Concordia Institute for Information System Engineering

(CIISE)

INSE 6140
Malware Defenses and Application Security

Submitted By : MSS2020
• Zaid Khan Sherwani (40106126)
Instructor : • Rohith Saravanan (40114635)
Dr. Makan Pourzandi • Hamza Minhas (40107299)

DATA STORAGE SECURITY ON CLOUD COMPUTING

 1 3 categorizing
2 Key terms
Introduction threats

AGENDA 4 criteria
5
classification
6 Best paper

7 Conclusion
Introduction
 Data security ensures the
privacy and confidentiality of
shared data while the storage
security ensures the
correctness of the uploaded
data stored in untrustworthy
cloud servers
Common threats prevalent in IoT
Networks:
 Illegal access networks
 Integrity damage
 DoS attack
 Eavesdropping
 Confidentiality damage
Such exploiting the privacy of
users causes loss of economy and
reputation.
KEY TERMS

Data Storage Security

Cloud Data Owners upload their local
data into the cloud. If some CSPs are
dishonest, they may conceal the data
loss or error from the users for their
own benefit.
Threat - A threat is anything that can
disrupt the operation, an effect that
might damage or compromise an asset if
policies and procedures are not keeping
up.
• Vulnerability - A weakness in some
aspect or feature of a system that makes
an exploit possible.
• Attack - An action undertaken that
utilises
one or more vulnerabilities to realize a
threat.
CATEGORIZING THREATS IN DATA STORAGE SECURITY

Creates
Embeds exploits into lifecycle Account or
Vulnerabilities Data Loss or
Impact : Severe Catastrophic Service
Leakage
Hijacking
Losses,
Discovers Unknown
National Security
Vulnerabilities

Insecure
Denial of
Interfaces and
Exploits via the Internet service
Impact : Financial Fraud, Identity
APIs
Theft

Malicious
DDOS Attack:
Systems and Account Insiders
Exploits Known
Vulnerabilities Exploits
Impact : Denial of
Service, Nuisance

Abuse and Malware and

Nefarious Use Worms
Criteria
selected to CONFIDENTIALITY:   INTEGRITY: AVAILABILITY:
analyze the REFERS TO
PROTECTING
DATA CANNOT BE
MODIFIED IN AN
GUARANTEE OF
RELIABLE ACCESS TO

Papers INFORMATION FROM UNAUTHORIZED OR THE INFORMATION BY

BEING ACCESSED BY UNDETECTED MANNER AUTHORIZED PEOPLE
UNAUTHORIZED
PARTIES. 
 BASED ON ENCRYPTION
PAPER – 1,6,7,12,14,15,16
BASED ON ENCRYPTION & AVAILABILITY
PAPER – 4
CLASSIFYING BASED ON ENCRYPTION & HASHING
PAPER – 3,11,17,19
PAPERS BASED ON OBFUSCATION & STEGNOGRAPHY

BASED ON
PAPER – 18
BASED ON HASHING & AVAILABILITY

CLASSES PAPER – 8,9,10

BASED ON ENCRYPTION & SIGNATURE
PAPER – 5
BASED ON ENCRYPTION & AVAILABILITY & HASHING
PAPER – 13
 CLASSIFICATION & COMPARISON
Paper No Scope Techniques Classes Confidentiality Integrity Availability

The scope of this paper is to provide the data confidentiality so that any unauthorized
1 person cannot gain the access to sensitive data of the users in the cloud Asymmetric and Symmetric Encryption Encryption Yes No No

The scope of this paper is to provide the security and privacy protection of user data
by means of multilevel encryption through which user get confidentiality of their
2 data Block Ciphers with AES Encryption Yes No No

The scope of this paper is to keep the user data safe from breaches, theft and
reliability and also provide data integrity and confidentiality of the data at the same
3 time Sec-Cloud(Merkle Hash Tree,Diffie Hellman Algorithm) Hashing /Encryption Yes Yes No

