FOG COMPUTING

Chapter 1
INTRODUCTION
1.1 Introduction

In this era, Cloud computing is achieving popularity every day. The ease of use and
storage which is provided to users for personal and business purposes is increasing its
demand.
Although, cloud computing provides an environment through which managing and
accessing of data becomes easier but it have consequences such as data leakage, data theft,
insider attacks etc. Very common risks now days are data theft attacks. The Twitter incident
is one example of a data theft attack from the Cloud. Several Twitter corporate and personal
documents were ex-filtrated to technological website Tech Crunch and customers accounts,
including the account of U.S. President Barack Obama, were illegally accessed. The attacker
used a Twitter administrators password to gain access to Twitters corporate documents,
hosted on Googles infrastructure as Google Docs. The damage was significant both for
Twitter and for its customers.
Van Dijk and Juels have shown that fully homomorphic encryption, often acclaimed
as the solution to such threats, is not a sufficient data protection mechanism when used alone.
To resolve these issues a mechanism which can detect such malicious activities is required.
For this, Fog computing is paradigm which monitors the data and helps in detecting an
unauthorized access.

1.2 Cloud Computing

Cloud computing is a delivery platform which promises a new way of accessing and
storing personal as well as business information. Cloud computing refers to the practice of
transitioning computer services such as computation or data storage to multiple redundant
offsite locations available on the Internet, which allows application software to be operated
using internet-enabled devices.
In Existing data protection mechanisms such as encryption was failed in securing the
data from the attacker. It does not verify whether the user was authorized or not.
Cloud computing security does not focus on ways of secure the data from
unauthorized access.

Dept of CSE, JCE, Belagavi Page 1

 FOG COMPUTING

In 2009 we have our own confidential documents in the cloud. This file does not have
much security. So, hacker gains access the documents. Twitter incident is one example of a
data theft attack in the Cloud.

1.3 Disadvantages
Nobody is identified when the attack is happen.
It is complex to detect which user is attack.
We cannot detect which file was hacking.
Cloud Computing Issue: Bandwidth
Transmitting and processing data requires bandwidth. The more data, the more
bandwidth is needed. Current cloud computing models cant keep up with the amount of
bandwidth that will be needed.

1.4 Concept of fog computing

Fog Computing is an extension of Cloud Computing. As in a Cloud, Fog computing
also provides data, compute, storage, and application services to end-users. The difference is
Fog provides proximity to its end users through dense geographical distribution and it also
supports mobility. Fog computing improves the Quality of service and also reduces latency.
We adopt a simple three level hierarchy as in Figure 1.

Fig1.Fog between edge and cloud

Dept of CSE, JCE, Belagavi Page 2

 FOG COMPUTING

In this framework, each smart thing is attached to one of Fog devices. Fog devices
could be interconnected and each of them is linked to the Cloud. As Fog computing is
implemented at the edge of the network, it provides low latency, location awareness, and
improves quality-of-services (QoS) for streaming and real time applications. Typical
examples include industrial automation, transportation and networks of sensors and actuators.
The Fog paradigm is well positioned for real time big data analytics, supports densely
distributed data collection points, and provides advantages in entertainment, advertising,
personal computing and other applications.

1.5 Characteristics of the fog are

a) Low latency and location awareness.
b) Wide-spread geographical distribution.
c) Mobility.
d) Very large number of nodes.
e) Predominant role of wireless access.
f) Strong presence of streaming and real time application.
g) Heterogeneity.

Fig2. Represents the edge network in Fog computing

Dept of CSE, JCE, Belagavi Page 3

 FOG COMPUTING

The main Feature of Fog Computing is its ability to support applications that require
low latency, location awareness and mobility. This ability made possible by fact that fog
computing systems are developed closer to the End users in a widely disturbed manner.

1.6 Existing System

Existing data protection mechanisms such as encryption was failed in securing the
data from the attackers. It does not verify whether the user was authorized or not. Cloud
computing security does not focus on ways of secure the data from unauthorized access.
Encryption does not provide much security to our data. In 2009 We have our own
confidential documents in the cloud. This files does not have much security. So, hacker gains
access the documents. Twitter incident is one example of a data theft attack in the Cloud.
Difficult to find the attacker. In 2010 and 2011 Cloud computing security was developed
against attackers. Finding of hackers in the cloud. Additionally, it shows that recent research
results that might be useful to protect data in the cloud.

