64 

CHAPTER - 4

DYNAMIC SESSION BASED ENFORCEMENT OF ENCRYPTION

STANDARDS FOR INTRUSION DETECTION IN CLOUD ENVIRONMENT

4.1 INTRODUCTION

In any dynamic session based encryption in the cloud, is the conversion or

encryption data processed before it is moved to cloud. Cloud service providers typically

provide encryption services - key data provided for limited encryption and an encryption

connection - providing data for decrypt encryption when the keys as needed.

The detection can perform in various ways like creating countless and giving

an essential measure of data. Then again, the pernicious user can pursue the service end

up to the last stage by creating right data in cloud. At the last stage, they can separate the

service succession which just quit. Because of this, there is decreasing service execution

and throughput which ruins the whole service. So to deal with this issue, an alternate key

methodology is vital for interruption discovery with the SaaS engineering. This work is

moving towards the reason for planning such appropriate strategy.

By and large, the interruption location can be distinguished utilizing a few

measures. Interruption location is any service arranged engineering gives distinctive

services which can be gotten to by different users of the earth. The service supplier has a

specific restriction on a few associations they can give, the quantity of solicitations they

can deal with. So also, the supplier is fit for managing a restricted measure of data. In

such condition, the pernicious user acquires or guarantees numerous associations and

keeps inactive without utilizing any data. Additionally, it can post a lot of data to the

service which influences the limit of the service supplier. In both the cases, the vindictive

user likes to corrupt the service. By distinguishing this, the service supplier denies further

service to the user.

 
 65 
 

Malevolent service access can be resolved, there are cryptographic techniques

accessible, and every user utilizes different highlights. The host-based techniques keep

up a rundown of the hosts who are recognized as malevolent at the prior time. In light of

the history accessible, the technique distinguishes the vindictive demand and denies the

demand. The issue with this methodology is unidentified vindictive can't be ceased.

Additionally, certain hubs utilize numerous personalities for them, which bargain the

identification plot.

There are couple of strategies which utilize the stream requirements of the

source hub. Every hub would put a specific measure of data while getting to the service

and by keeping up such data, the strategy distinguishes the vindictive hub. Some different

strategies utilize the recurrence of service access as the main consideration. Be that as it

may, every one of the techniques endure to accomplish the execution in interruption

identification.

4.2 PROBLEM DEFINITION

For intrusion recognition, there are different strategies has been recognized.

The issue of service relief in the cloud condition has been examined in different

techniques.

The strategy on Open Stack with Jenkins affirmed its attainability by gathering

programming from a product gathering and capacity to work gatherings and chooses

experiments dwells to each group in two-level reflection (Yoji Yamat, 2015). It surveys

the effectiveness of experiment creation endeavors for service precision additionally it's

perform programmed confirmation of condition replications executions.

Nikolaos Pitropakis et al. (2014) have depicted a technique for identifying the

co-residency and system focusing on attacks in the bit called Kernel-Based Virtual

Machine (KVM) based cloud situations. The outcomes check the adequacy of cloud

 
 66 
 

condition which depends on KVM-based cloud and a usage of the Smith-Waterman

hereditary calculation is finished.

The dimension of classification and trustworthiness of the put away data at the

design level security instrument is talked about by Sultan Ullah and Zheng Xuefeng

(2014). This strategy limits the entrance of data from an unapproved user, the user data

put away in encoded form. XIaodong Sun et al. (2011) deal with the cloud security

utilizing fluffy set hypothesis. This strategy makes a trust chain for the approved user and

it's checked by making a trust chain to ensure the cloud security. The plan to help open

undeniable nature is talked about and the outsider wouldn't get any touchy data.

To improve the data storage security, a TPA based security system analyzed

to keep the user data from suspicious users, they proposed the strategy called Merkle Hash

Tree based Encryption Technique (Qian Wang et al. 2009).

An undeniable security instrument to give data review capacity to effective

time multifaceted nature way to deal with meet market necessity called Private is

communicated about (Cong Wang et al. 2010).

To perform interference location in a proficient way, it need an increasingly

vital way to deal with perform relief and all the above strategies examined different issues

in recognizing vindictive dangers.

4.3 MATERIALS AND METHODS

The proposed dynamic session based service oriented one step elliptic curve

cryptography has organizations focused on providing efficient security measures to

organizations. The proposed sample is the following functional components, namely

session-based mainstream one-step verification, and detection. If you want to discuss each

of them here in detail in this section.

 
 67 
 

Dynamic Session Based Service Oriented One Step Elliptic Curve Cryptography

Nodes Creation Session One Step Intrusion

Based Key Verification Detection
Generation

Storage area

Figure 4.1 Work flow diagram

4.3.1 Session Based Key Generation

The key generator, generates a public and private key for each user registered

on the cloud. The public key is a random one created by the user and the private key

means that four parameters have a group ID, service ID, user ID and session ID. The

calculated public and private key will be sent to the user. In addition to this, the system

creates elliptic curve parameters and the user will study these factors. At each meeting,

the system creates individual key and elliptic curve parameters and send the user.