The Scope of this paper is to provide the users to store data and retrieve their data
anytime and anywhere and provide the high level of availability and integrity to
4 their data Proxy Server Encryption/ Failover Protection Yes No Yes

The scope of this paper is to provide the data confidentiality and data integrity
so the data cannot be modified in transit as well as any unauthorized person
5 cannot gain access to data Homomorphic Encryption/Index Building/HMAC Encryption/HMAC /Signature Yes Yes No

Provide a fair non-repudiation cloud storage facility and the capability of preventing
6 roll back attacks on the cloud storage architecture Multi-Party Non-Repudiation Protocol Encryption Yes No No

7 To enchance data confidentiality and sharing of data between different cloud users Identity Based Cryptography Encryption Yes No No

Explicit construction of exact regenerating code with cryptography algorithm are used
8 to ensure the availability, Confidentiality and integrity of the data Explicit Exact Minimal Storage Regenerating Code (EEMSR) Hashing/Failover /Encryption Yes Yes Yes

Detect any unauthorized data modification and corruption due to server compromise Homomorphic token with distributed verification of erasure-coded
9 and finding the particular server the data error lies in data Hashing/Failover Protection No Yes Yes

Data does not cover the entire data while verifying the cloud servers for data storage
10 correctness i.e. some data corruptions may be missing. Token precomputation using Sobol Sequence Hashing/Failover Protection No Yes Yes
 Cloud storage contributors are in charge for monitoring the data which is available
11 and accessible on the cloud, and the physical environment protected and running Certificateless Public Auditing Hashing /Encryption Yes Yes No

The Scope of this paper is to provide the trusted computing environment that ensures the
confidentiality and the privacy of data so that so that no one can access data other than authorized
12 users ECC Encryption Algorithm Encryption Yes No No

The scope of this paper is to ensure the confidentiality of users data so that data cannot be accessed
13 by unauthorized user Data Obfuscation & Steganography Obfuscation & Steganography Yes No No

The scope of this paper is to have the efficient cloud storage confidentiality by using two different
14 encryption techniques Obfuscation Algorithm and Encryption Encryption Yes No No

The Scope of this paper is that the users can share their data securely in a cloud environment it uses
15 the desktop application model through which users can get confidentiality to their data Encryption,Compression & Splitting Technique Encryption Yes No No

The paper uses the strong encryption and authentication mechanisim for maintaining the
confidentiality and integrity of data and it also the main scope of this paper to ensure the
16 confidentiality and integrity of users data Token mechanism Encyption Algorithm Encryption Yes No No

The Scope of this paper is to provide the confidentiality and integrity of data by using file sharing
17 technique File sharing Mechanism with disintegration protocol (DIP) Encyption/Hashing Yes Yes No

18   Generalized Policies and standards N/A N/A N/A N/A

The Scope of this paper is to gurantee the correctness of user data in the cloud so that user can
19 achieve both confidentiality and Integrity Two handshake scheme based on token management Encryption/Hashing Yes Yes No