1.7 Proposed System

We proposed a completely new technique to secure users data in cloud using user
behavior and decoy information technology called as Fog Computing. We use this techniques
to provide data security in the cloud . A different approach for securing data in the cloud
using offensive decoy technology. We monitor data access in the cloud and detect abnormal
data access patterns. In this technique when the unauthorized person try to access the data of
the real user the system generates the fake documents in such a way that the unauthorized
person was also not able to identify that the data is fake or real .It is identified thought a
question which is entered by the real user at the time of filling the sign up form. If the answer
of the question is wrong it means the user is not the real user and the system provide the fake
document else original documents will be provided by the system to the real user.

Dept of CSE, JCE, Belagavi Page 4

 FOG COMPUTING

Chapter 2
LITERATURE REVIEW

Madsen.H and Albeanu [1]. G presented the challenges faced by current computing
paradigms and discussed how Fog computing platforms are feasible with cloud and are
reliable for real life projects. Fog computing is mainly done for the need of the geographical
distribution of resources instead of having a centralized one. A multi-tier architecture is
followed in Fog computing platforms. In first tire there is machine to machine
communication and the higher tiers deal with visualization and reporting. The higher tier is
represented by the Cloud. They said that building Fog computing projects are challenging.
Z. Jiang et al. [2] Discussed Fog computing architecture and further used it for
improving Web site's performance with the help of edge servers. They said that the emerging
architecture of Fog Computing is highly virtualized. They presented that their idea that the
Fog servers monitor the requests made by the users and keep a record of each request by
using the users IP address or MAC address.
Sabahi, F. [3] mentioned threats and response of cloud computing. He presented a
comparison of the benefits and risks of compromised security and privacy. In this paper he
has summarized reliability and availability related issues of cloud resources provided by the
trusted third party. He discussed about the most common attacks nowadays are Distributed
Denial of Service attacks. The solution to these attacks can be, cloud technology offering the
benefit of flexibility, with the ability to provide resources almost instantaneously as necessary
to avoid site shutdown . Considering all these requirements, this prototype is created which
includes two main steps: first is to create users and generate patterns of their different access
behaviors, next step is monitoring the user access patterns.
Salvatore J. Stoflio et al. [4] introduced a new technology known as Fog computing.
They implemented security by utilizing decoy information technology. They explained two
methods i.e. User behaviour profiling and Decoy. In User behaviour profiling they examined
how, when and how much amount of information a subscriber is accessing. They scanned
their subscribers activity to examine for any abnormality in the data access nature of the
subscriber. The second technique is decoy in which information which is bogus or we can say
fraud i.e., honey pots, honey files, etc. are utilized to confuse the intruder or malicious
intruder by representing the information in such a way that it appears real.

Dept of CSE, JCE, Belagavi Page 5

 FOG COMPUTING

Madsen.H and Albeanu. G [5] showed the challenges faced by current computing
paradigms and explained how Fog computing platforms are viable with cloud and flexible for
real life projects. Fog computing is primarily performed for the requirement of the
geographical distribution of resources rather than having a centralized one. A multi-tier
architecture is adopted in Fog computing platforms. In first tire there is machine to machine
communication and the higher tiers handle visualization and reporting. The higher tier is
shown by the Cloud. They said that making Fog computing projects are challenging [5] but
there are algorithms and techniques exist that handle reliability and assure fault tolerance.
With their support such real life projects are possible.
Claycomb, W. R. (2012) [8] has featured a hierarchy of administrators within cloud
service suppliers and also provide examples of attacks from real insider attack cases. They
talked about how cloud architecture let intruders to breach the security. They have also
shown two extra cloud related insider risks: the insider who exploits a cloud-related
susceptibility to steal information from a cloud system, and the insider who utilizes cloud
systems to carry out an attack on users local resource. They specified the key challenges
faced by cloud suppliers and clients for protected their highly confidential data.
Park, Y. Et al. (2012) [9] formulated a method that was a software decoy for
protecting cloud data utilizing software. They introduced a software-based decoy system that
purposes to deceive insiders, to determine the ex-filtration of proprietary source code. The
system makes a Java code which seems as valuable information to the intruder. Further static
obfuscation method is utilized to create and transform original software. Bogus programs are
combined by software that is automatically transformed from actual source code, but
designed to be dissimilar to the original[9].This deception method confuses the insider and
also obfuscation supports the secure data by hiding it and making bogus information for
insider. Beacons are also inserted into the bogus software to determine the ex-filtration and to
build an alert if the decoy software is touched, compiled or executed.

