11-02-2013, 03:54 PM
Eucalyptus Dataset Forensics Using Hadoop Map-Reduce
[attachment=50535]
Abstract
We propose a Eucalyptus dataset forensics Using Hadoop Map-Reduce that can detect attacks on the cloud and analyze it using the logging tools such as www.loggly.com, Syslog and Snort. Whenever the attack performs repeatedly the next sequenced attack is blocked by this dataset. So the dataset can be periodically improved to diagnose and cure the data affected by attack. It is also useful for offline for digital forensics purposes. The Hadoop Map Reduce is helpful in detecting the distributed logs and distributed pattern-based searching and document clustering irrespective of place and format of logs.
The Eucalyptus dataset consists of various attacks information and virtual machines running them. A host machine and one guest, windows XP or Ubuntu, is prepared to attack on Eucalyptus VM instances. After the attack is performed the log generated are stored in various locations and various formats. Hadoop is used to Map the logs and Reduce them in one format and location to elucidate the result.
Introduction
Private Cloud Computing [6][8]
Private cloud (also called internal cloud or corporate cloud) is a marketing term for a proprietary computing architecture that provides hosted services to a limited number of people behind a firewall. Advances in virtualization and distributed computing have allowed corporate network and datacenter administrators to effectively become service providers that meet the needs of their "customers" within the corporation.
Framework
Mule Framework
Mule ESB Community is a lightweight Java-based enterprise service bus (ESB) and integration platform that allows developers to connect applications together quickly and easily, enabling them to exchange data. Mule ESB enables easy integration of existing systems, regardless of the different technologies that the applications use, including JMS, Web Services, JDBC, HTTP, and more. The key advantage of an ESB is that it allows different applications to communicate with each other by acting as a transit system for carrying data between applications within your enterprise or across the Internet.
Conclusion & Future enhancements
On demand resource utilizatiion and utility computing has formed strong base of Cloud computing. But considering the downlside that it has affected by unique information confidentiality, integrity and availability risks as well due its inherent design paradigm. The proposed model tries to enhance forensic investigation by packet analyzing as well as log tracing use of Hadoop for large as well as unclustered data. The other aspect is that user can analyze the attack pattern and obtains prevention from the logs generated and gathered.
[attachment=50535]
Abstract
We propose a Eucalyptus dataset forensics Using Hadoop Map-Reduce that can detect attacks on the cloud and analyze it using the logging tools such as www.loggly.com, Syslog and Snort. Whenever the attack performs repeatedly the next sequenced attack is blocked by this dataset. So the dataset can be periodically improved to diagnose and cure the data affected by attack. It is also useful for offline for digital forensics purposes. The Hadoop Map Reduce is helpful in detecting the distributed logs and distributed pattern-based searching and document clustering irrespective of place and format of logs.
The Eucalyptus dataset consists of various attacks information and virtual machines running them. A host machine and one guest, windows XP or Ubuntu, is prepared to attack on Eucalyptus VM instances. After the attack is performed the log generated are stored in various locations and various formats. Hadoop is used to Map the logs and Reduce them in one format and location to elucidate the result.
Introduction
Private Cloud Computing [6][8]
Private cloud (also called internal cloud or corporate cloud) is a marketing term for a proprietary computing architecture that provides hosted services to a limited number of people behind a firewall. Advances in virtualization and distributed computing have allowed corporate network and datacenter administrators to effectively become service providers that meet the needs of their "customers" within the corporation.
Framework
Mule Framework
Mule ESB Community is a lightweight Java-based enterprise service bus (ESB) and integration platform that allows developers to connect applications together quickly and easily, enabling them to exchange data. Mule ESB enables easy integration of existing systems, regardless of the different technologies that the applications use, including JMS, Web Services, JDBC, HTTP, and more. The key advantage of an ESB is that it allows different applications to communicate with each other by acting as a transit system for carrying data between applications within your enterprise or across the Internet.
Conclusion & Future enhancements
On demand resource utilizatiion and utility computing has formed strong base of Cloud computing. But considering the downlside that it has affected by unique information confidentiality, integrity and availability risks as well due its inherent design paradigm. The proposed model tries to enhance forensic investigation by packet analyzing as well as log tracing use of Hadoop for large as well as unclustered data. The other aspect is that user can analyze the attack pattern and obtains prevention from the logs generated and gathered.