The scope of this paper is to make the comparison of different papers in the field of data storage
20 security of cloud computing and analyze them which papers is achieving confidentiality and integrity comparison table / examined each category of work in detail Encryption/Hashing Yes Yes No
Ensuring Confidentiality in
Cloud Computing
Enhanced Data Storage Security in Cloud
Environment using Encryption, Compression and
Splitting technique
Pros: i)Minimized the data upload and download time
on cloud storage
ii)Desktop application in which the encryption,
compression techniques are applied which allows
sharing of data in a reliable way.
Cons: i)Data intrusion as multiple users can access
the application
Efficient Cloud Storage Confidentiality to Ensure
Data Security
Pros: i)Integration of both encryption and
obfuscation to provide maximum security.
Cons: i) Vulnerable to brute force and reverse
engineering attacks.
Ensuring Integrity in Cloud
Computing
A framework for Data Security and
Storage in Cloud Computing
Pros: HMAC, Index Building and
Encryption provides greater security
during transmission and storage of data..
Cons: i) It has memory limitations
A Study on Data Storage security issues
in cloud computing
Pros: Secure Cloud
Cons: Data loss or manipulation of data
Ensuring Availability in Cloud
Computing
Ensuring Data Storage Security in Cloud
Computing using Sobol Sequence
Pros i)Enhanced security to user’s data in
cloud computing against Byzantine
failure, unauthorised data modification ii)
Simultaneously identifies misbehaving
Cons: i) Detection probability against
data detection
On Security of Data Storage in Cloud
Computing Via Exact Regenerating Code
Pros: i) Regenerating code that can
regenerate back a lost block of data with
less repair traffic
ii) The hash function used with EMSR is to
achieve integrity of the data through
challenge response protocol.
Cons: i) Key generation for all the files
used by the user
WHY WE SELECT THIS PAPER ?
Problem :
 As the cloud is unreliable so this data storage service introduces security challenges, such as
Confidentiality, Integrity, Availability and Reliability of data.
 This problem can be overcome by a broad analysis of features at each level .
 This is well explained in the paper – “On Security of Data Storage in Cloud Computing via Exact
Regenerating Code .”

Proposed work :
To ensure integrity and availability of data stored in cloud, a new method has been approached which is
based on EMSR (Exact Minimal Storage Regeneration) code and Hash Function. This approach has four
phases:
 Setup Phase
 Integrity Verification Phase
 Reconstruction:
 Regeneration:
PROS:
 Performance of our proposed method with prior methods and performance
analysis showed that our approach took lesser running time.
 The storage service of the cloud is more secure by ensuring Integrity along
with Availability of the data stored in cloud with less running time overhead.

CONS:
 Consumes more amount of resources .
 Security Structure -
 Lack of a single standardized solution.
 No provision of a defense in depth for the
system.
Technological Advancement –
 New technologies needed for data storage
security to verify integrity and
CONCLUSION authentication mechanisms.
 Acceptable solutions for limited cost and
budget.
Privacy of data –
 Restricting the amount of user data.
 Removing any direct relation between the
data and the user whose data is being
shared.
APPENDIX:
1)M. Derfouf, A. Mimouni and M. Eleuldj, "Vulnerabilities and storage security in cloud computing," 2015 International
Conference on Cloud Technologies and Applications (CloudTech), Marrakech, 2015, pp. 1-5.doi:
10.1109/CloudTech.2015.7337002

2)J. Miao, A. Bao, Y. Niu, Z. Liu and H. Mao, "A secure private cloud storage system based on virtual isolation
mechanism," 2016 IEEE International Conference on Big Data Analysis (ICBDA), Hangzhou, 2016, pp. 1-5.doi:
10.1109/ICBDA.2016.7509831

3)Bhandari, A. Gupta and D. Das, "A framework for data security and storage in Cloud Computing," 2016 International
Conference on Computational Techniques in Information and Communication Technologies (ICCTICT), New Delhi, 2016,
pp. 1-7.doi: 10.1109/ICCTICT.2016.7514542

4)M. K. Sarkar and S. Kumar, "A framework to ensure data storage security in cloud computing," 2016 IEEE 7 th Annual
Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), New York, NY, 2016, pp. 1-4. doi:
10.1109/UEMCON.2016.7777827

5)S. Liu, C. Zhang and L. Bo, "Improve security and availability for cloud storage," 2016 4th International Conference on
Cloud Computing and Intelligence Systems (CCIS), Beijing, 2016, pp. 382-387.doi: 10.1109/CCIS.2016.7790288

6)R. Swathi and T. Subha, "Enhancing data storage security in Cloud using Certificateless public auditing," 2017 2nd
International Conference on Computing and Communications Technologies (ICCCT), Chennai, 2017, pp. 348-352.doi:
10.1109/ICCCT2.2017.7972299

7)Zhe, Diao & Qinghong, Wang & Naizheng, Su & Yuhan, Zhang. (2017). Study on Data Security Policy Based on Cloud
Storage. 145-149. 10.1109/BigDataSecurity.2017.12