Dept of CSE, JCE, Belagavi Page 6

 FOG COMPUTING

Chapter 3
METHEDOLOGY

In Fog computing, services can be hosted at end devices such as set-top-boxes or

access points. The infrastructure of this new distributed computing allows applications to run
as close as possible to sensed actionable and massive data, coming out of people, processes
and things. Such Fog computing concept, actually a Cloud computing close to the ground,
creates automated response that drives the value. Both Cloud and Fog provide data,
computation, storage and application services to end-users. However, Fog can be
distinguished from Cloud by its proximity to end-users, the dense geographical distribution
and its support for mobility. We adopt a simple three level hierarchy as in Figure 1. In this
framework, each smart thing is attached to one or more of Fog nodes. Fog devices could be
interconnected and each of them is linked to the Cloud. While Fog and Cloud use the same
resources (networking, compute, and storage), and share many of the same mechanisms and
attributes (virtualization, multi-tenancy) the extension is a non-trivial one in that there exist
some fundamental differences. The Fog vision was conceived to address applications and
services that do not fit well the paradigm of the Cloud. They include:

Applications that require very low and predictable latency the Cloud frees the user
from many implementation details, including the precise knowledge of where the
computation or storage takes place. This freedom from choice, welcome in many
circumstances becomes a liability when latency is at premium (gaming, video
conferencing).

Geo-distributed applications (pipeline monitoring, sensor networks to monitor the

environment).

Fast mobile applications (smart connected vehicle, connected rail).

Large-scale distributed control systems (smart grid, connected rail, smart traffic light
systems).

Dept of CSE, JCE, Belagavi Page 7

 FOG COMPUTING

Chapter 4
SECURING CLOUDS WITH FOG

There are various ways to use cloud services to save or store files, documents and
media in remote services that can be accessed whenever user connect to the Internet. The
main problem in cloud is to maintain security for users data in way that guarantees only
authenticated users and no one else gain access to that data. The issue of providing security to
confidential information is core security problem, that it does not provide level of assurance
most people desire. There are various methods to secure remote data in cloud using standard
access control and encryption methods. It is good to say that all the standard approaches used
for providing security have been demonstrated to fail from time to time for a variety of
reasons, including faulty implementations, buggy code, insider attacks, mis-configured
services, and the creative construction of effective and sophisticated attacks not envisioned
by the implementers of security procedures. Building a secure and trustworthy cloud
computing environment is not enough, because attacks on data continue to happen, and when
they do, and information gets lost, there is no way to get it back. There is a need to get
solutions to such accidents. The basic idea is that we can limit the damage of stolen data if we
decrease the value of that stolen data to the attacker. We can achieve this through a
preventive decoy (disinformation) attack. We can secure Cloud services by implementing
given additional security features.

Dept of CSE, JCE, Belagavi Page 8

 FOG COMPUTING

Chapter 5
IMPLEMENTING SECURITY FEATURES

1. User Behavior Profiling:

It is expected that access to a users information in the Cloud will exhibit a normal
means of access. User profiling is a well known technique that can be applied here to
model how, when, and how much a user accesses their information in the Cloud. Such
normal user behavior can be continuously checked to determine whether abnormal
access to a users information is occurring. This method of behavior-based security is
commonly used in fraud detection applications. Such profiles would naturally include
volumetric information, how many documents are typically read and how often. These
simple user specific features can serve to detect abnormal Cloud access based partially
upon the scale and scope of data transferred.
2. Decoy System:
Decoy data, such as decoy documents, honeypots and other bogus information can
be generated on demand and used for detecting unauthorized access to information and to
poison the thiefs ex-filtrated information. Serving decoys will confuse an attacker into
believing they have ex-filtrated useful information, when they have not. This technology
may be integrated with user behavior profiling technology to secure a users data in the
Cloud. Whenever abnormal and unauthorized access to a cloud service is noticed, decoy
information may be returned by the Cloud and delivered in such a way that it appear
completely normal and legitimate. The legitimate user, who is the owner of the
information, would readily identify when decoy information is being returned by the
Cloud, and hence could alter the Clouds responses through a variety of means, such as
challenge questions, to inform the Cloud security system that it has incorrectly detected
an unauthorized access. In the case where the access is correctly identified as an
unauthorized access, the Cloud security system would deliver unbounded amounts of
bogus information to the attacker, thus securing the users true data from can be
implemented by given two additional security features:
1) validating whether data access is authorized when abnormal information access is
detected, and
2) Confusing the attacker with bogus information that is by providing decoy documents.

