IJSRD - International Journal for Scientific Research & Development| Vol.

3, Issue 10, 2015 | ISSN (online): 2321-0613

Fog Computing: the Justifying Insider Data Stealing Attacks in the Cloud
G Kalyani1 B Saniksha2 M Anand3 K Subhash4
Department of Computer
Savitribai Phule Pune University Mitaoe, Alandi, Pune, Maharashtra, India
Abstract— Cloud computing allows us for share and access
our personal and business data. With this technology the
communication becomes faster. But when a user share his
personal data, he will start worrying about the security.
Existing data security paradigms such as encryption have
failed in protect data theft attacks, especially those committed
by an insider to the cloud service provider. To overcome this
problem, We propose a different approach for providing the
security for data in the cloud by using offensive decoy
technology(ODT). In this Technic we observe data access in
the cloud and detect anomalous data access patterns. When
unofficial access is found and then verified using challenge
questions, we launch a deception attack by returning large
amounts of decoy information to the attacker. This protects
against the illegal use of the user’s real data. Experiments
conducted in a local file setting provide indication that this
approach may provide extraordinary levels of user data
security in a Cloud environment.
Key words: Cloud computing, Data privacy, accountability,
decoy information technology, Identity management process,
Authentication and authorization, Data separation, Data
access, Data confidentiality
In the start-up business, choosing for outsourcing data and
computation to the Cloud. This clearly supports better
operational effectiveness, but it will be comes with the large
amount of risk. Sometimes maybe the most serious of which
are data theft attacks. Data theft attacks are augmented if the
attacker is a malevolent insider. This is considered becomes
one of the top threats to cloud computing by the Cloud
Security Alliance. While most Cloud computing users are
well known of this kind of hazard, they are trusting the service
provider which are protecting their data. The transparency is
low, let only control over the Cloud provider’s authentication,
authorization, and audit controls only intensifies this threat.
The Twitter is one example of a data theft attack in the Cloud.
Fog computing is similar to cloud. Fog provides
data, storage, compute and applications to the end user.
Rather than presenting and working from centralized cloud,
fog operates on network edge. Because of this, it requires less
time to processing. In today's world, security is most
important issue. For that different technologies are used.
Encryption mechanisms does not protect the data in the
database from unauthorized access.
We have proposed a completely new technique to
secure user’s data in cloud using user comportment and decoy
information technology called as Fog Computing. The term
“Fog Computing” means that rather than hosting and working
from centralized cloud, fog system works at network end. We
will provide security to the database through data mining
algorithm. We will monitor data accessing pattern and detect
abnormal behaviour. Fog computing is used in different
scenarios such as smart grid, smart traffic light etc.

Existing work on recognition of deception attacks was
concentrate on auditing and modelling sequences of user
commands containing work on command sequences with data
about arguments of commands. For noticing irregular
behaviour investigator applied numerical and machine
learning algorithms. Maloof and Stephens also applied a user
activities of profiling Idea to detect malicious insider
activities irreverent ‘Need-to-Know’ policy. Previous studies
using multi-class training required collecting data from many
users to train particular profiles. Different classifiers are also
used to find wrong behaviour. Combination of different
classifier can be a better approach to find deceptions attack.
In the existing system, know a days we are going to use for
the purpose of data security such as encryption is going failed
in providing security for data theft attacks, especially those
committed by an insider to the cloud service provider. most
research in Cloud computing security has focused to the
avoiding unauthorized access to data by developing erudite
access control and Encryption Technic. However these
approach is not able to protect data cooperation.
We propose a totally different approach to securing the cloud
using decoy information technology, that we have to use the
the technology known as Fog computing. We use this
technology to launch misinformation attacks over the
malevolent insiders, protecting them from separating the real
sensitive customer data from fake meaningless data. The
concept decoys, then, assist two purposes:
1) It validate the particular data access is authorized. And
when anomalous information access is detected.
2) Confusing the attacker with forged or fake information.

Fig. 1: System architecture of sharing data in cloud
The logger is tightly coupled with user’s data (either
single or multiple data items). Its main tasks include
automatically logging entry to data items that it contains,

All rights reserved by www.ijsrd.com


Fog Computing: the Justifying Insider Data Stealing Attacks in the Cloud
(IJSRD/Vol. 3/Issue 10/2015/078)

encrypting the log record using the public key of the content
holder, and sending it periodically them to the log
harmonizer. It may also be configured to clear that access and
usage control policies contained with the data. For example,
a data owner can specify that user U is only allowed to view
the data but not to modify that data. The logger will control
the data access even after it is downloaded by user U.

http://www.dailymail.co.uk/news/article1260488/Barack- Obamas-Twitter-password-revealedFrench-hacker-arrested.html
[5] M. Ben-Salem and S. J. Stolfo, “Modeling user searchbehaviour for masquerade detection,” in Proceedings of
the 14th International Symposium on Recent Advances
in Intrusion Detection. Heidelberg: Springer, September
2011, pp. 1–20.
[6] B. M. Bowen and S. Hershkop, “Decoy Document
Distributor: http://sneakers.cs.columbia.edu/ids/fog/,”

Fig. 2: Working of Decoy.
We proposed pioneering approaches for automatically
logging any access to the data in the cloud together with an
auditing mechanism. Our tactic allows the data owner to not
only audit his content but also enforce strong back-end
protection if needed. With the rapid development of versatile
cloud services, a lot of new challenges have emerged. One of
the most important Problems is how to secure the outsourced
data stored in the cloud severs. In this paper, we proposed a
novel scheme which is able to achieve the security over the
theft who is trying to get data. By using this system the
attacker does not get a original document, He get the fake
information. And hence the security of owner data is
achieved. Know the data owner stop worrying about his data
from attackers. In the long term, we plan to design a Complete
and more generic object-oriented approach to facilitate
autonomous protection of traveling content.
The authors are thankful to researches, publishers. For
making the availability of their resources and publications.
Teacher’s guidance is equally responsible for this paper. We
are also thankful to college authorities for providing us basic
facilities and equipment which requires. Finally, we would
like to extend heartfelt gratitude to friends, family members
for their support and encouragement.
[1] Salvatore J. Stolfo, Salvatore J. Stolfo,, Angelos D.
Keromytis, IEEE Symposium on Security and Privacy
Workshops © 2012, Salvatore J. Stolfo. Under license
to IEEE. DOI 10.1109/SPW.2012.19 125.
[2] Cloud Security Alliance, “Top Threat to Cloud
Computing V1.0,” March 2010. [Online]. Available:
[3] D. Takahashi, “French hacker who leaked Twitter
documents to TechCrunch is busted,” March 2010.
[4] P. Allen, “Obama’s Twitter password revealed after
french hacker arrested for breaking into U.S. president’s
account,” March 2010. [Online]. Available:

All rights reserved by www.ijsrd.com