8)B. F. Mary and D. I. G. Amalarethinam, "Data Security Enhancement in Public Cloud Storage Using Data Obfuscation and
Steganography," 2017 World Congress on Computing and Communication Technologies (WCCCT), Tiruchirappalli, 2017, pp.
181-184. doi: 10.1109/WCCCT.2016.52

9)B. S. Rawal and S. S. Vivek, "Secure Cloud Storage and File Sharing," 2017 IEEE International Conference on Smart Cloud
(SmartCloud), New York, NY, 2017, pp. 78-83.doi: 10.1109/SmartCloud.2017.19

10)H. Guesmi and L. A. Saïdane, "Improved Data Storage Confidentiality in Cloud Computing Using Identity- Based
Cryptography," 2017 25th International Conference on Systems Engineering (ICSEng), Las Vegas, NV, 2017, pp. 324-330.
doi: 10.1109/ICSEng.2017.32
11)Cong Wang, Qian Wang, Kui Ren and Wenjing Lou, "Ensuring data storage security in Cloud Computing,“ 2009 17th
International Workshop on Quality of Service, Charleston, SC, 2009, pp. 1-9.doi: 10.1109/IWQoS.2009.5201385

12)M. R. Tribhuwan, V. A. Bhuyar and S. Pirzade, "Ensuring Data Storage Security in Cloud Computing through Two-Way
Handshake Based on Token Management," 2010 International Conference on Advances in Recent Technologies in
Communication and Computing, Kottayam, 2010, pp. 386-389.doi: 10.1109/ARTCom.2010.23

13)P. S. Kumar, R. Subramanian and D. T. Selvam, "Ensuring data storage security in cloud computing using Sobol
Sequence," 2010 First International Conference On Parallel, Distributed and Grid Computing (PDGC 2010), Solan, 2010,
pp. 217-222.doi: 10.1109/PDGC.2010.5679900

14)J. Feng, Y. Chen, D. Summerville, W. Ku and Z. Su, "Enhancing cloud storage security against roll-back attacks with a
new fair multi-party non-repudiation protocol," 2011 IEEE Consumer Communications and Networking Conference (CCNC),
Las Vegas, NV, 2011, pp. 521-522.doi: 10.1109/CCNC.2011.5766528

15)A. Kumar, B. G. Lee, H. Lee and A. Kumari, "Secure storage and access of data in cloud computing," 2012 International
Conference on ICT Convergence (ICTC), Jeju Island, 2012, pp. 336-339.doi: 10.1109/ICTC.2012.6386854

16)L. Arockiam and S. Monikandan, "Efficient cloud storage confidentiality to ensure data security," 2014 International
Conference on Computer Communication and Informatics, Coimbatore, 2014, pp. 1-5.doi: 10.1109/ICCCI.2014.6921762

17)R. K. Banyal, V. K. Jain and P. Jain, "Data Management System to Improve Security and Availability in Cloud Storage,"
2015 International Conference on Computational Intelligence and Networks, Bhubaneshwar, 2015, pp. 124-129.doi:
10.1109/CINE.2015.32

18)K. Rani and R. K. Sagar, "Enhanced data storage security in cloud environment using encryption, compression and
splitting technique," 2017 2nd International Conference on Telecommunication and Networks (TEL-NET), Noida, 2017, pp.
1-5. doi: 10.1109/TEL-NET.2017.8343557

19)S. Rajeswari and R. Kalaiselvi, "Survey of data and storage security in cloud computing," 2017 IEEE International
Conference on Circuits and Systems (ICCS), Thiruvananthapuram, 2017, pp. 76-81.doi: 10.1109/ICCS1.2017.8325966

20)A. R. Malviya and P. S. Kumar, "On security of data storage in cloud computing via exact regenerating code,“
International Conference on Computing, Communication & Automation, Noida, 2015, pp. 577-583.doi:
10.1109/CCAA.2015.7148474
ANY QUESTIONS??

THANKYOU!!!