Algorithm:

Input: User Id UID, GroupID (GID), Cloud ID (CID), Service Id (SID), Session ID
(SEID), ID-Identification
Output: Public Key pk, Private Key Prk.

Initialize public key set Pkset=∑

While (true)
Receive user request.
Generate public key pk = Rand (Pkset)

 
 68 
 

Generate private key Prk = {CID, GID, SID, UID, and SEID}.
Initialize Elliptic curve parameters ECpr = {Points, values}
Send to the user.
Wait for next session.
End.
The above algorithm generates a key for each session and generates elliptic

curve parameters and distribution to the users of the cloud who has registered.

4.3.2 User Behavior Analysis

User behavior analysis is done whenever a service request arrives. The first

time all service access collects the collection performed by the user at each meeting. Then

once calculates the malicious request at each meeting and if the malicious request is less

than the frequency limit. Then it concluded that public conduct decision and if it were not

otherwise malicious, and ignored to create a trace for the malicious record.

Algorithm:
Input: Service History Sh, Service Request SR
Output: Current Access Rate (CAR) , Average Access Rate (AAR).
Identify Service requested Sr = SR.Service ID.
For each time window
Collect all the records generated for the service.

Service trace St = ∑ .

Compute Service Access Rate (SAR)

∑
SAR =
.

T- Number of time window

End
∑
Compute average access rate AAR = 100

Compute access rate at current time window CAR.

 
 69 
 

CAR =
.

Return CAR, AAR.

Stop

4.3.3 One Step Verification

A step verification is done whenever a service request arrives. At this

condition controller, the user selects a dot from the elliptic curve and sends the user to

accept this request. In the form of user encryption it is full response at that time and it

must be controlled and understood. The controller verifies the entire user sent and then

the user decides about trustworthy.

Algorithm:

Input: Service Request Sr

Output: Boolean
Start
Receive request Sr.
Read the elliptic curve parameters EP.

Choose a random point from the curve Rp =

Send Rp to the user.

Receive value from the user.
If Ep(Rp) == UserInteger then
Return true
Else
Return false
End
Stop.

 
 70 
 

4.4 Intrusion Detection

When the controller accepts this request, it checks the service request and

details feature and detects the intrusion detection. If the identification and identification

of the identity of the user first or the service parameters do not match the service signature,

it does one step verification. Once a step verification fails, if it is not malicious otherwise

the user must conduct user behavioral studies. The user concludes with the conclusion

that the system concludes a systematic weight and calculates the malicious or genuine

demand, based on the subjective weight.

Algorithm:
Input: Service Request Sr, Public key Set Pks, Private key Set Prks.
Output: Boolean
Start
Receive Service Request Sr.
Verify public and private keys of user.
Identify the user UID = Sr.UID.
Verify the key details.
if Pk.UID==Pks(UID).Pk && Prks.UID==Pk.UID &&
Prks.GID==Pk.GID && Prks.CID==Pk.CID then
Boolean bool = Perform One Step Verification.
if true then
Genuine packet.
Return true.
else
Generate trace and classify malicious.
end
Else
Boolean bl = Perform One step verification.
if true then
Behavior Analysis (BA) = perform user behavior analysis.
Compute legitimate weight Lw = BA.CAR×BA.AAR
if lw>Th then

 
 71 
 

Classify genuine packet.

Add to trace.
else
Classify malicious packet.
Add to trace.
end
else
Classify malicious packet.
Add to trace.
Stop

The above discussed algorithm performs intrusion detection in cloud

environment using the other functional components of the proposed approach.

4.5 SIMULATED RESULTS

The data collection is simulated using the network simulator NS2. Figure 4.2

shows the initial network setup in the network simulator with 30 number of nodes.

Figure 4.2 Initial network setup

 
 72 
 

Figure 4.3 Source data discovery

Figure 4.4 Data availability Estimation based Intrusion detection

 
 73 
 

Figure 4.5 Packet transmission

Figure 4.3 shows the snapshot of source data discovery setup for runtime, and

the data availability estimation is shown in Figure 4.4. The packet transfer is shown in

Figure 4.5.

4.6 SUMMARY

Intrusion detection an improvement in the cloud position based on a dynamic

session-based verification approach based on elliptic curve cryptography. The controller

creates two different keys, such as the public and private key. The public key usually

occurs for cloud and private key users each has unique data about a user ID, session ID,

cloud ID, panel ID and service ID. The cloud of production keys must be separated by

users with elliptic curve parameters.