Dept of CSE, JCE, Belagavi Page 9

 FOG COMPUTING

The decoy documents carry a keyed-Hash Message Authentication Code (HMAC),

which is hidden in the header section of the document. The HMAC is computed over the
files contents using a key unique to each user. When a decoy document is loaded into
memory, we verify whether the document is a decoy document by computing a HMAC based
on all the contents of that document. We compare it with HMAC embedded within the
document. If the two HMACs match, the document is deemed a decoy and an alert is issued.

Fig3.Decoy System

3. Combining the Two Techniques:

The correlation of search behavior anomaly detection with trap-based decoy files
should provide stronger evidence of malfeasance, and therefore improve a detectors
accuracy. We hypothesize that detecting abnormal search operations performed prior to
an unsuspecting user opening a decoy file will corroborate the suspicion that the user is
indeed impersonating another victim user. This scenario covers the threat model of
illegitimate access to Cloud data. Furthermore, an accidental opening of a decoy file by a
legitimate user might be recognized as an accident if the search behavior is not deemed
abnormal. In other words, detecting abnormal search and decoy traps together may make
a very effective masquerade detection system. Combining the two techniques improves
detection accuracy.

Dept of CSE, JCE, Belagavi Page 10

 FOG COMPUTING

Fig4. Architecture of Fog Computing

Fig4. states the actual working of the fog computing .In two ways login is done in
system that are admin login and user login .When admin login to the system there are again
two steps to follow: step1:Enter username step2:Enter the password . After successful login
of admin he can perform all admin related tasks, but while downloading any file from fog he
have to answer the security Question if he answer it correctly then only original file can be
download. In other case, when admin or user answer incorrectly to the security question then
decoy document (fake document) is provided to the fake user. Decoy technology work in the
given manner if you have any word ,suppose MADAM in the document then some
alphabets are replaced as M->A then the given word become AADAA which have no
meaning. In some Case, if attacker getting to know that M is replaced by A in the given
document and by applying reverse engineering he get result as MMDMM. In any case he
cant judge content of document.

Dept of CSE, JCE, Belagavi Page 11

 FOG COMPUTING

When user login to the system he also have to follow the same procedure as admin.
Operations like upload files/documents, download files/documents, view alerts, send
message, read message, broadcast any message all these can be perform by the user. ALERT
this stream provide the detail knowledge of attack done on their personal file/document with
details like date, time, no of times the attacker trying to hack that file/document .Best thing of
fog Computing is after each successful login the user get SMS on the mobile that login
successful. from this the user get alert when other else trying to gain access to his/her
personal fog account and when attacker trying to download some files/documents then user
also get SMS that contain attacker ip-address, attackers server name, date, time details on
his/her mobile so that become easy to catch attacker by tracing all these things.

Dept of CSE, JCE, Belagavi Page 12

 FOG COMPUTING

Chapter 6
APPLICATIONS

Connected car: Autonomous vehicle is the new trend taking place on the road. Tesla is
working on software to add automatic steering, enabling literal "hands free" operations of the
vehicle. Starting out with testing and releasing self-parking features that don't require a
person behind the wheel. Within 2017 all new cars on the road will have the capability to
connect to cars nearby and internet. Fog computing will be the best option for all internet
connected vehicles why because fog computing gives real time interaction. Cars, access point
and traffic lights will be able to interact with each other and so it makes safe for all. At some
point in time, the connected car will start saving lives by reducing automobile accidents.

Smart Grids: Smart grid is another application where fog computing is been used. Based on
demand for energy, its obtainability and low cost, these smart devices can switch to other
energies like solar and winds. The edge process the data collected by fog collectors and
generate control command to the actuators. The filtered data are consumed locally and the
balance to the higher tiers for visualization, real-time reports and transactional analytics. Fog
supports semi-permanent storage at the highest tier and momentary storage at the lowest tier.

Smart Traffic lights: Fog enables traffic signals to open lanes on sensing flashing lights of
the ambulance. It detects presence of pedestrian and bikers, and measures the distance and
speed of the close by vehicles. Sensor lighting turns on, on indentifying movements and vice-
versa. Smart lights serves as fog devices synchronize to send warning signals to the
approaching vehicles. The interactions between vehicle and access points are enhanced with
WiFi, 3G, road side units and smart traffic lights.

Wireless Sensor and Actuator Networks: Traditional wireless sensor networks fall short in
applications that go beyond sensing and tracking, but require actuators to exert physical
actions like opening, closing or even carrying sensors [2]. In this scenario, actuators serving
as Fog devices can control the measurement process itself, the stability and the oscillatory
behaviors by creating a closed-loop system.

