moreover Zigsaw Image Puzzle Test is used for second verification process, and Intrusion Detection Prevention System is used to identify and prevent malicious user, moreover reverse proxy is used to hide server location. These functional components and flow could strengthen security in Client side network to provide cloud services furthermore to overcome distributed denial of service attack in the integration of Internet of Things and Cloud Environment.

Download Full-text

Use of Cloud Computing In Higher Education of Pakistan

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.b7730.129219 ◽

2019 ◽

Vol 9 (2) ◽

pp. 3221-3225

Keyword(s):

Cloud Computing ◽

Personal Data ◽

Cost Effective ◽

Cloud Services ◽

Educational Institutions ◽

Social Emotional ◽

Security Issues ◽

External Threats ◽

Technological Facility ◽

Ease Of Access

Cloud computing is an internet-based service of delivering technology to users and an important technological facility where mutual resources are delivered on demand. Usage of cloud computing in educational Institutions provides students as well as administrative staff an opportunity to access various applications and knowledge swiftly. Its simplicity, upfront-cost, reduced downtime and less management effort make this service acceptable for all fragments of society particularly students and teachers. Despite the fact that the cloud computing technology is very useful, such as ease of access, cost effective. It has various issues like security violations, data confidentiality, data integrity, regional and geographical restrictions over the data. Safe cloud services are required to protect its users from different external threats such as disclosure or loss of data and compromising of users’ accounts. Users’ understanding about the cloud computing’s advantages, disadvantages and security issues can protect them from potential threats while ensuring its optimal usage in education. In this paper, a survey has been conducted to identify students understanding about the advantages, disadvantages and security issues regarding cloud computing in the educational sector. A sample of 212 respondents from graduate and undergraduate programs was taken to obtain required information. The findings reveal a lack of awareness about the use of cloud computing, its benefits, and security concerns and the implications of this deficiency are critical as multiple issues like outflow of personal data and its loss is faced by its users which may have adverse social, emotional and professional effects on student’s life. Considering the usefulness as well as the sensitivity of cloud computing in educational institutions, Authors propose maximum utilization of cloud computing in educational sector while ensuring the security of its users.

Download Full-text

AN EFFICIENT APPROACH TO IMPLEMENT FEDERATED CLOUDS

Asian Journal of Pharmaceutical and Clinical Research ◽

10.22159/ajpcr.2017.v10s1.19543 ◽

2017 ◽

Vol 10 (13) ◽

pp. 40

Author(s):

Pappu Sowmya ◽

R Kumar

Keyword(s):

Cloud Computing ◽

Data Storage ◽

Low Cost ◽

Cloud Service ◽

Cloud Services ◽

The Internet ◽

Security Model ◽

Privacy And Security ◽

Security Issues ◽

Internet Users

Cloud computing is one of the trending technologies that provide boundless virtualized resources to the internet users as an important services through the internet, while providing the privacy and security. By using these cloud services, internet users get many parallel computing resources at low cost. It predicted that till 2016, revenues from the online business management spent $4 billion for data storage. Cloud is an open source platform structure, so it is having more chances to malicious attacks. Privacy, confidentiality, and security of stored data are primary security challenges in cloud computing. In cloud computing, ‘virtualization’ is one of the techniques dividing memory into different blocks. In most of the existing systems there is only single authority in the system to provide the encrypted keys. To fill the few security issues, this paper proposed a novel authenticated trust security model for secure virtualization system to encrypt the files. The proposed security model achieves the following functions: 1) allotting the VSM(VM Security Monitor) model for each virtual machine; 2) providing secret keys to encrypt and decrypt information by symmetric encryption.The contribution is a proposed architecture that provides a workable security that a cloud service provider can offer to its consumers. Detailed analysis and architecture design presented to elaborate security model.

Download Full-text