Dept of CSE, JCE, Belagavi Page 13

 FOG COMPUTING

Self Maintaining Train: Another application of fog computing is self maintaining trains. A
train ball-bearing monitoring sensor will sense the changes in the temperature level and any
disorder will automatically alert the train operator and make maintenance according to. Thus
we can avoid major disasters.

Smart Traffic Lights and Connected Vehicles: Video camera that senses an ambulance
flashing lights can automatically change street lights to open lanes for the vehicle to pass
through traffic. Smart street lights interact locally with sensors and detect presence of
pedestrian and bikers, and measure the distance and speed of approaching vehicles.

IoT and Cyber-physical systems (CPSs): Fog computing based systems are becoming an
important class of IoT and CPSs. Based on the traditional information carriers including
Internet and telecommunication network, IoT is a network that can interconnect ordinary
physical objects with identied address. CPSs feature a tight combination of the systems
computational and physical elements. CPSs also coordinate the integration of computer and
information centric physical and engineered systems.

IoT and CPSs promise to transform our world with new relationships between
computer-based control and communication systems, engineered systems and physical
reality. Fog computing in this scenario is built on the concepts of embedded systems in which
software programs and computers are embedded in devices for reasons other than
computation alone. Examples of the devices include toys, cars, medical devices and
machinery. The goal is to integrate the abstractions and precision of software and networking
with the dynamics, uncertainty and noise in the physical environment. Using the emerging
knowledge, principles and methods of CPSs, we will be able to develop new generations of
intelligent medical devices and systems, smart highways, buildings, factories, agricultural
and robotic systems

Dept of CSE, JCE, Belagavi Page 14

 FOG COMPUTING

Chapter 7
CONCLUSION
In this position paper, we present an approach to securing personal and business data
in the Cloud. We propose monitoring data access patterns by profiling user behavior to
determine if and when a malicious insider illegitimately accesses someones documents in a
Cloud service. Decoy documents stored in the Cloud alongside the users real data also serve
as sensors to detect illegitimate access. Once unauthorized data access or exposure is
suspected, and later verified, with challenge questions for instance, we inundate the malicious
insider with bogus information in order to dilute the users real data. Such preventive attacks
that rely on disinformation technology could provide unprecedented levels of security in the
Cloud and in social networks.

Dept of CSE, JCE, Belagavi Page 15

 FOG COMPUTING

REFERENCES

[1] Madsen, Henrik, et al. "Reliability in the utility computing era: Towards reliable Fog
computing." Systems, Signals and Image Processing (IWSSIP), 2013 20th International
Conference on. IEEE, 2013.
[2] Zhu, Jiang,Improving Web Sites Performance Using Edge Servers in Fog Computing
Architecture, Service Oriented System Engineering (SOSE), IEEE. 2013.

[3] Sabahi, F. Cloud computing security threats and responses, In Communication Software
and Networks (ICCSN), 2011 IEEE 3rd International Conference on 2011,pp. 245-249.
[4] Stolfo, Salvatore J., Malek Ben Salem, and Angelos D. Keromytis. "Fog computing:
Mitigating insider data theft attacks in the cloud." Security and Privacy Workshops (SPW),
2012 IEEE Symposium on. IEEE, 2012
[5] Madsen, Henrik, et al. "Reliability in the utility computing era: Towards reliable Fog
computing." Systems, Signals and Image Processing (IWSSIP), 2013 20th International
Conference on. IEEE, 2013
[6] C. Wei, Z. Fadlullah, N. Kato, and I. Stojmenovic, On optimally reducing power loss in
micro-grids with power storage devices, IEEE Journal of Selected Areas in
Communications, 2014 to appear.
[7] Bonomi, Flavio, et al. "Fog computing and its role in the internet of things." Proceedings
of the first edition of the MCC workshop on Mobile cloud computing. ACM, 2012, pp. 13-
16.
[8] Claycomb, W. R., & Nicoll, A. Insider Threats to Cloud Computing: Directions for New
Research Challenges, In Computer Software and Applications Conference (COMPSAC),
IEEE 36th Annual, July, pp. 387-394, 2012
[9] Park, Y., & Stolfo, S. J. Software decoys for insider threat, In Proceedings of the 7th
ACM Symposium on Information, Computer and Communications Security, May, pp. 93-94,
2013

Dept of CSE, JCE, Belagavi Page 16